Issue #7795 has been updated by vo.x (Vit Ondruch).


Student (Nathan Zook) wrote:
> #2) to_existing_sym.  This would be defined in the same places as to_sym, but would through an argument error if the symbol did not already exist.

Reading the documentation, it says "Returns the Symbol corresponding to str, creating the symbol if it did not previously exist." So what would this method did different? Or is the documentation wrong?
----------------------------------------
Feature #7795: Symbol.defined? and/or to_existing_symbol
https://bugs.ruby-lang.org/issues/7795#change-36779

Author: Student (Nathan Zook)
Status: Open
Priority: Normal
Assignee: matz (Yukihiro Matsumoto)
Category: core
Target version: next minor


I'm pulling this out from deep in the discussions of issue http://bugs.ruby-lang.org/issues/7791, Let Symbols be Garbage Collected.

The problem is that the extreme utility of symbols makes them enticed to use, which results in a DOS vulnerability.  My proposal is to add either of a pair of methods that would make it easy to defend against a DOS along these lines.

#1) Symbol.defined?

In existing code, it would might like this:
class Symbol
  def self.defined?(string)
   all_symbols.any?{|sym| sym.to_s == string}
  end
end 

#2) to_existing_sym.  This would be defined in the same places as to_sym, but would through an argument error if the symbol did not already exist.



-- 
http://bugs.ruby-lang.org/