Date: Mon, 7 Aug 2017 08:04:30 -0500 (CDT) From: Bob Friesenhahn <bfriesen@...ple.dallas.tx.us> To: oss-security@...ts.openwall.com Subject: Re: Cve issue discussion On Mon, 7 Aug 2017, Glenn Randers-Pehrson wrote: > It's not causing a crash, just a delay. You'll safely get either an OOM > message or an EOF message.and no memory leak. On some systems, the memory is not returned from the running process to the OS so this results in continued high memory usage. Allocations done using mmap() may be returned to the OS. For a device like a printer a 2GB allocation might be rejected outright, but a smaller allocation might be accepted. Bob -- Bob Friesenhahn bfriesen@...ple.dallas.tx.us, http://www.simplesystems.org/users/bfriesen/ GraphicsMagick Maintainer, http://www.GraphicsMagick.org/
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ