binary_to_term and Leaking Atoms
Jayson Vantuyl
kagato@REDACTED
Fri Oct 2 06:42:54 CEST 2009
I'm working on a network protocol. The easy way to do it is just use
term_to_binary and binary_to_term. There is one problem, though.
I don't necessarily trust the sender of these binaries. It seems that
decoding them should be relatively safe, except for the potential for
someone to leak atoms by creating a large number of atoms until I run
out of memory. I presume this sort of thing is the reason that
binary_to_existing_atom (and list_to_existing_atom) were created.
A few questions:
1. Is there any facility to "safely" decode binaries?
2. If not, is it likely that there will be one added? Perhaps
binary_to_term/2 (with a "existing_atoms_only" option)?
3. Are there any other dangers I should be aware of when using
binary_to_term? For example, despite the fact that I don't intend to
use them anywhere, are there any reasons to fear decoding fun's?
Bonus question:
Are binaries checksummed internally or when stored with dets?
Thanks,
--
Jayson Vantuyl
kagato@REDACTED
More information about the erlang-questions
mailing list