https://blog.qife122.com/tags/%E9%80%92%E5%BD%92%E6%BC%8F%E6%B4%9E/ Recent content in 递归漏洞 on 办公AI智能小助手 Hugo zh-cn qife Fri, 09 Jan 2026 23:56:55 +0800 https://blog.qife122.com/p/cve-2025-67899uriparser%E5%BA%93%E4%B8%AD%E7%9A%84%E6%9C%AA%E5%8F%97%E6%8E%A7%E9%80%92%E5%BD%92%E6%BC%8F%E6%B4%9E%E6%B7%B1%E5%BA%A6%E5%89%96%E6%9E%90/ Fri, 09 Jan 2026 23:56:55 +0800 https://blog.qife122.com/p/cve-2025-67899uriparser%E5%BA%93%E4%B8%AD%E7%9A%84%E6%9C%AA%E5%8F%97%E6%8E%A7%E9%80%92%E5%BD%92%E6%BC%8F%E6%B4%9E%E6%B7%B1%E5%BA%A6%E5%89%96%E6%9E%90/ <p><strong>CVE-2025-67899：CWE-674 uriparser项目uriparser中的未受控递归</strong></p> <p><strong>严重性：低</strong> <strong>类型：漏洞</strong> <strong>CVE：CVE-2025-67899</strong></p> https://blog.qife122.com/p/%E8%AD%A6%E6%83%95%E9%80%92%E5%BD%92%E5%A4%84%E7%90%86%E4%B8%8D%E5%8F%AF%E4%BF%A1%E8%BE%93%E5%85%A5%E5%BC%95%E5%8F%91%E7%9A%84%E5%AE%89%E5%85%A8%E6%BC%8F%E6%B4%9E/ Fri, 12 Sep 2025 22:03:05 +0800 https://blog.qife122.com/p/%E8%AD%A6%E6%83%95%E9%80%92%E5%BD%92%E5%A4%84%E7%90%86%E4%B8%8D%E5%8F%AF%E4%BF%A1%E8%BE%93%E5%85%A5%E5%BC%95%E5%8F%91%E7%9A%84%E5%AE%89%E5%85%A8%E6%BC%8F%E6%B4%9E/ <h1 id="不要对不可信输入进行递归处理---trail-of-bits博客">不要对不可信输入进行递归处理 - Trail of Bits博客</h1> <p>Alexis Challande, Brad Swain<br> 2025年2月21日<br> recursion, vulnerability-disclosure, java</p> <h2 id="目录">目录</h2> <ul> <li>递归的危害性</li> <li>Protobuf Java案例研究</li> <li>保护你的代码</li> <li>了解更多</li> </ul> <p>单个恶意请求就能使使用递归函数处理不可信用户输入的Web应用程序崩溃。我们开发了一个简单的CodeQL查询来帮助发现堆栈溢出问题，并用它在多个知名Java项目中发现了拒绝服务（DoS）漏洞。所有这些项目都由具有健全开发实践的安全意识组织维护：</p> https://blog.qife122.com/p/%E8%AD%A6%E6%83%95%E9%80%92%E5%BD%92%E5%A4%84%E7%90%86%E4%B8%8D%E5%8F%AF%E4%BF%A1%E8%BE%93%E5%85%A5%E4%BB%8Eprotobuf%E6%BC%8F%E6%B4%9E%E7%9C%8B%E6%A0%88%E6%BA%A2%E5%87%BA%E9%A3%8E%E9%99%A9/ Thu, 11 Sep 2025 21:02:26 +0800 https://blog.qife122.com/p/%E8%AD%A6%E6%83%95%E9%80%92%E5%BD%92%E5%A4%84%E7%90%86%E4%B8%8D%E5%8F%AF%E4%BF%A1%E8%BE%93%E5%85%A5%E4%BB%8Eprotobuf%E6%BC%8F%E6%B4%9E%E7%9C%8B%E6%A0%88%E6%BA%A2%E5%87%BA%E9%A3%8E%E9%99%A9/ <h1 id="递归处理不可信输入的危害与防护">递归处理不可信输入的危害与防护</h1> <p>单个恶意请求即可摧毁使用递归函数处理不可信用户输入的Web应用。我们开发了简易CodeQL查询来辅助发现栈溢出问题，并借此在多个知名Java项目中发现了拒绝服务（DoS）漏洞。这些项目均由安全意识强、开发实践健全的组织维护：</p> https://blog.qife122.com/p/%E8%AD%A6%E6%83%95%E9%80%92%E5%BD%92%E5%A4%84%E7%90%86%E4%B8%8D%E5%8F%AF%E4%BF%A1%E8%BE%93%E5%85%A5%E5%BC%95%E5%8F%91%E7%9A%84%E5%AE%89%E5%85%A8%E6%BC%8F%E6%B4%9E/ Tue, 09 Sep 2025 06:28:52 +0800 https://blog.qife122.com/p/%E8%AD%A6%E6%83%95%E9%80%92%E5%BD%92%E5%A4%84%E7%90%86%E4%B8%8D%E5%8F%AF%E4%BF%A1%E8%BE%93%E5%85%A5%E5%BC%95%E5%8F%91%E7%9A%84%E5%AE%89%E5%85%A8%E6%BC%8F%E6%B4%9E/ <h1 id="不要对不可信输入进行递归处理---trail-of-bits博客">不要对不可信输入进行递归处理 - Trail of Bits博客</h1> <p>Alexis Challande, Brad Swain<br> 2025年2月21日<br> recursion, vulnerability-disclosure, java</p> <h2 id="页面内容">页面内容</h2> <ul> <li>递归的危害性</li> <li>Protobuf Java案例研究</li> <li>保护你的代码</li> <li>了解更多</li> </ul> <p>单个恶意请求就能让使用递归函数处理不可信用户输入的Web应用崩溃。我们开发了一个简单的CodeQL查询来协助发现栈溢出问题，并用它在多个知名Java项目中发现了拒绝服务（DoS）漏洞。所有这些项目都由具有安全意识、采用健全开发实践的组织维护：</p> https://blog.qife122.com/p/%E8%AD%A6%E6%83%95%E9%80%92%E5%BD%92%E5%A4%84%E7%90%86%E4%B8%8D%E5%8F%AF%E4%BF%A1%E8%BE%93%E5%85%A5%E4%BB%8Eprotobuf%E6%BC%8F%E6%B4%9E%E7%9C%8B%E6%A0%88%E6%BA%A2%E5%87%BA%E6%94%BB%E5%87%BB/ Sun, 07 Sep 2025 20:56:59 +0800 https://blog.qife122.com/p/%E8%AD%A6%E6%83%95%E9%80%92%E5%BD%92%E5%A4%84%E7%90%86%E4%B8%8D%E5%8F%AF%E4%BF%A1%E8%BE%93%E5%85%A5%E4%BB%8Eprotobuf%E6%BC%8F%E6%B4%9E%E7%9C%8B%E6%A0%88%E6%BA%A2%E5%87%BA%E6%94%BB%E5%87%BB/ <h1 id="不要对不可信输入使用递归---trail-of-bits博客">不要对不可信输入使用递归 - Trail of Bits博客</h1> <p><strong>Alexis Challande, Brad Swain</strong><br> 2025年2月21日<br> 递归, 漏洞披露, Java</p> <h2 id="页面内容">页面内容</h2> <ul> <li><a href="https://blog.qife122.com/p/%E8%AD%A6%E6%83%95%E9%80%92%E5%BD%92%E5%A4%84%E7%90%86%E4%B8%8D%E5%8F%AF%E4%BF%A1%E8%BE%93%E5%85%A5%E4%BB%8Eprotobuf%E6%BC%8F%E6%B4%9E%E7%9C%8B%E6%A0%88%E6%BA%A2%E5%87%BA%E6%94%BB%E5%87%BB/#%e9%80%92%e5%bd%92%e7%9a%84%e5%8d%b1%e5%ae%b3%e6%80%a7">递归的危害性</a></li> <li><a href="https://blog.qife122.com/p/%E8%AD%A6%E6%83%95%E9%80%92%E5%BD%92%E5%A4%84%E7%90%86%E4%B8%8D%E5%8F%AF%E4%BF%A1%E8%BE%93%E5%85%A5%E4%BB%8Eprotobuf%E6%BC%8F%E6%B4%9E%E7%9C%8B%E6%A0%88%E6%BA%A2%E5%87%BA%E6%94%BB%E5%87%BB/#protobuf-java%e6%a1%88%e4%be%8b%e7%a0%94%e7%a9%b6">Protobuf Java案例研究</a></li> <li><a href="https://blog.qife122.com/p/%E8%AD%A6%E6%83%95%E9%80%92%E5%BD%92%E5%A4%84%E7%90%86%E4%B8%8D%E5%8F%AF%E4%BF%A1%E8%BE%93%E5%85%A5%E4%BB%8Eprotobuf%E6%BC%8F%E6%B4%9E%E7%9C%8B%E6%A0%88%E6%BA%A2%E5%87%BA%E6%94%BB%E5%87%BB/#%e4%bf%9d%e6%8a%a4%e4%bd%a0%e7%9a%84%e4%bb%a3%e7%a0%81">保护你的代码</a></li> <li><a href="https://blog.qife122.com/p/%E8%AD%A6%E6%83%95%E9%80%92%E5%BD%92%E5%A4%84%E7%90%86%E4%B8%8D%E5%8F%AF%E4%BF%A1%E8%BE%93%E5%85%A5%E4%BB%8Eprotobuf%E6%BC%8F%E6%B4%9E%E7%9C%8B%E6%A0%88%E6%BA%A2%E5%87%BA%E6%94%BB%E5%87%BB/#%e4%ba%86%e8%a7%a3%e6%9b%b4%e5%a4%9a">了解更多</a></li> </ul> <p>单个恶意请求就能让使用递归函数处理不可信用户输入的Web应用崩溃。我们开发了一个简单的CodeQL查询来帮助发现栈溢出问题，并用它在多个知名Java项目中发现了拒绝服务（DoS）漏洞。所有这些项目都由具有安全意识、采用健全开发实践的组织维护：</p> https://blog.qife122.com/p/%E8%AD%A6%E6%83%95%E9%80%92%E5%BD%92%E5%A4%84%E7%90%86%E4%B8%8D%E5%8F%AF%E4%BF%A1%E8%BE%93%E5%85%A5%E5%BC%95%E5%8F%91%E7%9A%84%E5%AE%89%E5%85%A8%E9%A3%8E%E9%99%A9/ Sun, 07 Sep 2025 13:14:23 +0800 https://blog.qife122.com/p/%E8%AD%A6%E6%83%95%E9%80%92%E5%BD%92%E5%A4%84%E7%90%86%E4%B8%8D%E5%8F%AF%E4%BF%A1%E8%BE%93%E5%85%A5%E5%BC%95%E5%8F%91%E7%9A%84%E5%AE%89%E5%85%A8%E9%A3%8E%E9%99%A9/ <h1 id="不要对不可信输入进行递归处理---trail-of-bits博客">不要对不可信输入进行递归处理 - Trail of Bits博客</h1> <h2 id="递归的危害性">递归的危害性</h2> <p>递归可以优雅、简单且实用，通常是处理嵌套结构的首选方法，无论是遍历树结构、访问图中的节点，还是解析JSON等嵌套结构。</p> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span><span class="lnt">4 </span><span class="lnt">5 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-java" data-lang="java"><span class="line"><span class="cl"><span class="kd">public</span><span class="w"> </span><span class="kt">int</span><span class="w"> </span><span class="nf">fibonacci</span><span class="p">(</span><span class="kt">int</span><span class="w"> </span><span class="n">n</span><span class="p">)</span><span class="w"> </span><span class="p">{</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="k">if</span><span class="p">(</span><span class="n">n</span><span class="w"> </span><span class="o">==</span><span class="w"> </span><span class="n">0</span><span class="p">)</span><span class="w"> </span><span class="k">return</span><span class="w"> </span><span class="n">0</span><span class="p">;</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="k">else</span><span class="w"> </span><span class="k">if</span><span class="p">(</span><span class="n">n</span><span class="w"> </span><span class="o">==</span><span class="w"> </span><span class="n">1</span><span class="p">)</span><span class="w"> </span><span class="k">return</span><span class="w"> </span><span class="n">1</span><span class="p">;</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="k">else</span><span class="w"> </span><span class="k">return</span><span class="w"> </span><span class="n">fibonacci</span><span class="p">(</span><span class="n">n</span><span class="w"> </span><span class="o">-</span><span class="w"> </span><span class="n">1</span><span class="p">)</span><span class="w"> </span><span class="o">+</span><span class="w"> </span><span class="n">fibonacci</span><span class="p">(</span><span class="n">n</span><span class="w"> </span><span class="o">-</span><span class="w"> </span><span class="n">2</span><span class="p">);</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="p">}</span><span class="w"> </span></span></span></code></pre></td></tr></table> </div> </div><p><em>图1：来自Stack Overflow的递归Fibonacci函数</em></p>