With thread application you may get all system memory for one process.
Excellent DoS for hostings and other application providers.
When you use threads his stack not are restricted from system's quota
and you may get all memory.
Fix: Patch attached with submission follows:
How-To-Repeat: Compile and start program "pt" from PR
example: ./pt 10000
RLIMIT_STACK is more meant as a safety measure against runaway
processes rather than a security system.
The limit you are looking for is:
#define RLIMIT_VMEM 10 /* virtual process size (incl. mmap) */
Given that you can freely move your stack, there is nothing to stop
you relocating your stack pointer to a blob of memory you got from
mmap. Or even the data segment.
And that is what RLIMIT_VMEM aka RLIMIT_AS are for.
Peter Wemm - firstname.lastname@example.org; peter@FreeBSD.org; email@example.com; KI6FJV
"All of this is for nothing if we don't go to the stars" - JMS/B5
"If Java had true garbage collection, most programs would delete
themselves upon execution." -- Robert Sewell
Hmm, you no so right Peter.
Yes I can move esp pointer in any other address, but please
start program and see address of allocated memory for every thread.
All this allocations is made in upper memory called stack.
Try same alloca() in main program thread and you see how
system terminate program if you going over stack limit.
For bugs matching the following criteria:
Status: In Progress Changed: (is less than) 2014-06-01
Reset to default assignee and clear in-progress tags.
Mail being skipped