lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]


On Tue, Jan 03, 2012 at 07:26:03AM -0800, Mark Hamburg wrote:
> On Jan 3, 2012, at 6:21 AM, Javier Guerra Giraldez wrote:
> 
> > On Mon, Jan 2, 2012 at 10:49 PM, Mark Hamburg <mark@grubmah.com> wrote:
> >> Presumably the malicious data isn't going to survive a GC.
> > 
> > in the original paper, the danger is in hashtables with keys from the
> > network.  they would totally survive a GC.
> 
> How? I'm assuming they are delivered as part of the HTTP header. Presumably most web servers wouldn't need to keep around the results of parsing headers from previous requests.
> 

The paper describes but one simple attack in a whole class of attacks called
Computational Complexity Attacks. Devising a solution to address one single
instance doesn't make any sense.

Tables are *the* data structure in Lua, and these sorts of attacks apply to
_any_ network generated data stored in shared tables.

Persistance is a red herring because it relative to context. Persistance
means one thing with HTTP headers, another with HTTP session cookies, and
yet another with XYZ protocol.