Hi Tobias,
Unfortunately, even Thread.stop is not fool-proof. For example, if you try this
script, it will
not terminate:
var x = 0;
while (true) {
try {
x++;
} catch (e) {
}
}
The problem in this case is that Thread.stop causes a ThreadDeath to be thrown
inside the
thread. This Error is caught by the catch-statement, ignored and the script
will keep
running.
I don't think there is a way to protect against all kinds of mallicious
scripts. There are
simply too many ways to break a running VM. To be able to run scripts from
untrusted
sources, you will have to run these scripts in some kind of sandbox. You could,
for example,
spawn a new VM with limited resources.
In one of our applications, users are able to write scripts in Groovy, which
are used to
generate reports. We use a very strict class and method whitelist, to prevent
scripts from
breaking out of its environment. We also inject code in all loops to abort a
script when
needed. However, this still does not protect us against things like claiming
large amounts
or memory. Also, a script can still catch the Exception we use to abort it and
continue
running. We simply have to trust our users to not write scripts that would harm
our server.
Therefore, we only allow a select group of users to write scripts and we can
always see
who wrote it.
Best regards,
Emond
On Thursday, January 07, 2016 07:57:36 PM Tobias Soloschenko wrote:
> Hi Emond,
>
> ok the last thing left is the memory consumption. Hope that I am able to
> find a way to make this also save.
>
> Any suggestions here?
>
> kind regards
>
> Tobias
>
> Am 07.01.16 um 15:43 schrieb Emond Papegaaij:
> > Hi Tobias,
> >
> > You have to modify the code with the snippet below. This will wait for
> > termination with a timeout of 1 minute, after which the VM still
> > terminates. However, in a normal webapplication, the VM will not
> > terminate, so threads will stay active until you terminate your entire
> > application.
> >
> > The code to trigger an out-of-memory is:
> >
> > var i = 0, o = {};
> > while(true) {
> >
> > o[i++] = new Array(1000000);
> >
> > }
> >
> > Also, you can try to run the same testcase multiple times in 1 go. After
> > about 100 executions of the script, I suspect your system will start to
> > die on you.
