Interesting link, just skimmed it and haven't had a chance to watch the video.
> Length fields automatically make the grammar context sensitive which is much harder to secure according to langsec.
Is this accurate given a finite length field? I can imagine a DFA that recognizes the language of a single byte length prefix followed by strings of 1 to 255 characters, just that the node that consumes the length field will have 255 branches to sub-DFAs that recognize 1, 2, ..., 255 character strings.
That's the tricky bit with the formal language hierarchy: it collapses when you add restrictions to finite quantities. For example, a context-free language with productions limited to a finite recursion depth is a regular language.
> Length fields automatically make the grammar context sensitive which is much harder to secure according to langsec.
Is this accurate given a finite length field? I can imagine a DFA that recognizes the language of a single byte length prefix followed by strings of 1 to 255 characters, just that the node that consumes the length field will have 255 branches to sub-DFAs that recognize 1, 2, ..., 255 character strings.