An unusual question...

Chris Angelico rosuav at gmail.com
Mon Apr 18 11:57:00 CEST 2011


On Mon, Apr 18, 2011 at 7:53 PM,  <wisecracker at tesco.net> wrote:
> Talking of nefarious usage...
>
> I wonder what this would do left unchecked on a current machine and current Python install...
>
> ###
>
> global somestring
> somestring = " "
>
> while 1:
>        #print somestring
>        somestring = somestring + " "
>
> ###

It'd take a while, but eventually bomb with MemoryError. If instead
you double the string's length with
"somestring=somestring+somestring", it'll bomb a lot quicker.

I know because I tried it. We have an isolation environment in which
we'll be allowing our clients to provide Python scripts - which means
we have to be sure it'll all be safe.

BTW, the point at which it bombs is defined by ulimit/rlimit, unless
you fiddle with the memory allocator. See previous thread on the
subject. :D

Chris Angelico



More information about the Python-list mailing list