D3845: worker: support more return types in posix worker
indygreg (Gregory Szorc)
phabricator at mercurial-scm.org
Wed Jul 4 14:16:34 EDT 2018
indygreg added a comment.
In https://phab.mercurial-scm.org/D3845#60316, @durin42 wrote:
> It's been recommended to me that we avoid the streaming flavor of
> cbor, so we'd probably just do one-shot messages.
Out of curiosity, could you elaborate?
One of the critiques against CBOR is that naive consumption of streaming data types can lead to resource exhaustion. e.g. by streaming a very large byte string. Of course, resource exhaustion can occur without streaming as well if the sender sends a very large document. Parsers need to deal with resource exhaustion regardless.
Anyway, I don't believe ``cbor2`` prevents the use of the streaming types. Nor does it have support for limiting bytes read. For the latter, we have ``util.cappedreader`` which can expose a minimal wrap of a file object. But it needs work to be used in the context of limiting resource consumption (e.g. it should throw a reasonable error if an overrun is encountered).
REPOSITORY
rHG Mercurial
REVISION DETAIL
https://phab.mercurial-scm.org/D3845
To: hooper, #hg-reviewers
Cc: indygreg, yuja, durin42, mercurial-devel
More information about the Mercurial-devel
mailing list