--- Begin Message ---
Subject: |
grep critical local DoS from userspace |
Date: |
Thu, 23 Mar 2017 20:11:58 +0100 |
Hello,
Today I searched some files and... my server goes to hell (crash).
replication:
0. log into root or user account (whatever)
1. make a huge empty file (eg. 10 GB of zeros)
(my is: -rw-r--r-- 1 root root 10485760000 Feb 28 18:14 testfile.out)
2. grep -Hi "\/tmp\/" * 2>/dev/null
3. crash (probably due to out of memory)
... damn...
greetz,
--
Tomasz 'BloodMan' Tomkowiak
--- End Message ---
--- Begin Message ---
Subject: |
Re: bug#26227: grep critical local DoS from userspace |
Date: |
Sat, 25 Mar 2017 18:08:36 -0700 |
tags 26227 notabug
thanks
On Fri, Mar 24, 2017 at 12:19 AM, <address@hidden> wrote:
> Ah yes. Mea culpa. This, of course, may be a old bins/kernel/distro bug... ;]
>
> address@hidden:~# cat /etc/debian_version
> 8.7
> (upgraded)
>
> address@hidden:~# cat /proc/version
> Linux version 3.16.0-4-amd64 (address@hidden) (gcc version 4.8.4 (Debian
> 4.8.4-1) ) #1 SMP Debian 3.16.39-1+deb8u2 (2017-03-07)
>
> address@hidden:~# grep -V
> grep (GNU grep) 2.20
In that case, I'm closing this auto-created issue and tagging it as "notabug".
--- End Message ---