Urabe Shyouhei <shyouhei / ruby-lang.org> wrote:
> (08/02/2011 08:35 AM), Eric Wong wrote:
> > Urabe Shyouhei <shyouhei / ruby-lang.org> wrote:
> >> (08/02/2011 08:14 AM), Eric Wong wrote:
> >>> Urabe Shyouhei <shyouhei / ruby-lang.org> wrote:
> >>>> So when you  do a read loop,  nothing bothers you, as long  as you use
> >>>> readpartial.
> >>>
> >>> That use of select + readpartial is unsafe.
> >>
> >> Unsafe how?  readpatial works even without no data on a buffer.
> > 
> > readpartial will block if there's no data readable, potentially freezing
> > the whole process.
> 
> Yes but that's not catastrophic.  The peer side is sending a data anyway.
> Checksum incorrect packets are dropped but retransmitted sooner or later.
> The process blocks during that retransmission.  That won't last so long.

Malicious clients can take advantage of this to launch a denial-of-service
attack.  Also, networks should never be considered reliable and simple
operations can fail or take a long time.

-- 
Eric Wong