From: Bill Kelly <billk@...>
Date: 2011-06-02T12:17:01+09:00
Subject: [ruby-core:36686] Re: [Ruby 1.9 - Feature #4801][Open] Shorthand Hash Syntax for Strings


Clifford Heath wrote:
>  ... the problem
> Cezary is talking about is where code that creates Symbols dynamically  
> from Strings, that can create a potentially unbounded number of Symbols,  
> none of which can be GC'd.

Agreed.

If a concrete example would help, my objects are receiving
RPC messages from untrusted clients, and I check for valid
messages by Hash lookup.

Ideally the Hash keys would be Symbols, but if I then
convert the untrusted messages to Symbols to perform the
Hash lookup, I've opened my server to a memory leak DoS
exploit.

(On a related note, the RPC protocol supports all Ruby
data types including Symbol, and the untrusted message names
actually *arrive* at the protocol level as Symbols; but by
default, any Symbols are deserialized as Strings when they
reach the remote, because of the same DoS potential.)


Regards,

Bill