Garbage collection of remote references

Ludovic Demblans ludovic@REDACTED
Fri Oct 15 12:08:13 CEST 2021


I can read the following in the binary_to_term documentation:

     When decoding binaries from untrusted sources, the untrusted source 
may submit
     data in a way to create resources, such as atoms and remote 
references, that
     cannot be garbage collected and lead to Denial of Service attack. In 
     cases, consider using binary_to_term/2 with the safe option.

I use binary serialized remote references to dispatch messages received 
from an
external source (Kafka) to the right process in the right node.  Those
references are process aliases with the reply option.

Reading the docs, should I understand that each reference will stay 
in memory after being used to send a message?

I am also looking for more docs on that topic, I couldn't find much.

Thank you.

More information about the erlang-questions mailing list