On Fri, May 27, 2022 at 03:09:34PM +0200, Omar Polo wrote:
> i'm attaching another version:
>
> - LIB_DEPENDS and WANTLIB fixed (was lacking lz4)
> - plist updated (now that uses lz4 doesn't install the library anymore)
> - uses the commit with the CVE-2018-5786 fix
>
> it still probably needs something to limit the amount of ram it tries to
> allocate, see the other mail by Stuart. I agree with him that this
> should use getrlimit(RLIMIT_DATA) instead of physmem.
>
You didn't need to. Those I had already done in my local copy :-)
I have also shamelessly copied the mechanism sort uses for rising its
RDATA_LIMIT and tests so far look good. Still I have to figure out how
to do the same thing with the stack size.
Also, how portable are setrlimit and getrlimit? Eventually we should get
this patch submitted upstream.
--
OpenPGP Key Fingerprint:
543F EB89 7FDE 8E33 AFF7 E794 E4AB 4807 58F7 6C76
No comments:
Post a Comment