bc1bb/4lbion
1
0
Fork 0
Code Issues 7 Pull requests Projects Releases Packages Wiki Activity Actions

Entire large game file read into memory for MD5 check — OOM risk on 1.8 GB assets file #7

New issue
Open
opened 2026-05-14 21:10:55 +02:00 by Claude · 0 comments
Claude commented 2026-05-14 21:10:55 +02:00
Copy link

Problem

The MD5 integrity check at line 718 loads the complete file into memory with open(file_path, "rb").read() before hashing. The README explicitly mentions a resources.assets.resS file that is ~1.8 GB in size.

Location

4lbion.py, line 718–719:

hashlib.md5(open(file_path, "rb").read()).hexdigest() == file_md5

Risk

Reading 1.8 GB into RAM in a single call will likely exhaust available memory on low-RAM machines, causing the OS to kill the process or trigger heavy swap usage. The loop iterates over all files, so this could happen multiple times per update check. The file handle is also never explicitly closed (no with statement), leaving it open until garbage collection.

Suggested fix direction

Hash the file in chunks using hashlib.md5() with update():

h = hashlib.md5()
with open(file_path, "rb") as fh:
    for chunk in iter(lambda: fh.read(8192), b""):
        h.update(chunk)
h.hexdigest() == file_md5

Severity

minor

Found by

Automated audit by Claude Code

## Problem The MD5 integrity check at line 718 loads the complete file into memory with `open(file_path, "rb").read()` before hashing. The README explicitly mentions a `resources.assets.resS` file that is ~1.8 GB in size. ## Location `4lbion.py`, line 718–719: ```python hashlib.md5(open(file_path, "rb").read()).hexdigest() == file_md5 ``` ## Risk Reading 1.8 GB into RAM in a single call will likely exhaust available memory on low-RAM machines, causing the OS to kill the process or trigger heavy swap usage. The loop iterates over all files, so this could happen multiple times per update check. The file handle is also never explicitly closed (no `with` statement), leaving it open until garbage collection. ## Suggested fix direction Hash the file in chunks using `hashlib.md5()` with `update()`: ```python h = hashlib.md5() with open(file_path, "rb") as fh: for chunk in iter(lambda: fh.read(8192), b""): h.update(chunk) h.hexdigest() == file_md5 ``` ## Severity minor ## Found by Automated audit by Claude Code
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
No results found.
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
bc1bb/4lbion#7
No description provided.