[erlang-questions] how: Removing atoms from the atom table

Raimo Niskanen raimo+erlang-questions@REDACTED
Thu Nov 15 09:06:38 CET 2007


On Wed, Nov 14, 2007 at 07:42:00PM -0300, Juan Jose Comellas wrote:
> In my current project I'm finding that using atoms for certain IDs in the
> system is very comfortable, but they introduce a potential security problem.
> Right now, we receive some messages from (possibly hostile) external sources
> with fields that we store internally as atoms. The problem is that to check
> whether the fields in the message are valid we must convert them to atoms,
> and by doing this we consume entries from the global atom table even if the
> values of the fields were bogus. Thus, this mechanism could be used to
> exploit the system and exhaust the atom supply.
> 
> My question is the following: would it be possible to add a BIF to
> explicitly remove an atom from the global atom table?
> 

Nothing is impossible, but this is very close. The whole emulator
is structures around the fact that atoms can not disappear.
To make this happen atoms would have to be reference counted
and represented quite differently internally, or, 
a global atom garbage collect would have to be implemented,
and it would have to stop all processes while
garbage collecting, or be very complicated and tag
supcious atoms, make several incremental passes, and when
very sure remove the atom. In other words not lightweight
and not efficient (much work and small gain).

But not entirely impossible.

> Thanks.

> _______________________________________________
> erlang-questions mailing list
> erlang-questions@REDACTED
> http://www.erlang.org/mailman/listinfo/erlang-questions

-- 

/ Raimo Niskanen, Erlang/OTP, Ericsson AB



More information about the erlang-questions mailing list