Path: csiph.com!optima2.xanadu-bbs.net!xanadu-bbs.net!feeder.erje.net!1.eu.feeder.erje.net!bcyclone03.am1.xlned.com!bcyclone03.am1.xlned.com!newsfeed.xs4all.nl!newsfeed8.news.xs4all.nl!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail
MIME-Version: 1.0
In-Reply-To: <CAB1GNpTdBmPjRMebeb933ig3ofW7sbdj4JrigfZHqorS6VsOsA@mail.gmail.com>
References: <CAD+URuj-4e62-9hvpiLsrBP1M6kXRyZhZ6XyL01gWWnDoShvNg@mail.gmail.com> <CAPTjJmr92j+2DDPsZxynoHyZTTCpc-48cWCVrx_fT3dA0j_Osg@mail.gmail.com> <55A3C366.6060602@rece.vub.ac.be> <mailman.468.1436796350.3674.python-list@python.org> <87fv4r1fre.fsf@jester.gateway.sonic.net> <mailman.481.1436851550.3674.python-list@python.org> <87bnff1eks.fsf@jester.gateway.sonic.net> <mailman.499.1436874241.3674.python-list@python.org> <87d1zunctp.fsf@elektro.pacujo.net> <mailman.503.1436878550.3674.python-list@python.org> <87k2u2eu67.fsf@elektro.pacujo.net> <CAPTjJmqtTRHpNZHByn1pKNSfbsG6X--s2d_G0FopKxDugqpjdA@mail.gmail.com> <55A51662.4090007@rece.vub.ac.be> <mo4a7g$mkg$1@ger.gmane.org> <mailman.531.1436951405.3674.python-list@python.org> <d0o60cF8ubiU1@mid.individual.net> <55A75DE0.1070101@rece.vub.ac.be> <CAPTjJmoWqhZ_P890qug3Zf=VjJOBmO5kOSaX08PDF3FdNyLFNA@mail.gmail.com> <55A7B80B.6090905@rece.vub.ac.be> <CAPTjJmp3mupnenUYYNmvJpNr27zx_CdHQ9m6wkEFi-Lz+Evw9A@mail.gmail.com> <55A7C094.7060604@rece.vub.ac.be> <CAPTjJmozknJAqPvE1W1JZ66u72hNc_R5j5=wo+2JJK30Z5oc6w@mail.gmail.com> <CAB1GNpQw_gu4r3OmnQUtw8AhTWyPY4hpC42145UTPD2qMovYEw@mail.gmail.com> <CAPTjJmrsrcHd0FUHA=D0uqrqxO04_1W=jMaOVzDFWvZ7MyOWfw@mail.gmail.com> <CAB1GNpTcxJTeYXPAheP+EJh5kL5Sx13qSjepJj7B4mJQfYPP8g@mail.gmail.com> <CAPTjJmpSyxEg_KhfvG13gNwezcnbxPV9Zi8+5+v7iLc4XNFLXQ@mail.gmail.com> <CAB1GNpTdBmPjRMebeb933ig3ofW7sbdj4JrigfZHqorS6VsOsA@mail.gmail.com>
Date: Fri, 17 Jul 2015 04:29:42 +1000
Subject: Re: Possibly Pythonic Tail Call Optimization (TCO/TRE)
From: Chris Angelico <rosuav@gmail.com>
Cc: "python-list@python.org" <python-list@python.org>
Content-Type: text/plain; charset=UTF-8
Precedence: list
Newsgroups: comp.lang.python
Message-ID: <mailman.602.1437071389.3674.python-list@python.org>
Lines: 25
NNTP-Posting-Host: 2001:888:2000:d::a6
Xref: csiph.com comp.lang.python:93947

On Fri, Jul 17, 2015 at 4:23 AM, Joonas Liik <liik.joonas@gmail.com> wrote:
> On 16 July 2015 at 20:49, Chris Angelico <rosuav@gmail.com> wrote:
>>
>> This sounds like a denial-of-service attack. If you can state that no
>> reasonable document will ever have more than 100 levels of nesting,
>> then you can equally state that cutting the parser off with a tidy
>> exception if it exceeds 100 levels is safe.
>>
> This particular example does have that kind of smell.. my bad for
> being careless with examples.
>
> what if its not a ddos tho, maybe its just strange data?
>

That's why you're allowed to change the default limit either
direction. If you're guarding against a DOS, you can crank it down; if
you're working with something where 1000 stack entries isn't
unreasonable, you can crank it up. I honestly don't know what you'd
want to do if 5000+ stack entries isn't enough, but if you're working
with something *that* deeply nested, you probably know a lot more
about what you're doing than I ever will. Maybe you could recompile
CPython with a bigger stack? Give Jython or PyPy a try? No idea. But
I'm sure it'd be possible somehow.

ChrisA