A safer File.readln
Shachar Shemesh via Digitalmars-d
digitalmars-d at puremagic.com
Mon Jan 23 03:26:28 PST 2017
On 23/01/17 13:05, Markus Laker wrote:
> On Monday, 23 January 2017 at 10:44:50 UTC, Shachar Shemesh wrote:
>> Of course, if, instead of 50% we increase by less (say, 20%), we could
>> reuse previously used memory even sooner.
>
> Yes, you're right, of course: expansion of strings and other arrays is a
> classic time-versus-space trade-off. However, expanding strings more
> slowly is a much bigger change than I have the D experience or
> credentials to suggest. And I don't think it really solves the problem:
> it just requires the attacker to wait another few seconds for /dev/zero
> to deliver enough data to fill up memory. A simple length-check in
> readln, in contrast, would prevent an attacker from flooding us with
> data in the first place.
>
> Markus
It would mean we consume an order of magnitude of the amount of memory
the "attacker" sends.
There is a huge difference between "I send an unterminated string 2GB
long, and it takes 2GB of memory, causing trouble", and "I send an
unterminated string 2GB long, and it takes 4GB of memory, causing trouble".
The second is a problem. The first might be obvious and/or benign,
depending on the use case.
Shachar
More information about the Digitalmars-d
mailing list