[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#19565: Emacs vulnerable to endless-data attack (minor)
From: |
Lars Ingebrigtsen |
Subject: |
bug#19565: Emacs vulnerable to endless-data attack (minor) |
Date: |
Mon, 07 Oct 2019 03:51:35 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux) |
Eli Zaretskii <eliz@gnu.org> writes:
>> I think this affects more than just package.el. AFAICT, anywhere we
>> use the url library, an endless data attack can get Emacs to fill up
>> all available memory (wasting also bandwidth resources, of course).
>
> At which point the system will kill the Emacs process. Why is that a
> problem we need to work, given that we already have at least some
> protection against stack overflows and running out of memory?
It's not something we have to do, but it would be nice to have some
protection against this.
>> For example, a new keyword argument :max-size, which would make it
>> stop after having reached that many bytes.
>
> The Gnu Coding Standards frown on having arbitrary limits in a
> program. So this could only work if we had some reasonable way of
> computing a limit that is not arbitrary.
I think it would perhaps make some sense to warn (or query) the user if
you get more data than `large-file-warning-threshold'. I think it would
be pretty trivial to implement -- at least in the new with-fetched-url
interface, which I think is where this pretty theoretical problem is
least theoretical, perhaps?
On the other hand, I could see that in some ways it would be easier to
implement in wait_reading_process_output: We could just maintain a byte
counter in the process objects (if we don't do that already) and have a
callback we call if that counter grows larger than
`large-file-warning-threshold'.
That way Emacs wouldn't be open to flooding from, say, rogue SMTP
servers, either.
--
(domestic pets only, the antidote for overdose, milk.)
bloggy blog: http://lars.ingebrigtsen.no
- bug#19565: Emacs vulnerable to endless-data attack (minor), Stefan Kangas, 2019/10/05
- bug#19565: Emacs vulnerable to endless-data attack (minor), Eli Zaretskii, 2019/10/06
- bug#19565: Emacs vulnerable to endless-data attack (minor),
Lars Ingebrigtsen <=
- bug#19565: Emacs vulnerable to endless-data attack (minor), Stefan Kangas, 2019/10/07
- bug#19565: Emacs vulnerable to endless-data attack (minor), Eli Zaretskii, 2019/10/07
- bug#19565: Emacs vulnerable to endless-data attack (minor), Lars Ingebrigtsen, 2019/10/08
- bug#19565: Emacs vulnerable to endless-data attack (minor), Eli Zaretskii, 2019/10/08
- bug#19565: Emacs vulnerable to endless-data attack (minor), Stefan Kangas, 2019/10/08
- bug#19565: Emacs vulnerable to endless-data attack (minor), Eli Zaretskii, 2019/10/08
- bug#19565: Emacs vulnerable to endless-data attack (minor), Stefan Kangas, 2019/10/08
- bug#19565: Emacs vulnerable to endless-data attack (minor), Eli Zaretskii, 2019/10/08