diff --git a/envoy/extensions/compression/gzip/decompressor/v3/gzip.proto b/envoy/extensions/compression/gzip/decompressor/v3/gzip.proto index 82e50c23..a338f6ee 100644 --- a/envoy/extensions/compression/gzip/decompressor/v3/gzip.proto +++ b/envoy/extensions/compression/gzip/decompressor/v3/gzip.proto @@ -27,4 +27,10 @@ message Gzip { // Value for zlib's decompressor output buffer. If not set, defaults to 4096. // See https://www.zlib.net/manual.html for more details. google.protobuf.UInt32Value chunk_size = 2 [(validate.rules).uint32 = {lte: 65536 gte: 4096}]; + + // An upper bound to the number of times the output buffer is allowed to be bigger than the size of + // the accumulated input. This value is used to prevent decompression bombs. If not set, defaults to 100. + // [#comment:TODO(rojkov): Re-design the Decompressor interface to handle compression bombs gracefully instead of this quick solution. + // See https://github.com/envoyproxy/envoy/commit/d4c39e635603e2f23e1e08ddecf5a5fb5a706338 for details.] + google.protobuf.UInt32Value max_inflate_ratio = 3 [(validate.rules).uint32 = {lte: 1032 gte: 1}]; }