Prevent Billion Laughs attack

It keeps track of the memory being used when loading the YAML file as well as the depth of nesting. Track exception when YAML is too big
author: Fabio Pitino <fpitino@gitlab.com> 2019-05-20 11:17:27 +0100
committer: Fabio Pitino <fpitino@gitlab.com> 2019-06-07 17:24:08 +0100
commit: bb82c34e7eef05cce18adf0304227daeecec6df9 (patch)
tree: fa67511071f22c86d6acd5f77c48350affdf0ec2 /changelogs
parent: 52b2b32517b3782cd009dc2a209c0eb274ddf3ce (diff)
download: gitlab-ce-bb82c34e7eef05cce18adf0304227daeecec6df9.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/changelogs/unreleased/security-fp-prevent-billion-laughs-attack.yml b/changelogs/unreleased/security-fp-prevent-billion-laughs-attack.yml
new file mode 100644
index 00000000000..4e0cf848931
--- /dev/null
+++ b/changelogs/unreleased/security-fp-prevent-billion-laughs-attack.yml
@@ -0,0 +1,5 @@
+---
+title: Prevent Billion Laughs attack
+merge_request:
+author:
+type: security
author	Fabio Pitino <fpitino@gitlab.com>	2019-05-20 11:17:27 +0100
committer	Fabio Pitino <fpitino@gitlab.com>	2019-06-07 17:24:08 +0100
commit	bb82c34e7eef05cce18adf0304227daeecec6df9 (patch)
tree	fa67511071f22c86d6acd5f77c48350affdf0ec2 /changelogs
parent	52b2b32517b3782cd009dc2a209c0eb274ddf3ce (diff)
download	gitlab-ce-bb82c34e7eef05cce18adf0304227daeecec6df9.tar.gz