Skip to content

security: frontmatter YAML parse exposed to alias-bomb / deep-nest DoS (uncatchable at FFI) #162

Description

@dean0x

Deferred (pre-existing) finding from the PR #161 code review — not introduced by #161.

Problem

deep_merge_yaml bounds merge recursion at MAX_FRONTMATTER_MERGE_DEPTH (64), but the upstream serde_yaml_ng::from_str parse of frontmatter (before the merge, at the parse site in crates/mds-core/src/resolver/frontmatter.rs) and the deep clone() / Drop of nested mappings are not covered by that cap — they are bounded only by MAX_FILE_SIZE (10 MB).

A deeply-nested or alias-bombed adversarial frontmatter document can cause a parse-time stack blow-up. That abort is not catchable by catch_unwind at the JS/Python FFI boundary and can take down the host process.

Proposed fix

Cap YAML nesting depth at parse time (before/at deserialization), surfacing a clean mds:: error instead of aborting.

Notes

Metadata

Metadata

Assignees

No one assigned

    Labels

    rustPull requests that update rust codetech-debtTechnical debt

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions