Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 7 Aug 2017 08:04:30 -0500 (CDT)
From: Bob Friesenhahn <>
Subject: Re: Cve issue discussion

On Mon, 7 Aug 2017, Glenn Randers-Pehrson wrote:

> It's not causing a crash, just a delay.  You'll safely get either an OOM
> message or an EOF message.and no memory leak.

On some systems, the memory is not returned from the running process 
to the OS so this results in continued high memory usage.  Allocations 
done using mmap() may be returned to the OS.

For a device like a printer a 2GB allocation might be rejected 
outright, but a smaller allocation might be accepted.

Bob Friesenhahn,
GraphicsMagick Maintainer,

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.