[The attachment in the message this is a reply to is malformed. Sorry about that.] Unlike gzip and bzip2, LZ77-based compressors can continue to improve their compression ratio quite a bit in some cases by using more memory. For this reason, the .lzma format allows a dictionary size (and thus memory usage) up to 4 GiB, which can present problems for the decompressor, including making a system unresponsive or summoning the dreaded Linux OOM killer. Make sure dpkg does not use more than 100 MiB, nor 40% of available RAM, when decompressing an lzma-compressed package to unpack it or examine its contents. If the lzma command is provided by XZ Utils, also make sure _not_ to set a memory usage limit below 10 MiB. Without this change, dpkg would refuse to install packages compressed with the default lzma settings on memory-starved systems (with less than 20 MiB of physical memory). Add a --memlimit command-line option to allow overriding the memory usage limit in case it is too low. Signed-off-by: Jonathan Nieder <jrnieder@gmail.com> configure.ac | 2 + dpkg-deb/dpkg-deb.h | 3 + dpkg-deb/extract.c | 2 +- dpkg-deb/main.c | 24 ++++++++++ lib/dpkg/Makefile.am | 5 ++ lib/dpkg/compression-backend.c | 100 +++++++++++++++++++++++++++++++++++++++- lib/dpkg/compression-backend.h | 6 ++- lib/dpkg/compression.c | 8 ++- lib/dpkg/dpkg.h | 4 +- man/dpkg-deb.1 | 8 +++ 10 files changed, 153 insertions(+), 9 deletions(-) [Attached.]
Attachment:
0012-dpkg-deb-set-a-memory-usage-limit-for-lzma-d.patch.gz
Description: Binary data