Potential DOS via huge tails file PUT ?

[jcourt562]

I am logging this for someone to double check. I don't see any limit on the writing of the temporary tails file PRIOR to checking the hash on the ledger. My expectation is that it could be possible to send a continuous stream that would eventually exceed all storage available and cause service failure. The code I am concerned about is in tails_server/web.py :

while True:
                chunk = await field.read_chunk(CHUNK_SIZE)
                if not chunk:
                    break
                sha256.update(chunk)
                tmp_file.write(chunk)

A revocation registry is created with a number of entries specified so is there any possibility that the ledger can be used to pre-calculate a max/expect length from information retrieved when the tails_hash is ?

Happy to be wrong on this but thought I should pose the question from code review.

[swcurran]

Sorry for the delay in responding. Agree this is a problem and as mentioned #33 this is because this repository requires some improvements to make it production ready. This would definitely fit into that category.

[jcourt562]

I am adding some team stories locally to see if we can spend some time on these in Q3.