[erlang-questions] Is binary_to_term() safe for non trusted sources?

ryeguy <>
Wed Mar 25 03:59:07 CET 2009


Is it safe to decode a binary directly into an erlang term from an
uncontrolled client? My instinct says it's unsafe, but it doesn't say
so in the docs (maybe because it's obvious). Is there anyway to really
do harm if what is done with the decoded terms in erlang is controlled?



More information about the erlang-questions mailing list