On 6/1/11 10:17 PM, Bill Kelly wrote:
>
> Clifford Heath wrote:
>>   ... the problem
>> Cezary is talking about is where code that creates Symbols dynamically
>> from Strings, that can create a potentially unbounded number of Symbols,
>> none of which can be GC'd.
>
> Agreed.
> Ideally the Hash keys would be Symbols, but if I then
> convert the untrusted messages to Symbols to perform the
> Hash lookup, I've opened my server to a memory leak DoS
> exploit.
>
> (On a related note, the RPC protocol supports all Ruby
> data types including Symbol, and the untrusted message names
> actually *arrive* at the protocol level as Symbols; but by
> default, any Symbols are deserialized as Strings when they
> reach the remote, because of the same DoS potential.)
>

Good point.  However, if the internal symbol table used weak references 
to Symbol objects,
all dynamic Symbols that are not pinned down by code could be garbage 
collected.

I have a weak reference implementation in C here that's portable to MRI 
1.8.7, 1.9 and REE: 
https://github.com/kstephens/ref/tree/master-mri-gc_api based on Brian 
Durand's "ref" gem

Kurt