[erlang-questions] how: Removing atoms from the atom table
Juan Jose Comellas
juanjo@REDACTED
Wed Nov 14 23:42:00 CET 2007
In my current project I'm finding that using atoms for certain IDs in the
system is very comfortable, but they introduce a potential security problem.
Right now, we receive some messages from (possibly hostile) external sources
with fields that we store internally as atoms. The problem is that to check
whether the fields in the message are valid we must convert them to atoms,
and by doing this we consume entries from the global atom table even if the
values of the fields were bogus. Thus, this mechanism could be used to
exploit the system and exhaust the atom supply.
My question is the following: would it be possible to add a BIF to
explicitly remove an atom from the global atom table?
Thanks.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20071114/014c34cd/attachment.htm>
More information about the erlang-questions
mailing list