Hacker News new | past | comments | ask | show | jobs | submit login

For issue #3, it might also be a good idea to have a maxdepth mechanism in gradients that point to other gradients; this would be a defense in depth control vs some error or limitation in your “have I seen this reference before” logic. I’m not familiar with SVG gradients; maybe there is a reason to have reference chains of these 1000 links long, but I’d bet that if you ever encounter this in the wild then it’s an attack or a fuzzer.



Btw in the anti malware space I saw this type of structure abuse all the time and I never saw a legitimate case more than 5 units deep.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: