On Wed, Feb 6, 2013 at 3:43 AM, Student Jr <[email protected]> wrote: > When a symbol is defined, the memory used to store the symbol is > permanently lost. If one is parsing external input, this makes one's > application vulnerable to DOS. > > Secondarily, if while parsing external input, one refuses to make new > symbols blindly, then the symbol list is something over which one has > direct control, and it can be trusted in some situations to speed > processing.
I don't believe this to be such a big deal: if you parse external data and you do not know how many different strings there are of a kind you would not use symbols anyway. Symbols make most sense for a fixed set of values - similarly to an enum. Also, there can also be DOS if external data is parsed and all the Strings are stored somewhere during the import (e.g. as Hash keys) which is quite a common scenario. If there are more Strings than fit into memory the program will crash as well. Kind regards robert -- remember.guy do |as, often| as.you_can - without end http://blog.rubybestpractices.com/ -- [email protected] | https://groups.google.com/d/forum/ruby-talk-google?hl=en --- You received this message because you are subscribed to the Google Groups "ruby-talk-google" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
