Closed boehs closed 11 months ago
but couldn't these limits just be circumvented by creating many large strings close to the limit?
Hhhmmm.... that is true. No single object can be above limits, but technically speaking there are no checks on on the scope.
So technically speaking, you may go above the limit by creating a large number of variables...
This may be a potential DOS venue. I'll look into that.
Is there a way to definitively end execution after x time?
Nope, as not all architectures have timers. You can experiment and set an appropriate operations limit though...
Or you can encapsulate a timer inside the closure passed to on_progress
, then you can set the timer when you detect the start of a run (operations
will be a very small number) and then stop when time is up.
In the latest drop, there is a new limit, settable via Engine::set_max_variables
to control how many variables are allowed in any Scope
. This should catch the attack described above.
Closing for now. Feel free to reopen if you have any more questions.
I see rhai has a strong sandbox.
https://rhai.rs/book/safety/max-operations.html allows some rough runtime length restriction. Is there a way to definitively end execution after x time?
https://rhai.rs/book/safety/max-string-size.html and https://rhai.rs/book/safety/max-array-size.html allow some control over memory runaway (as noted, in effect the limit could be briefly 2x larger than intended because of adding strings) but couldn't these limits just be circumvented by creating many large strings close to the limit?