New experimental query: Java BigDecimal DOS

[tonghuaroot]

Query

Relevant PR: github/codeql#6730

CVE ID(s)

Report

Directly incorporating user input into an BigDecimal Operation Function without validating the input
can facilitate DOS attacks. In these attacks, the server
will consume a lot of computing resources, A typical scenario is that the CPU usage rises to close to 100%.
This issue often occurs in scenarios that require scientific computing, such as e-commerce platforms and electronic payments.

• Are you planning to discuss this vulnerability submission publicly? (Blog Post, social networks, etc). We would love to have you spread the word about the good work you are doing

Result(s)

• shopizer-ecommerce/shopizer

[anticomputer]

@tonghuaroot what is the associated CVE (old or new) for this submission? A CVE-ID is required to submit an All For One bounty query as per: https://securitylab.github.com/bounties/

Create an issue using the all for one template and a detailed report on the class of vulnerabilities your query is intended to find. Pull requests without an accompanying issue cannot be considered. The issue should include details of any vulnerabilities found by your query, as a list of CVEs. To be considered, your query must find at least one CVE that was not previously found by an existing query, in a released version (older releases are also permitted) of an open source project that is actually used (no demo, training, vulnerable on purpose). Submissions without at least one result won't be considered. In case of a new CVE, don't create an issue until the coordinated disclosure process for those vulnerabilities is complete, because the issue will be publicly visible.

[tonghuaroot]

Hi @anticomputer,

Thanks for your response.

I have found some results. I have submitted them to the owner of the corresponding open source software, but I still haven't applied for CVE. I want to know how I can submit this part of information to you?

[tonghuaroot]

I will try to request CVE and then update this issue, Thanks.

[JarLob]

Hi @tonghuaroot,
Is there any update?
Please note, that you may provide any historical CVE that could have been detected with your query. No need to find a new vulnerability.

[tonghuaroot]

Hi @JarLob,

Thanks for your hint, Let me try to find this pattern in historical CVE.

[antonio-morales]

Hi @tonghuaroot,

any update on this?

[ghsecuritylab]

Your submission is now in status Closed.

For information, the evaluation workflow is the following:
Initial triage > Test run > Results analysis > Query review > Final decision > Pay > Closed

[ghsecuritylab]

Your submission is now in status Closed.

For information, the evaluation workflow is the following:
Initial triage > Test run > Results analysis > Query review > Final decision > Pay > Closed