Ch4 (p101) on receiving messages: {Pid, Msg} "not entirely secure"

6 views
Skip to first unread message

Ivan Uemlianin

unread,
Feb 23, 2010, 5:28:55 AM2/23/10
to Erlang Programming
Dear All

In Chapter 4 (p. 101) in the section on receiving messages, discussing
the go() receive clause ...

4 go() ->
5 Pid = spawn(echo, loop, []),
6 Pid ! {self(), hello},
7 receive
8 {Pid, Msg} ->
9 io:format("~w~n",[Msg])
10 end,
11 Pid ! stop.

... we are told that line 8's matching on a pre-defined Pid "is a good
(but not entirely secure) way" of validating an incoming message.

Please could someone describe briefly why this is not entirely secure
(i.e., what are its vulnerabilities) and what kind of thing one could
do for a more secure method?

Best wishes

Ivan

Hynek Vychodil

unread,
Feb 23, 2010, 6:51:03 AM2/23/10
to erlang-prog...@googlegroups.com
I think it is more about reliability than security. There is all
trusted inside VM. There are some reliability issues in go/0 snippet.
What happen if spawned process unexpectedly died? What if does not
send {Pid, Msg} at all? What if some other process sends {Pid, Msg}?
Look for gen:call/2,3 how to do it really reliably. I will do at
least:

go() ->
     Pid = spawn_link(echo, loop, []),
Ref = make_ref(),
     Pid ! {self(), Ref, hello},
     receive
       {Ref, Msg} ->


         io:format("~w~n",[Msg])

after 1000 ->
erlang:error(timeout)
    end,
    Pid ! stop.

or

go() ->
    {Pid, MRef} = spawn_monitor(echo, loop, []),
Ref = make_ref(),
    Pid ! {self(), Ref, hello},
    receive
       {Ref, Msg} ->
         io:format("~w~n",[Msg]);
{'DOWN',MRef,process,Pid,Reason} ->
erlang:error({unexpected_die, Reason})
after 1000 ->
erlang:error(timeout)
    end,
    Pid ! stop,
erlang:demonitor(MRef, [flush]).

and this is still not enough for proper process handling. Use OTP for it.

> --
> Erlang Programming Website:
> http://www.erlangprogramming.org/
>

--
--Hynek (Pichi) Vychodil

Analyze your data in minutes. Share your insights instantly. Thrill
your boss. Be a data hero!
Try GoodData now for free: www.gooddata.com

Ivan Uemlianin

unread,
Feb 24, 2010, 5:20:29 AM2/24/10
to Erlang Programming
Dear Hynek

Thanks for your comment. It hadn't occurred to me that some other
process could send {Pid, Msg}, but of course I can see it now. I look
forward to learning more about OTP.

Best

Ivan

Reply all
Reply to author
Forward
0 new messages