K
Krivenok Dmitry
Hello All!
Suppose I use readline subroutine in my server application to read
one
line from a socket.
Obviously, there may be a client, that may write something like this:
my $request = "12345";
while(1)
{
$sock->send($request);
}
In this case readline() never returns, but its internal buffer will
continuously
grow.
Eventually, the internal buffer becomes overfull.
I can't find a way to specify maximum buffer size.
readline's prototype is "readline EXPR".
Thus, it seems to me that there is no way to specify max buffer size
except globally. But how?
And what value should return readline() in this case?
Is it really security hole?
Any comments?
Suppose I use readline subroutine in my server application to read
one
line from a socket.
Obviously, there may be a client, that may write something like this:
my $request = "12345";
while(1)
{
$sock->send($request);
}
In this case readline() never returns, but its internal buffer will
continuously
grow.
Eventually, the internal buffer becomes overfull.
I can't find a way to specify maximum buffer size.
readline's prototype is "readline EXPR".
Thus, it seems to me that there is no way to specify max buffer size
except globally. But how?
And what value should return readline() in this case?
Is it really security hole?
Any comments?