diff options
author | Erlang/OTP <[email protected]> | 2010-01-12 08:26:57 +0000 |
---|---|---|
committer | Erlang/OTP <[email protected]> | 2010-01-12 08:26:57 +0000 |
commit | 453190792047060494519183d185462ac1e2729a (patch) | |
tree | d1a12eaabd3edb665e17c33767f48c093af058a4 /erts/doc/src | |
parent | 988f4e0a1b1d22fa3ec525287c4620a97c6c0db4 (diff) | |
parent | be22f534f3954ff1762b055868ae2497232121ff (diff) | |
download | otp-453190792047060494519183d185462ac1e2729a.tar.gz otp-453190792047060494519183d185462ac1e2729a.tar.bz2 otp-453190792047060494519183d185462ac1e2729a.zip |
Merge branch 'jv/binary_to_term-opts' into ccase/r13b04_dev
* jv/binary_to_term-opts:
document ErtsExternalDist flags and CON_ID mask
add options to binary_to_term
OTP-8367 There is new erlang:binary_to_binary/2 BIF that takes an option
list. The option safe can be used to prevent creation of
resources that are not garbage collected (such as atoms). (Thanks
to Jayson Vantuyl.)
Diffstat (limited to 'erts/doc/src')
-rw-r--r-- | erts/doc/src/erlang.xml | 52 |
1 files changed, 47 insertions, 5 deletions
diff --git a/erts/doc/src/erlang.xml b/erts/doc/src/erlang.xml index 871fc0fd63..4a401156d1 100644 --- a/erts/doc/src/erlang.xml +++ b/erts/doc/src/erlang.xml @@ -4,7 +4,7 @@ <erlref> <header> <copyright> - <year>1996</year><year>2009</year> + <year>1996</year><year>2010</year> <holder>Ericsson AB. All Rights Reserved.</holder> </copyright> <legalnotice> @@ -13,12 +13,12 @@ compliance with the License. You should have received a copy of the Erlang Public License along with this software. If not, it can be retrieved online at http://www.erlang.org/. - + Software distributed under the License is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License for the specific language governing rights and limitations under the License. - + </legalnotice> <title>erlang</title> @@ -342,8 +342,50 @@ iolist() = [char() | binary() | iolist()] <desc> <p>Returns an Erlang term which is the result of decoding the binary object <c>Binary</c>, which must be encoded - according to the Erlang external term format. See also - <seealso marker="#term_to_binary/1">term_to_binary/1</seealso>.</p> + according to the Erlang external term format.</p> + <warning> + <p>When decoding binaries from untrusted sources, consider using + <c>binary_to_term/2</c> to prevent denial of service attacks.</p> + </warning> + <p>See also + <seealso marker="#term_to_binary/1">term_to_binary/1</seealso> + and + <seealso marker="#binary_to_term/2">binary_to_term/2</seealso>.</p> + </desc> + </func> + <func> + <name>erlang:binary_to_term(Binary, Opts) -> term()</name> + <fsummary>Decode an Erlang external term format binary</fsummary> + <type> + <v>Opts = [safe]</v> + <v>Binary = ext_binary()</v> + </type> + <desc> + <p>As <c>binary_to_term/1</c>, but takes options that affect decoding + of the binary.</p> + <taglist> + <tag><c>safe</c></tag> + <item> + <p>Use this option when receiving binaries from an untrusted + source.</p> + <p>When enabled, it prevents decoding data that may be used to + attack the Erlang system. In the event of receiving unsafe + data, decoding fails with a badarg error.</p> + <p>Currently, this prevents creation of new atoms directly, + creation of new atoms indirectly (as they are embedded in + certain structures like pids, refs, funs, etc.), and creation of + new external function references. None of those resources are + currently garbage collected, so unchecked creation of them can + exhaust available memory.</p> + </item> + </taglist> + <p>Failure: <c>badarg</c> if <c>safe</c> is specified and unsafe data + is decoded.</p> + <p>See also + <seealso marker="#term_to_binary/1">term_to_binary/1</seealso>, + <seealso marker="#binary_to_term/1">binary_to_term/1</seealso>, + and <seealso marker="#list_to_existing_atom/1"> + list_to_existing_atom/1</seealso>.</p> </desc> </func> <func> |