Comment #7 on issue 669 by [email protected]: Disabling backward
compatibility for some messages only
https://code.google.com/p/protobuf/issues/detail?id=669
If you require a 30MB limit for correct operation, with no optional fields,
and you retain this data, why can't an attacker send 30MB of valid data and
cause you problems that way?
I am really having trouble understanding exactly what you're defending
against. Do you have an example of what a hostile message's structure would
look like and how disabling optional fields would help?
--
You received this message because this project is configured to send all
issue notifications to this address.
You may adjust your notification preferences at:
https://code.google.com/hosting/settings
--
You received this message because you are subscribed to the Google Groups "Protocol
Buffers" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/protobuf.
For more options, visit https://groups.google.com/d/optout.
