[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: potrace

Hugo Lefeuvre <hle@debian.org> writes:

> Would it help to add a check after the malloc call, that would make sure
> that malloc-ed memory is really available ?
> Something like:
> bm->map = (potrace_word *) malloc(size);
> if (!bm->map || malloc_usable_size(bm->map) != size) {
>     free(bm);
>     return NULL;
> }

I am not really familiar with this malloc_usable_size function. However
I suspect it isn't going to help. Simply because Linux by default -
AFAIK this is still the case - I am not keeping up to date with Linux
memory management - overcommits memory, and I suspect these calls could
both still succeed.

Which in turn could trigger the OOM killer (does this still exist?), and
there is no guarantee it will kill the correct process. I guess that
could be a security issue.

> I feel like fixing this issue is going to be very time consuming and I'm
> not sure whether it's worth taking so much time for this (previously
> no-dsa triaged) issue. :)

I tend to think the only solution is to prescan the file and check that
the file size matches the declared value. Which is probably more time
then I am prepared to spend on what I consider a minor issue.
Brian May <bam@debian.org>

Reply to: