cpp-httplib Memory Allocation Vulnerability in Chunked Requests Allowing Denial-of-Service

A vulnerability in cpp-httplib, a cross-platform HTTP/HTTPS library for C++11, prior to version 0.22.0, allows for unbounded memory allocation through chunked transfer-encoding requests. This flaw can lead to memory exhaustion and cause the server to crash or become unresponsive. Although version 0.20.1 introduced a line length limit to prevent similar issues, the vulnerability persists in the latest version due to the way chunked requests can be exploited. Additionally, this vulnerability is related to CVE-2025-53629, which involves a similar memory allocation issue in chunked requests without a specified length.

Impact

Exploitation of this vulnerability causes excessive memory consumption, leading to a denial-of-service condition where the server crashes or becomes unresponsive. On multi-tenant systems, this can disrupt other applications by exhausting shared resources.

Reproduction

The vulnerability can be reproduced by sending an HTTP request with 'Transfer-Encoding: chunked' header, followed by an indefinite number of chunks. This can be done using a custom client that sends chunks of data without a final '0' chunk to indicate the end of the transmission. The server will then allocate memory for each chunk received, eventually leading to memory exhaustion.

Remediation

Users are advised to update to cpp-httplib version 0.23.0, which addresses this vulnerability by enforcing a limit on the total length of chunked data that can be received in a single request.