Yes but the idea behind zip bombs that they appear to be very small, when expand... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		mrtksn on Oct 24, 2024 \| parent \| context \| favorite \| on: Ask HN: Website with 6^16 subpages and 80k+ daily ... Yes but the idea behind zip bombs that they appear to be very small, when expanded it can be extremely large. Before attempting to decompress, the POST request may appear something like 20kb and end up being 20gb.

Aeolun on Oct 24, 2024 [–]

I’d have to assume a decent implementation will eventually give up. It’s almost a given those will not be used by people crawling the internet for quick wins though.

bell-cot on Oct 24, 2024 | [–]

> I’d have to assume a decent implementation will ...

Just like all good c code always checks for overflows.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact