[plt-scheme] Is read safe for untrusted data?

From: Matthew Flatt (mflatt at cs.utah.edu)
Date: Fri Aug 5 08:49:07 EDT 2005

At Fri, 05 Aug 2005 21:01:05 +1000, Jepri wrote:
> I've looked around a bit for an answer to this question but I think at 
> some point I do need to ask the implementors.  Is the (read port) 
> function ok for untrusted data?  Could I  make an internet server where 
> I (read ) straight from the port, and then check the s-expressions I get 
> from read?  I'm worried about unwanted code execution, overflows etc.  
> The documentation implies that it should be ok to do this, but doesn't 
> really say it outright.

With the default read-parameter values, I think the only danger is
excessively long input, such as a 4-GB string. To avoid that danger,
wrap the port with `make-limited-input-port' before reading.

In recent versions with #reader support, setting `read-accept-reader'
to #t would make `read' unsafe for your purposes. But that's why the
default is #f.


Posted on the users mailing list.