ChanServ changed the topic of #crystal-lang to: The Crystal programming language | https://crystal-lang.org | Fund Crystal's development: https://crystal-lang.org/sponsors | GH: https://github.com/crystal-lang/crystal | Docs: https://crystal-lang.org/docs | Gitter: https://gitter.im/crystal-lang/crystal
ur5us has quit [Ping timeout: 252 seconds]
ur5us has joined #crystal-lang
<FromGitter> <mixflame> Amber lives
<FromGitter> <mixflame> I win
<FromGitter> <mixflame> Redis adapter had remote execution issues via insecure crystal-redis
<FromGitter> <mixflame> Exploited embarassingly 4-5 times and warned of by Rizon Staff
<FromGitter> <mixflame> Watch command lines and run time schedulers that are linked to input as always
Flipez2 has joined #crystal-lang
dostoyevsky2 has quit [*.net *.split]
Flipez has quit [*.net *.split]
dostoyev1ky2 has joined #crystal-lang
Flipez2 is now known as Flipez
dom96 has quit [*.net *.split]
markmarkmark has quit [*.net *.split]
markmarkmark has joined #crystal-lang
dom96 has joined #crystal-lang
ur5us has quit [Ping timeout: 258 seconds]
sagax has quit [Remote host closed the connection]
notzmv has quit [Ping timeout: 240 seconds]
sagax has joined #crystal-lang
<FromGitter> <rishavs> Thanks @syeopite
hightower4 has joined #crystal-lang
hightower3 has quit [Ping timeout: 252 seconds]
ur5us has joined #crystal-lang
notzmv has joined #crystal-lang
ur5us has quit [Ping timeout: 240 seconds]
<raz> mixflame: > Redis adapter had remote execution issues via insecure crystal-redis
<raz> is this tracked somewhere? that sounds pretty serious
<raz> (not seeing anything on crystal-redis repo)
Welog- has joined #crystal-lang
Welog has quit [Ping timeout: 252 seconds]
dmgk has quit [Quit: ZNC - https://znc.in]
dmgk has joined #crystal-lang
Welog- has quit [Remote host closed the connection]
Welog has joined #crystal-lang
dostoyev1ky2 has quit [Quit: leaving]
dostoyevsky2 has joined #crystal-lang
<FromGitter> <iamtesty:matrix.org> I AM TESTYYYYYY
<FromGitter> <rishavs> umm hi?
<FromGitter> <RespiteSage> @iamtesty:matrix.org Are you an enthusiastic human or a bot?
<FromGitter> <mixflame> raz: No. Untracked. I had to work it out myself.
<FromGitter> <mixflame> It's resolved in mixflame/crystal-redis
<FromGitter> <mixflame> I didn't do a PR yet for crystal-redis
<FromGitter> <mixflame> the code is pushed and required by my custom/accepted Amber fork
<FromGitter> <mixflame> They were exploiting my site after heavy mods, I wrote the extension of the amber redis websocket multichannel adapter
<FromGitter> <mixflame> the original adapter was very limited
<raz> what kind of remote execution is it? arbitrary redis commands or even arbitrary code altogether?
<hightower4> what's the underlying issue? that exceptions in redis shards got returned as values, or?
<hightower4> s/shards/calls/
<FromGitter> <jfontan:matrix.org> I've created a command from my parallel find experiment. Works similar to `find -regex`. It lists 2 million files (after cache is warm and redirecting to `/dev/null`) in around 1 second.
<FromGitter> <jfontan:matrix.org> https://github.com/jfontan/parallel-find
<FromGitter> <Blacksmoke16> fwiw `Crystal::System::*` isn't a public API, might be better off just using `Dir`
<FromGitter> <Blacksmoke16> as it's API will be stable
<FromGitter> <jfontan:matrix.org> using Dir the speed is not as good, it issues stat commands to all the files and dirs
<FromGitter> <Blacksmoke16> unless you mean the looping part of it?
ur5us has joined #crystal-lang
krobin has quit [Ping timeout: 240 seconds]
<FromGitter> <jfontan:matrix.org> well, now that I look again is that with Dir I only get file names and I need a stat call to check if it's a dir or a file
<FromGitter> <jfontan:matrix.org> I'll check again in case I can retrieve the dirent with it
<FromGitter> <Blacksmoke16> mm yea, doesn't look like it :/
<FromGitter> <Blacksmoke16> all the iterators seems to yield `String`
krobin has joined #crystal-lang
elf_fortrez has joined #crystal-lang
<FromGitter> <stellarpower> > Memory is allocated by the GC, we use boehm. You can do `LibC.malloc` and `LibC.free` if you want, but there's no support for custom allocators (Crystal is not a low-level language) ⏎ ⏎ @asterite @yxhuvud Sorry, I completely forgot about sending this message in the morning. The context was the potential for an IPC shard, so was curious if an entire Crystal object and its subobjects could ever be
<FromGitter> ... allocated into a custom region of memory, that being a shared segment of memory mapped into the process' address space. If the GC manages all this typically, then would that be the way in, is there meant to be a level of decoupling from the language and the point anything is allocated before calling initialize? I was thinking of ... [https://gitter.im/crystal-lang/crystal?at=61241500f3449e13a434211d]
elf_fortrez has quit [Quit: Client closed]
elf_fortrez has joined #crystal-lang
elf_fortrez has quit [Quit: Client closed]
elf_fortrezz has joined #crystal-lang
elf_fortrezz has quit [Client Quit]
elf_fortrez has joined #crystal-lang
elf_fortrez has quit [Quit: Client closed]