[PATCH v2 0/4] dpkg --memlimit
If an archive declares it needs it, lzma -d will allocate 4 GiB of
memory to decompress it. This shouldn’t be an issue with .deb files
from the Debian archive, but occasionally a person might want to at
least examine the contents of an untrusted package.
If the lzma command is provided by XZ Utils, then "lzma -d" already
limits memory usage, even without this patch. An option to override
the memory limit is essential to unpack archives exceeding the default
memory limit.
I previously sent these patches as part of the xz support series.
They also apply on top of the compression code refactoring just sent.
Thoughts?
Jonathan Nieder (4):
Add tuklib_physmem() from XZ Utils
dpkg-deb: set a memory usage limit for lzma -d
dpkg: change pass_admindir to a bool
dpkg: add --memlimit option, passed to dpkg-deb
configure.ac | 2 +
debian/copyright | 3 +
dpkg-deb/dpkg-deb.h | 3 +
dpkg-deb/extract.c | 2 +-
dpkg-deb/main.c | 24 ++++++
lib/dpkg/Makefile.am | 5 +
lib/dpkg/compression-backend.c | 100 ++++++++++++++++++++++++-
lib/dpkg/compression-backend.h | 6 +-
lib/dpkg/compression.c | 8 +-
lib/dpkg/dpkg.h | 4 +-
lib/tuklib/sysdefs.h | 165 ++++++++++++++++++++++++++++++++++++++++
lib/tuklib/tuklib_common.h | 71 +++++++++++++++++
lib/tuklib/tuklib_config.h | 1 +
lib/tuklib/tuklib_physmem.c | 146 +++++++++++++++++++++++++++++++++++
lib/tuklib/tuklib_physmem.h | 28 +++++++
m4/tuklib_common.m4 | 22 +++++
m4/tuklib_physmem.m4 | 119 +++++++++++++++++++++++++++++
man/dpkg-deb.1 | 8 ++
man/dpkg.1 | 6 ++
src/main.c | 22 +++++-
src/main.h | 1 +
src/processarc.c | 11 +++-
22 files changed, 745 insertions(+), 12 deletions(-)
create mode 100644 lib/tuklib/sysdefs.h
create mode 100644 lib/tuklib/tuklib_common.h
create mode 100644 lib/tuklib/tuklib_config.h
create mode 100644 lib/tuklib/tuklib_physmem.c
create mode 100644 lib/tuklib/tuklib_physmem.h
create mode 100644 m4/tuklib_common.m4
create mode 100644 m4/tuklib_physmem.m4
Reply to: