[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: Re: Interning strings considered harmful (somewhat)
- From: Florian Weimer <fw@...>
- Date: Wed, 04 Nov 2009 17:48:31 +0100
* Matthew P. Del Buono:
> Florian Weimer wrote:
>> * Roberto Ierusalimschy:
>>> Excluding malware, I do not think this situation happens enough to
>>> justify any worry.
>>
>> I know the argument: anybody who wants to take out your web server can
>> just flood it with 5 Gbps of traffic (or more if necessary).
>>
>
> I think you already have an issue if you're being flooded like that
> anyway.
Well, the idea behind that argument is that those attacks are readily
available, so you don't have to guard against anything. I don't
really buy it.
>> Would an uninterned string type introduce too many additional code
>> paths in the VM?
>
> Why make a change to the VM? Why can't you just do it yourself?
Because I'd lose interoperability.
> Following the above logic, we can implement uninterned strings trivially
> as userdata. An __eq metamethod can be provided which passes off
> execution to strcmp (additional work may be neccessary to handle strings
> with zeros). We would use this userdata only for "insecure" strings,
> that is, strings that the remote user can influence. If we need to test
> between interned strings and our userdata, the userdata could provide a
> method through __index that allows for comparison against a string.
If I want to do use some existing code, I need to convert the data to
a real string, which exposes my code to interning. The VM can present
the uninterned string as a regular string to C routines, for instance.
