Skip to content

Bail out of Patterns with too long placeables #395

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Jul 18, 2019
Merged

Bail out of Patterns with too long placeables #395

merged 2 commits into from
Jul 18, 2019

Conversation

stasm
Copy link
Contributor

@stasm stasm commented Jul 17, 2019
edited
Loading

Fix #388.

stasm
stasm commented Jul 17, 2019
View reviewed changes
@stasm stasm requested a review from Pike July 17, 2019 13:48
@Pike
Copy link
Contributor

Pike commented Jul 17, 2019

I wonder if we should throw to bail out of the attack. But that puts us back into the square of having to try-catch every call? Well, not every, we could do that in formatPattern, and that would only do it for complex patterns.

You had concerns around try-catch and perf?

I'm having second thoughts on this, in particular around question like how this would be implemented with formatToParts where we don't know the length. Or in Rust, where we can't just throw an exception and clean things up at the top-level.

Is this specific implementation practically better than what we have? Maybe it's not worth to tweak the status quo right now, and modify the behavior once we have something spec'ed?

@stasm
Copy link
Contributor Author

stasm commented Jul 17, 2019

You had concerns around try-catch and perf?

Yes, but I'll need to create a benchmark to verify this. I'll report in #364 or #390, or both.

Is this specific implementation practically better than what we have? Maybe it's not worth to tweak the status quo right now, and modify the behavior once we have something spec'ed?

Yes, my rationale for opening this PR was along the same lines. This isn't perfect, but it is better that what we currently do on master.

@stasm stasm changed the title Return FluentNone from Patterns with too long placeables Bail out of Patterns with too long placeables Jul 18, 2019
@stasm
Copy link
Contributor Author

stasm commented Jul 18, 2019

I changed the approach to treating the error as a fatal one, which causes the resolver to instantly bail out of the affected pattern. This provides a much better CPU protection in deeply nested scenarios. I think we could even consider increasing MAX_PLACEABLE_LENGTH, but I left it for another time.

@stasm
Copy link
Contributor Author

stasm commented Jul 18, 2019

Using try...catch has no impact on our benchmarks.

Pike
Pike approved these changes Jul 18, 2019
View reviewed changes
Copy link
Contributor

@Pike Pike left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice.

@stasm stasm merged commit 5bea9d1 into projectfluent:release-fluent-zero-thirteen Jul 18, 2019
@stasm stasm deleted the unskip-bomb branch July 18, 2019 10:17
@stasm
Copy link
Contributor Author

stasm commented Jul 18, 2019

Thanks for the review and the suggestion to bail out in this particular case!

@stasm stasm mentioned this pull request Jul 18, 2019
Closed
Pike added a commit to Pike/python-fluent that referenced this pull request Aug 5, 2019
@Pike
Uplift billion laughs from fluent.js, abort early
35bd61d 
This ports projectfluent/fluent.js#395,
which returns with an empty `FluentNone`, and does so early by
raising an exception.
Pike added a commit to projectfluent/python-fluent that referenced this pull request Aug 5, 2019
@Pike
Uplift tests from fluent and fluent.js
ec43f38 
* Uplift tests for selector expression validation, fixes #122

* Uplift billion laughs from fluent.js, abort early

This ports projectfluent/fluent.js#395,
which returns with an empty `FluentNone`, and does so early by
raising an exception.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Pike Pike Pike approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@stasm @Pike