# Resource Exhaustion / Denial of Service

- ID: python-resource-exhaustion
- Severity: MEDIUM
- CWE: Resource Exhaustion (CWE-400)
- Languages: Python

## Description

Detects operations that can cause resource exhaustion: unbounded loops on user
input, reading entire large files into memory, recursive operations without
depth limits, or missing timeouts. These can lead to memory exhaustion or CPU
starvation (DoS).

## Remediation

Limit file reads, bound loop iterations, and set timeouts for user-controlled operations.

```python
from flask import Flask, request

app = Flask(__name__)
app.config['MAX_CONTENT_LENGTH'] = 10 * 1024 * 1024  # 10 MB

MAX_ITERATIONS = 1000

@app.route('/upload', methods=['POST'])
def upload():
    content = request.files['file'].read(10 * 1024 * 1024)  # Bounded read
    return process(content)

@app.route('/process')
def process():
    count = min(int(request.args.get('count', 10)), MAX_ITERATIONS)
    return [operation(i) for i in range(count)]
```

Learn more: https://shoulder.dev/learn/python/cwe-400/resource-exhaustion

## Documentation

[object Object]

## Related Rules

- **LLM Denial of Service** [MEDIUM]: 
- **Missing Request Size Limits** [MEDIUM]: 
- **Denial of Service via Resource Exhaustion** [MEDIUM]: 
- **LLM Denial of Service** [MEDIUM]: 
- **Denial of Service via Unbounded Child Processes** [MEDIUM]: