GNU bug report logs -
#26227
grep critical local DoS from userspace
Previous Next
Reported by: bloodman <at> gmail.com
Date: Thu, 23 Mar 2017 19:43:01 UTC
Severity: normal
Done: Jim Meyering <jim <at> meyering.net>
Bug is archived. No further changes may be made.
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 26227 in the body.
You can then email your comments to 26227 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
bug-grep <at> gnu.org:
bug#26227; Package
grep.
(Thu, 23 Mar 2017 19:43:02 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
bloodman <at> gmail.com:
New bug report received and forwarded. Copy sent to
bug-grep <at> gnu.org.
(Thu, 23 Mar 2017 19:43:02 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
Hello,
Today I searched some files and... my server goes to hell (crash).
replication:
0. log into root or user account (whatever)
1. make a huge empty file (eg. 10 GB of zeros)
(my is: -rw-r--r-- 1 root root 10485760000 Feb 28 18:14 testfile.out)
2. grep -Hi "\/tmp\/" * 2>/dev/null
3. crash (probably due to out of memory)
... damn...
greetz,
--
Tomasz 'BloodMan' Tomkowiak
Information forwarded
to
bug-grep <at> gnu.org:
bug#26227; Package
grep.
(Thu, 23 Mar 2017 23:42:01 GMT)
Full text and
rfc822 format available.
Message #8 received at 26227 <at> debbugs.gnu.org (full text, mbox):
tags 26227 moreinfo
done
On Thu, Mar 23, 2017 at 12:11 PM, <bloodman <at> gmail.com> wrote:
> Today I searched some files and... my server goes to hell (crash).
>
> replication:
>
> 0. log into root or user account (whatever)
> 1. make a huge empty file (eg. 10 GB of zeros)
> (my is: -rw-r--r-- 1 root root 10485760000 Feb 28 18:14 testfile.out)
> 2. grep -Hi "\/tmp\/" * 2>/dev/null
> 3. crash (probably due to out of memory)
Thanks for the report, but...
What version of grep are you using? The latest (grep-3.0) operates
pretty quickly, and doesn't even use 3MB of RSS:
$ dd status=none bs=1M count=10000 of=big < /dev/zero && env time
grep -l x big
3.69user 1.10system 0:04.81elapsed 99%CPU (0avgtext+0avgdata 2388maxresident)k
0inputs+0outputs (0major+102minor)pagefaults 0swaps
Information forwarded
to
bug-grep <at> gnu.org:
bug#26227; Package
grep.
(Fri, 24 Mar 2017 08:55:02 GMT)
Full text and
rfc822 format available.
Message #11 received at 26227 <at> debbugs.gnu.org (full text, mbox):
Hello,
Ah yes. Mea culpa. This, of course, may be a old bins/kernel/distro bug... ;]
root <at> fal:~# cat /etc/debian_version
8.7
(upgraded)
root <at> fal:~# cat /proc/version
Linux version 3.16.0-4-amd64 (debian-kernel <at> lists.debian.org) (gcc version 4.8.4 (Debian 4.8.4-1) ) #1 SMP Debian 3.16.39-1+deb8u2 (2017-03-07)
root <at> fal:~# grep -V
grep (GNU grep) 2.20
root <at> fal:~# cat /proc/cpuinfo
processor : 0
vendor_id : GenuineIntel
cpu family : 6
model : 42
model name : Intel(R) Xeon(R) CPU E31240 @ 3.30GHz
stepping : 7
microcode : 0x29
cpu MHz : 3292.508
cache size : 8192 KB
[...]
root <at> fal:~# free
total used free shared buffers cached
Mem: 8152512 7972816 179696 44868 179012 7212820
-/+ buffers/cache: 580984 7571528
Swap: 7811068 48236 7762832
> tags 26227 moreinfo
> done
> On Thu, Mar 23, 2017 at 12:11 PM, <bloodman <at> gmail.com> wrote:
>> Today I searched some files and... my server goes to hell (crash).
>>
>> replication:
>>
>> 0. log into root or user account (whatever)
>> 1. make a huge empty file (eg. 10 GB of zeros)
>> (my is: -rw-r--r-- 1 root root 10485760000 Feb 28 18:14 testfile.out)
>> 2. grep -Hi "\/tmp\/" * 2>/dev/null
>> 3. crash (probably due to out of memory)
> Thanks for the report, but...
> What version of grep are you using? The latest (grep-3.0) operates
> pretty quickly, and doesn't even use 3MB of RSS:
> $ dd status=none bs=1M count=10000 of=big < /dev/zero && env time
> grep -l x big
> 3.69user 1.10system 0:04.81elapsed 99%CPU (0avgtext+0avgdata 2388maxresident)k
> 0inputs+0outputs (0major+102minor)pagefaults 0swaps
--
Tomasz 'BloodMan' Tomkowiak
Reply sent
to
Jim Meyering <jim <at> meyering.net>:
You have taken responsibility.
(Sun, 26 Mar 2017 01:10:02 GMT)
Full text and
rfc822 format available.
Notification sent
to
bloodman <at> gmail.com:
bug acknowledged by developer.
(Sun, 26 Mar 2017 01:10:03 GMT)
Full text and
rfc822 format available.
Message #16 received at 26227-done <at> debbugs.gnu.org (full text, mbox):
tags 26227 notabug
thanks
On Fri, Mar 24, 2017 at 12:19 AM, <bloodman <at> gmail.com> wrote:
> Ah yes. Mea culpa. This, of course, may be a old bins/kernel/distro bug... ;]
>
> root <at> fal:~# cat /etc/debian_version
> 8.7
> (upgraded)
>
> root <at> fal:~# cat /proc/version
> Linux version 3.16.0-4-amd64 (debian-kernel <at> lists.debian.org) (gcc version 4.8.4 (Debian 4.8.4-1) ) #1 SMP Debian 3.16.39-1+deb8u2 (2017-03-07)
>
> root <at> fal:~# grep -V
> grep (GNU grep) 2.20
In that case, I'm closing this auto-created issue and tagging it as "notabug".
bug archived.
Request was from
Debbugs Internal Request <help-debbugs <at> gnu.org>
to
internal_control <at> debbugs.gnu.org.
(Sun, 23 Apr 2017 11:24:04 GMT)
Full text and
rfc822 format available.
This bug report was last modified 8 years and 56 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.