Re: fork-bomb like functions

2021-11-20 Thread Thomas Adam 
On Sun, Nov 21, 2021 at 12:51:46AM +0100, Dominik Vogt wrote:
> How about
> 
>  1. MAX_FUNCTION_DEPTH100  (stricter limit)
>  2. MAX_FUNCTION ITEMS   1000  (limit maximum size of functions)
>  3. MAX_CMDS_PER_INVOCATION 1  (max. cmds per top level function 
> invocation)

Sounds sensible to me.  I say, go for it!

Kindly,
Thomas

Re: fork-bomb like functions

2021-11-20 Thread Thomas Adam 
On Sat, Nov 20, 2021 at 04:26:13PM +0100, Dominik Vogt wrote:
> I wonder if we should do something about these kind of functions:
> Theres the definition "MAX_FUNCTION_DEPTH 512" in defaults.h that
> prevents functions from nesting infinitely deep:

Yeah.  How likely is this problem in the real world though?  As in, how many
people have actually done this?  I can't say I've ever had to support a user
who has managed to get into this situation.

Even then, what's wrong in just keeping it as it is?

> I could add an execution counter that limits the total number of
> command lines that can be executed from a single top level
> function call; maybe limit that to 1000.

Maybe, if this is an actual problem...

> Another problem:  It's possible to add items to functions that are
> currently in use.
> 
>   addtofunc foo i bar
>   addtofunc bar i addtofunc foo i bar
>   # hangs:
>   foo

I can maybe foresee this situation arising.  Maybe this is worth fixing?

Kindly,
Thomas

fork-bomb like functions

2021-11-20 Thread Dominik Vogt 
I wonder if we should do something about these kind of functions:
Theres the definition "MAX_FUNCTION_DEPTH 512" in defaults.h that
prevents functions from nesting infinitely deep:

  addtofunc foo i foo
  foo

=> ok

But this is not good:

  addtofunc foo
  + i foo
  + i foo
  h hangs:
  foo

Although functions above the maximum depth abort, it still
executes about 2^512 leaf functions before finally exiting, i.e.
it never completes.

I could add an execution counter that limits the total number of
command lines that can be executed from a single top level
function call; maybe limit that to 1000.

--

Another problem:  It's possible to add items to functions that are
currently in use.

  addtofunc foo i bar
  addtofunc bar i addtofunc foo i bar
  # hangs:
  foo

Not sure if we should just forbid to add items to running
functions.

Ciao

Dominik ^_^  ^_^

--

Dominik Vogt