Security of binary_to_term ?

Pascal Brisset <>
Wed Jun 27 15:34:40 CEST 2001


 > An aside note: If you get the data over TCP, why should it be
 > invalid. TCP ensures the data is non corrupted.... or maybe you
 > are worrying over rouge nodes ??? 

Well this is what security is about, isn't it ? :) Actually I stumbled
on one of those pathological cases, and I was wondering whether it was
just a bug or whether additional checks were required anyway.

$ erl
Erlang (BEAM) emulator version 5.0.2.4 [source]

Eshell V5.0.2.4  (abort with ^G)
1> binary_to_term(<<131,111,255,0,0,0>>).
zsh: 30198 segmentation fault  ./bin/erl

-- Pascal Brisset <> +33141986741 --
----- Cellicium | 73 avenue Carnot | 94230 Cachan | France -----




More information about the erlang-questions mailing list