Security of binary_to_term ?

Arndt Jonasson arndt@REDACTED
Wed Jul 4 14:06:02 CEST 2001


In article <15161.49225.526286.218186@REDACTED>,
Pascal Brisset <pascal.brisset@REDACTED> wrote:
>erlang:binary_to_term/1 generally exits with 'badarg' when applied to
>invalid inputs. Is this behaviour guaranteed ? In other words, is it
>safe to decode untrusted data with binary_to_term ?
>
>The purpose is to send data between untrusted nodes with
>term_to_binary and binary_to_term over TCP, rather than with the
>erlang distribution protocol.

Note that 'binary_to_term' silently accepts garbage lying after the
encoded term:

1> binary_to_term(<<131,104,2,97,1,97,2>>).
{1,2}
2> binary_to_term(<<131,104,2,97,1,97,2,47,11>>).
{1,2}

This has been the case since R6B, and is the intended behaviour.
-- 
Arndt Jonasson
arndt@REDACTED



More information about the erlang-questions mailing list