GNU bug report logs -
#19565
Emacs vulnerable to endless-data attack (minor)
Previous Next
Full log
View this message in rfc822 format
Eli Zaretskii <eliz <at> gnu.org> writes:
> I think this must be in terms of bytes/sec, not just bytes. E.g., I
> have a spell-checker active during my entire Emacs session (which
> could go on for weeks and months on end), and I don't want to get a
> prompt just because the number of bytes that went in that pipe becomes
> above the threshold. We may also need to measure the growth of the
> Emacs memory footprint during that time, because if Emacs reads bytes
> and discards them, it isn't going to be a problem, right?
Yeah, that's true -- a counter wouldn't help at all here.
Would checking the size of the `process-buffer' of the process be more
helpful? It might be a somewhat unnatural thing to do -- Emacs doesn't
give you a warning if you say
(dotimes (i 100000000) (insert (make-string 80 ?a)))
so perhaps that's not a good heuristic, either.
So bytes/sec, as you suggest, may be the best heuristic. But it should
only kick in after having received a large number of bytes, probably.
--
(domestic pets only, the antidote for overdose, milk.)
bloggy blog: http://lars.ingebrigtsen.no
This bug report was last modified 5 years and 252 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.