[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: "Local variables" denial-of-service attack
From: |
Ulrich Mueller |
Subject: |
Re: "Local variables" denial-of-service attack |
Date: |
Fri, 23 Jan 2009 09:54:18 +0100 |
>>>>> On Fri, 09 Jan 2009, Stefan Monnier wrote:
>> Local Variab*les:
>> byte-compile-warnings: #1=("circular" "object" . #1#)
>> End:
> Hmm... that's not good. It's not the end of the world since it's "only"
> a DoS, but we should try and fix it. I see two ways:
> 1 - don't allow (in file-local vars and .dir-local.el) the # escapes
> that permit creation of those circular objects.
> 2 - be more careful about circularities in the
> safe-local-variable predicates.
> Nb 1 is easier and will solve it "for all cases", so it's probably
> a better choice.
But for 1 you would have to communicate to "read1" that it's reading
local variables? It's not obvious to me how one would do this in a
clean way. (I'm not very familiar with that code though).
Whereas for 2, adding a simple check like (nthcdr (safe-length foo) foo)
being nil should be sufficient in most (all?) cases.
Ulrich