GNU bug report logs - #19565
Emacs vulnerable to endless-data attack (minor)

Previous Next

Package: emacs;

Reported by: Kelly Dean <kelly <at> prtime.org>

Date: Sun, 11 Jan 2015 11:14:02 UTC

Severity: normal

Tags: security

Full log

View this message in rfc822 format

From: Eli Zaretskii <eliz <at> gnu.org>
To: Lars Ingebrigtsen <larsi <at> gnus.org>
Cc: stefan <at> marxist.se, 19565 <at> debbugs.gnu.org
Subject: bug#19565: Emacs vulnerable to endless-data attack (minor)
Date: Tue, 08 Oct 2019 19:47:54 +0300

> From: Lars Ingebrigtsen <larsi <at> gnus.org>
> Cc: stefan <at> marxist.se,  19565 <at> debbugs.gnu.org
> Date: Tue, 08 Oct 2019 18:27:15 +0200
> 
> So bytes/sec, as you suggest, may be the best heuristic.  But it should
> only kick in after having received a large number of bytes, probably.

Yes, I agree.  So maybe make it kick in once the process buffer is
large enough?  And even here we will need to consider, say, shell and
term.el buffers, which could grow quite large.
This bug report was last modified 5 years and 252 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.