lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

On Wed, Jan 04, 2012 at 04:16:00PM -0800, Sam Roberts wrote:
> OK, so quoting the report:
>    ruby could be caused to take 6 hours of i7 CPU time to parse a 2 MB
> post request
> That seems ripe for exploit.
> Whereas I rearranged your code to run standalone, and what I'm seeing
> for 8MB of input to lua is it goes from about 2 seconds with random
> data to about 44 seconds with crafted data. And I have an i3 CPU, not
> i7, for what its worth.
> That's not blowing me away.

That's because NotSoRandom can only generate 4489 unique keys, if I'm
reading it correctly.