Date: Thu, 8 Jun 2017 15:57:22 -0500 (CDT) From: Bob Friesenhahn <bfriesen@...ple.dallas.tx.us> To: "oss-security@...ts.openwall.com" <oss-security@...ts.openwall.com> Subject: Re: Is not memory allocation failure a bug? On Thu, 8 Jun 2017, Qhdwns123 wrote: > HI > > I found a memory allocation failure and reported it to the developer. > > But in the process of communicating, they are not bugs. > > Do you have experience similar to me? Memory allocation failures are normal since there are always finite memory resources and requests may be based on the amount of work to be performed. If a memory allocation failure can be unreasonably induced (e.g. a 100 byte input file consumes 100 GB of memory) and the impacted software (or whole system) is expected to remain running continually in order to provide service for many users, then there would be a denial of service opportunity, which could be serious. Bob -- Bob Friesenhahn bfriesen@...ple.dallas.tx.us, http://www.simplesystems.org/users/bfriesen/ GraphicsMagick Maintainer, http://www.GraphicsMagick.org/
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ