| ▲ | johncolanduoni 4 hours ago | |
OOM killing in WebAssembly is trivial, since it’s all in a growable linear memory. All the runtimes I’m aware of have a simple maximum memory setting, and they’ll trap any allocation requests after that point. | ||
| ▲ | blmarket 3 hours ago | parent | next [-] | |
Attack is not just on file format itself. Based on the function signature it's possible for a single decoder to generate infinite bytestream - makes a lot of headache to reader implementation - implementing STRLEN is no longer trivial question. Either engines should put some limit (e.g. VARCHAR(2000) to enforce length to be limited to 2000, but there are some other engines supporting unlimited BLOBs), or decoder should give a hint what is the maximum length it will yield. Unfortunately current research level project does not have such considerations implemented yet... | ||
| ▲ | ok123456 3 hours ago | parent | prev | next [-] | |
For images, it makes sense: people dealing with 16k x 16k PNGs are uncommon. Give them an error message that tells them the setting to bump. But what should be the threshold for "big data"? I'm sure it will follow Zipf's Law, but the tail will be fatter. | ||
| ▲ | titzer 4 hours ago | parent | prev [-] | |
And many of them have built-in gas metering, so you can time out the decode if it runs too many instructions. | ||