Re: Python from Wise Guy's Viewpoint
From: Alexander Schmolck (a.schmolck_at_gmx.net)
Date: 10/27/03
- Next message: Kenny Tilton: "Re: wxPython and macros (was: Why don't people like lisp?"
- Previous message: Matthew Flatt: "2003 Scheme Workshop - Final Call for Participation"
- In reply to: Pascal Costanza: "Re: Python from Wise Guy's Viewpoint"
- Next in thread: Pascal Costanza: "Re: Python from Wise Guy's Viewpoint"
- Reply: Pascal Costanza: "Re: Python from Wise Guy's Viewpoint"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: 27 Oct 2003 22:54:16 +0000
Pascal Costanza <costanza@web.de> writes:
> Alexander Schmolck wrote:
>
> > Pascal Costanza <costanza@web.de> writes:
> >
> >>>>What's the problem?!?
> >>>
> >>>Maybe something like this?
> >>> (* 10000000000000000000000000000000000000000000000000000000
> >>> 10000000000000000000000000000000000000000000000 etc.)
> >>
> >>I don't get the point.
> > Sorry for being unclear. I was just asking whether something along the
> > lines of your safe eval wouldn't still be vulnerable to a DoS attack.
>
> Welcome to Macintosh Common Lisp Version 5.0!
> ? (defun fac (x)
> (if (= x 0) 1
> (* x (fac (- x 1)))))
> fac
> ? (fac 100000)
> > Error: Stack overflow on control stack.
> > To globally increase stack space,
> > increase *minimum-stack-overflow-size*
> > While executing: "Unknown"
> > Type Command-/ to continue, Command-. to abort.
> > If continued: Continue with a larger stack
> See the Restarts… menu item for further choices.
> 1 >
>
>
> ...now add an exception handler around calls to myeval that handles stack
> overflow, and don't allow the user code access to functions and variables that
> can manipulate these settings. (With an appropriate exception handler, the
> user wouldn't see the error as printed above and wouldn't be able to issue the
> possible restarts.)
>
> I know this doesn't completely answer your question, but it might give you a
> clue about what is possible in modern Common Lisp implementations, and how
> one could approach these things.
I was just nitpicking.
While I'm at it, are you sure this is "how one could approach these things"?
Isn't the stack overflow just due to the function being coded/compiled poorly
(viz. no tail call optimization), if so, given 'properly' implemented
functions, wouldn't the system have already ground to a halt before any
exceptions would be raised unless you either carefully code something to
estimate/prevent computational ressource usage (customized versions of
potentially ressource hungry functions, or eval'ing in a separate, monitored
thread?)?
'as
- Next message: Kenny Tilton: "Re: wxPython and macros (was: Why don't people like lisp?"
- Previous message: Matthew Flatt: "2003 Scheme Workshop - Final Call for Participation"
- In reply to: Pascal Costanza: "Re: Python from Wise Guy's Viewpoint"
- Next in thread: Pascal Costanza: "Re: Python from Wise Guy's Viewpoint"
- Reply: Pascal Costanza: "Re: Python from Wise Guy's Viewpoint"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
