[fizgig]

I think this kind of thing was common even a few years ago in DoS'ing mail gateways that uncompressed and scanned various archive formats. Things like really huge files when uncompressed or ridiculously deep nested directory structures.

I think most software these days is immune to such tricks, or at least has tunables to reduce the chance of such tricks causing harm.

[digi_owl]

Zip bombs, a relative of the fork bomb.

https://en.wikipedia.org/wiki/Zip_bomb

The billion laughs XML attack is also lovely in its simplicity.

https://en.wikipedia.org/wiki/Billion_laughs

[Koahku]

I was doing a presentation about various bombs last year and crashed PowerPoint by copy-pasting billion laughs in a slide. Simple but extremely effective.

[digi_owl]

Not sure what is worse: that MS has Powerpoint interpreting randomly pasted XML, or that they do not have handling for excessive memory usage beyond crashing the whole program.

[dingaling]

There was also the trick of infinitely recursive zips that kept decompressing to a copy of themselves.

Zip-bombing was such a problem for our corporate network in the late 1990s that inbound e-mail attachments were deliberately discarded for a while. Chaos ensured.