Taint and memory usage

[xhoster]

Taint seems to nearly double the amount of memory my program takes. I
haven't see this side effect discussed in perldoc perlsec. This is
inconvenient, as sometimes I just don't have that much memory to spare.
Does anyone know of a work around for this (or of some more detailed
discussion about why it occurs).

This is under various subversions of 5.8, both 32 and 64 bit, for Linux.


$ perl taint_mem.pl
6768

$ perl -T taint_mem.pl
11884



$ cat taint_mem.pl
use strict;
use warnings;

{
## This step is not needed to show effect. if foo already
## exists you can skip it.
open my $fh, ">foo" or die $!;
foreach (1..10000) { print $fh join (",", ("asdadssdf")x10), "\n"};
close $fh;
}


my @x;
open my $fh, "<foo" or die $!;
while (<$fh>) {
push @x, [split /,/];
};

$ENV{PATH}="/bin";
warn +(`ps -p $$ -o rss `)[1];

Thanks,

Xho

 

[anno4000]

Taint seems to nearly double the amount of memory my program takes. I
haven't see this side effect discussed in perldoc perlsec. This is
inconvenient, as sometimes I just don't have that much memory to spare.
Does anyone know of a work around for this (or of some more detailed
discussion about why it occurs).

This is under various subversions of 5.8, both 32 and 64 bit, for Linux.

I don't know the answer, but I'd ask that question on p5p. You'd
probably get a very qualified reply.

[snip code]

Anno

 

[Klaus]

Taint seems to nearly double the amount of memory my program takes. I
haven't see this side effect discussed in perldoc perlsec. This is
inconvenient, as sometimes I just don't have that much memory to spare.
Does anyone know of a work around for this (or of some more detailed
discussion about why it occurs).

This is under various subversions of 5.8, both 32 and 64 bit, for Linux.


$ perl taint_mem.pl
6768

$ perl -T taint_mem.pl
11884



$ cat taint_mem.pl
use strict;
use warnings;

{
## This step is not needed to show effect. if foo already
## exists you can skip it.
open my $fh, ">foo" or die $!;
foreach (1..10000) { print $fh join (",", ("asdadssdf")x10), "\n"};
close $fh;
}


my @x;
open my $fh, "<foo" or die $!;
while (<$fh>) {
push @x, [split /,/];

I am not an expert on this, but here are my thoughts anyway:

@x contains the string "asdadssdf" 100,000 times. Even without
tainting, each single variable uses 9 bytes plus the "usual" overhead,
I would guess that this "usual" overhead is significantly higher than 9
bytes.

Now, with tainting, each variable incurs an additonal memory penalty to
cater for the taint-checking. Again, I am no expert, but it would not
surprise me if the memory penalty incurred by tainting is roughly
speaking as high as the "usual" memory overhead.

Under those assumptions, what you see as the amount of memory doubling
with taint-checking really is the doubling of overhead.

If you want this "doubling" effect to be less, I would suggest you
significantly increase the size of each and every variable in @x (lets
say each variable in @x should not contain 9, but 1,009 bytes). That
should significantly lessen the ratio of "real" memory vs "overhead"
memory (be it the "usual overhead" or "taint overhead"). Under those
circumstances, I would expect a less dramatic memory increase after
tainting, maybe by only 10%.