Sobelow

Sobelow v0.11.0 Sobelow.DOS.BinToAtom View Source

Denial of Service via Unsafe Atom Interpolation

In Elixir, atoms are not garbage collected. As such, if user input is used to create atoms (as in :"foo#{bar}", or in :erlang.binary_to_atom), it may result in memory exhaustion. Prefer the String.to_existing_atom function for untrusted user input.

Atom interpolation checks can be ignored with the following command:

$ mix sobelow -i DOS.BinToAtom

Link to this section Summary

Functions

details()
id()
parse_def(fun)
rule()
run(fun, meta_file)

Link to this section Functions

Link to this function

details() View Source

Link to this function

id() View Source

Link to this function

parse_def(fun) View Source

Link to this function

rule() View Source

Link to this function

run(fun, meta_file) View Source

Keyboard Shortcuts
×
c
Toggle sidebar
n
Toggle night mode
/ or s
Focus search bar
?
Bring up this help dialog