Re: "Local variables" denial-of-service attack

emacs-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: "Local variables" denial-of-service attack

From:	Stefan Monnier
Subject:	Re: "Local variables" denial-of-service attack
Date:	Fri, 09 Jan 2009 12:07:48 -0500
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/23.0.60 (gnu/linux)

>    Local Variab*les:
>    byte-compile-warnings: #1=("circular" "object" . #1#)
>    End:

> Visiting such a file will result in Emacs hanging and consuming all
> CPU time. (Normally, aborting with C-g is possible. However, if the
> file is opened with emacsclient there seems to be no way to recover.)

Hmm... that's not good.  It's not the end of the world since it's "only"
a DoS, but we should try and fix it.  I see two ways:
1 - don't allow (in file-local vars and .dir-local.el) the # escapes
    that permit creation of those circular objects.
2 - be more careful about circularities in the
    safe-local-variable predicates.

Nb 1 is easier and will solve it "for all cases", so it's probably
a better choice.  Of course, it also "denies service" to those rare
individuals who used circular data in file-local variables for
non-DoS purposes.  I don't know if there are any on this planet, tho.


        Stefan

[Prev in Thread]

Current Thread

[Next in Thread]

Re: "Local variables" denial-of-service attack, Stefan Monnier <=
- Re: "Local variables" denial-of-service attack, Ulrich Mueller, 2009/01/23

Prev by Date: Re: Recent change in gnus-sum.el is bad for XEmacs
Next by Date: Re: Fraktur
Previous by thread: Fraktur
Next by thread: Re: "Local variables" denial-of-service attack
Index(es):
- Date
- Thread