Re: "Local variables" denial-of-service attack

emacs-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: "Local variables" denial-of-service attack

From:	Ulrich Mueller
Subject:	Re: "Local variables" denial-of-service attack
Date:	Fri, 23 Jan 2009 09:54:18 +0100

>>>>> On Fri, 09 Jan 2009, Stefan Monnier wrote:

>> Local Variab*les:
>> byte-compile-warnings: #1=("circular" "object" . #1#)
>> End:

> Hmm... that's not good.  It's not the end of the world since it's "only"
> a DoS, but we should try and fix it.  I see two ways:
> 1 - don't allow (in file-local vars and .dir-local.el) the # escapes
>     that permit creation of those circular objects.
> 2 - be more careful about circularities in the
>     safe-local-variable predicates.

> Nb 1 is easier and will solve it "for all cases", so it's probably
> a better choice.

But for 1 you would have to communicate to "read1" that it's reading
local variables? It's not obvious to me how one would do this in a
clean way. (I'm not very familiar with that code though).

Whereas for 2, adding a simple check like (nthcdr (safe-length foo) foo)
being nil should be sufficient in most (all?) cases.

Ulrich

[Prev in Thread]

Current Thread

[Next in Thread]

Re: "Local variables" denial-of-service attack, Stefan Monnier, 2009/01/09
- Re: "Local variables" denial-of-service attack, Ulrich Mueller <=

Prev by Date: eldoc hint for dolist is confusing
Next by Date: Re: merging pmail
Previous by thread: Re: "Local variables" denial-of-service attack
Next by thread: x-font-family-list
Index(es):
- Date
- Thread