Security: YAML config loader vulnerable to billion laughs attack #110

New issue

Open

opened 2026-05-11 13:50:40 +00:00 by thabeta · 0 comments

thabeta commented

2026-05-11 13:50:40 +00:00

Owner

Severity: Medium

Location

crates/hero_aibroker_lib/src/registry/loader.rs

Finding

serde_yaml by default processes YAML aliases, which can be exploited for denial of service:

yaml\na: &a [1,2,3,4,5,6,7,8,9,10]\nb: &b [*a,*a,*a,*a,*a,*a,*a,*a,*a,*a]\nc: &c [*b,*b,*b,*b,*b,*b,*b,*b,*b,*b]\n# Exponential expansion -> gigabytes of memory\n

Impact

Malicious YAML config can cause OOM during deserialization\n- If configs come from user input or external sources, this is a DoS vector\n- Even local configs could be tampered with by other local users

Recommendation\n- Use `serde_yaml` with alias depth limits\n- Validate config file size before loading\n- Consider using a safer format (TOML) for configs

## Severity: Medium ## Location `crates/hero_aibroker_lib/src/registry/loader.rs` ## Finding `serde_yaml` by default processes YAML aliases, which can be exploited for denial of service: ```yaml\na: &a [1,2,3,4,5,6,7,8,9,10]\nb: &b [*a,*a,*a,*a,*a,*a,*a,*a,*a,*a]\nc: &c [*b,*b,*b,*b,*b,*b,*b,*b,*b,*b]\n# Exponential expansion -> gigabytes of memory\n``` ## Impact - Malicious YAML config can cause OOM during deserialization\n- If configs come from user input or external sources, this is a DoS vector\n- Even local configs could be tampered with by other local users ## Recommendation\n- Use `serde_yaml` with alias depth limits\n- Validate config file size before loading\n- Consider using a safer format (TOML) for configs