Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 8 Jun 2017 15:57:22 -0500 (CDT)
From: Bob Friesenhahn <bfriesen@...ple.dallas.tx.us>
To: "oss-security@...ts.openwall.com" <oss-security@...ts.openwall.com>
Subject: Re: Is not memory allocation failure a bug?

On Thu, 8 Jun 2017, Qhdwns123 wrote:

> HI
>
> I found a memory allocation failure and reported it to the developer.
>
> But in the process of communicating, they are not bugs.
>
> Do you have experience similar to me?

Memory allocation failures are normal since there are always finite 
memory resources and requests may be based on the amount of work to be 
performed.  If a memory allocation failure can be unreasonably induced 
(e.g. a 100 byte input file consumes 100 GB of memory) and the 
impacted software (or whole system) is expected to remain running 
continually in order to provide service for many users, then there 
would be a denial of service opportunity, which could be serious.

Bob
-- 
Bob Friesenhahn
bfriesen@...ple.dallas.tx.us, http://www.simplesystems.org/users/bfriesen/
GraphicsMagick Maintainer,    http://www.GraphicsMagick.org/

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ