From unknown Sat Jun 21 05:14:22 2025 X-Loop: help-debbugs@gnu.org Subject: bug#26227: grep critical local DoS from userspace Resent-From: bloodman@gmail.com Original-Sender: "Debbugs-submit" Resent-CC: bug-grep@gnu.org Resent-Date: Thu, 23 Mar 2017 19:43:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 26227 X-GNU-PR-Package: grep X-GNU-PR-Keywords: To: 26227@debbugs.gnu.org X-Debbugs-Original-To: bug-grep@gnu.org Reply-To: bloodman@gmail.com Received: via spool by submit@debbugs.gnu.org id=B.149029814931159 (code B ref -1); Thu, 23 Mar 2017 19:43:01 +0000 Received: (at submit) by debbugs.gnu.org; 23 Mar 2017 19:42:29 +0000 Received: from localhost ([127.0.0.1]:41357 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1cr8cv-00086V-G7 for submit@debbugs.gnu.org; Thu, 23 Mar 2017 15:42:29 -0400 Received: from eggs.gnu.org ([208.118.235.92]:59641) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1cr8AK-0007NS-8Q for submit@debbugs.gnu.org; Thu, 23 Mar 2017 15:12:56 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cr8AE-0003YD-Cd for submit@debbugs.gnu.org; Thu, 23 Mar 2017 15:12:51 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=0.8 required=5.0 tests=BAYES_50,FREEMAIL_FROM, T_DKIM_INVALID autolearn=disabled version=3.3.2 Received: from lists.gnu.org ([2001:4830:134:3::11]:54729) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cr8AE-0003Y6-A9 for submit@debbugs.gnu.org; Thu, 23 Mar 2017 15:12:50 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:50604) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cr8AD-0003eY-8U for bug-grep@gnu.org; Thu, 23 Mar 2017 15:12:50 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cr8AA-0003XW-5v for bug-grep@gnu.org; Thu, 23 Mar 2017 15:12:49 -0400 Received: from mail-wm0-x232.google.com ([2a00:1450:400c:c09::232]:37363) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1cr8A9-0003XL-V2 for bug-grep@gnu.org; Thu, 23 Mar 2017 15:12:46 -0400 Received: by mail-wm0-x232.google.com with SMTP id n11so4535499wma.0 for ; Thu, 23 Mar 2017 12:12:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=date:from:reply-to:message-id:to:subject:mime-version :content-transfer-encoding; bh=KfMLQFmnSm7Vul3NIYtcMf37UOetF1RiNphZTh8CpSA=; b=qKZubmgBLrVL+J0ES4WuSLT2PxpX/VZf0ixi/Y/A5f01L/Oj4Fa+hY+e5iooK999On ANSdWXNttifLezpqfDlyzH1VAo3EengdJ3b8+1Q7dQuCbVU7ERLBD+zD719AmekXd/aR geYQG2QjPMxUPmRJnQHxIdL2CwA0deXRs01jrRJyN/2ezeVfLsi1kCFsu0nCQ+b1PQ14 I3w7cqkrfw9ufk3ow5TGbN0+zLmpI5Nz9kcgo/56LvHAwcg1EyQwFnQFHaKrh+XZYPmV fB/0gislPEvbGBO+tBXTq6sNn55BQ790meaBodgqrrD1cJoW9mIYOHOs1jG6GjuHDfQA fJ7w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:reply-to:message-id:to:subject :mime-version:content-transfer-encoding; bh=KfMLQFmnSm7Vul3NIYtcMf37UOetF1RiNphZTh8CpSA=; b=qHmg8dYO5wXUxU4v6+rJEMUPSmmSFfi4dlcTk8pFxnWBE/VYndOyZOblvFqMLWLmp7 7gClAvsYI8IbvegIvSEXKfl6M2Vv5y+UgnvnSk9LdjJItB5DHVlUDpmRk97Dwja3TyQk zmIYEID35HRw6OnJ6CLMDZSLB8kz1Z33kRIhOgHkP2kJAtSm2zcFbBCsIOprd2JUmvLk WGD4bBIymYtySU52ximOpiCf1kbz5FUKENUXmMG3ZRpAN9e3UeK+f7M6UUalIE8UZfbX TiwgDxbiEFgUKd7uWUhvWKlTo1V4LbrUGXC2wU8jsuV7QYCuDTWiB19ArsFdfGQsc/7w 4xVg== X-Gm-Message-State: AFeK/H3PfW2bSS2DnMJBbkVYXvkSMUaF3NUL5EEj4TtjPLpho3SmFioFuKMqcfDnZon0hg== X-Received: by 10.28.136.204 with SMTP id k195mr4234823wmd.99.1490296364542; Thu, 23 Mar 2017 12:12:44 -0700 (PDT) Received: from bm.smtvsat.pl (bm.smtvsat.pl. [80.54.68.2]) by smtp.gmail.com with ESMTPSA id h65sm6995569wrh.32.2017.03.23.12.12.43 for (version=TLS1 cipher=AES128-SHA bits=128/128); Thu, 23 Mar 2017 12:12:43 -0700 (PDT) Date: Thu, 23 Mar 2017 20:11:58 +0100 From: bloodman@gmail.com X-Priority: 3 (Normal) Message-ID: <44203396.20170323201158@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x X-Received-From: 2001:4830:134:3::11 X-Spam-Score: -4.0 (----) X-Mailman-Approved-At: Thu, 23 Mar 2017 15:42:28 -0400 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -4.0 (----) Hello, Today I searched some files and... my server goes to hell (crash). replication: 0. log into root or user account (whatever) 1. make a huge empty file (eg. 10 GB of zeros) (my is: -rw-r--r-- 1 root root 10485760000 Feb 28 18:14 testfile.out) 2. grep -Hi "\/tmp\/" * 2>/dev/null 3. crash (probably due to out of memory) ... damn... greetz, -- Tomasz 'BloodMan' Tomkowiak From unknown Sat Jun 21 05:14:22 2025 X-Loop: help-debbugs@gnu.org Subject: bug#26227: grep critical local DoS from userspace Resent-From: Jim Meyering Original-Sender: "Debbugs-submit" Resent-CC: bug-grep@gnu.org Resent-Date: Thu, 23 Mar 2017 23:42:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 26227 X-GNU-PR-Package: grep X-GNU-PR-Keywords: To: bloodman@gmail.com Cc: 26227@debbugs.gnu.org Received: via spool by 26227-submit@debbugs.gnu.org id=B26227.149031247121120 (code B ref 26227); Thu, 23 Mar 2017 23:42:01 +0000 Received: (at 26227) by debbugs.gnu.org; 23 Mar 2017 23:41:11 +0000 Received: from localhost ([127.0.0.1]:41521 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1crCLu-0005Ua-PK for submit@debbugs.gnu.org; Thu, 23 Mar 2017 19:41:10 -0400 Received: from mail-vk0-f54.google.com ([209.85.213.54]:35655) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1crCLr-0005UH-RD for 26227@debbugs.gnu.org; Thu, 23 Mar 2017 19:41:08 -0400 Received: by mail-vk0-f54.google.com with SMTP id r69so48276061vke.2 for <26227@debbugs.gnu.org>; Thu, 23 Mar 2017 16:41:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=3AVEl08aa4/KPE7poYtOhbKdmJza3itClV2exgyZsv4=; b=Cxyi6igkB+AxAjo76I36DTZdU1JSZtaqz0uPCOR255W8+d6bbDxnsFJJJUmbGtUkPY oHjDQ0SNsAtHDranIaPt7arhXcx4vhDsUMMlscU9BcyhY81p7MSwu21/FK9a9znlxkcC iuHU5LIDB7C7+WwiV1NJG9cGD+KMADGNjITD1kuXn13lTWmkm8gH6oxxy9jKqxQrTlh3 vuH4RR52jDHvGzzLK2T78ro8dDqSBF3zbzkfte18cNVwvMsQX9N2Ut4cXaAM4lGX0OH3 kGRicpQ9SzszV7WQl/ecvnNU32M+w3SovUpF91gg31A31s9t0++JE25MO+hkAm83ZNe9 akww== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=3AVEl08aa4/KPE7poYtOhbKdmJza3itClV2exgyZsv4=; b=jZHN/bz0rFJkpDO2FoXC/cDDbHiJiHc+Ux6TVg+Z5gX6qtayutsJPWM9OtAIOqkQ0w ghbqsCWdHaZsVbjphHbDxBpCS/mT97F+eIrGvXCTlB7f0cmAblKjedNh4lt3OEbbZgnj eH3r4wziDWMDFQGAVbFZSmBL6+N9rsHjwuNlTZZkNzrP6s4bb8ZeQVo/ptGapO0Cw2LE I9m+Ax+4KvnI+sIo5nZMT1S3lzt6lEVT/T5B2CXF+Se1o0FW6nUgyzuptBJA9RCFROo9 fqJS2CAJ2+qQaYAy863UTNNPSAjMk1JX6TVOwdhnE/ALhN6XqRK6lgi+6P9GMM3TBRcZ 4m3A== X-Gm-Message-State: AFeK/H1yjeYYcEiPO5iqVUfZRrdrhdg6W8BajBKqkspk/UJWyqMJEo9A/enyyqQ897sv5pOOkB9tJkQ07F/fjg== X-Received: by 10.176.4.83 with SMTP id 77mr2787526uav.58.1490312462021; Thu, 23 Mar 2017 16:41:02 -0700 (PDT) MIME-Version: 1.0 Received: by 10.159.59.41 with HTTP; Thu, 23 Mar 2017 16:40:41 -0700 (PDT) In-Reply-To: <44203396.20170323201158@gmail.com> References: <44203396.20170323201158@gmail.com> From: Jim Meyering Date: Thu, 23 Mar 2017 16:40:41 -0700 X-Google-Sender-Auth: r2ocbHLNDuHTu3jSFOvhnQ4ztao Message-ID: Content-Type: text/plain; charset=UTF-8 X-Spam-Score: 0.2 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 0.2 (/) tags 26227 moreinfo done On Thu, Mar 23, 2017 at 12:11 PM, wrote: > Today I searched some files and... my server goes to hell (crash). > > replication: > > 0. log into root or user account (whatever) > 1. make a huge empty file (eg. 10 GB of zeros) > (my is: -rw-r--r-- 1 root root 10485760000 Feb 28 18:14 testfile.out) > 2. grep -Hi "\/tmp\/" * 2>/dev/null > 3. crash (probably due to out of memory) Thanks for the report, but... What version of grep are you using? The latest (grep-3.0) operates pretty quickly, and doesn't even use 3MB of RSS: $ dd status=none bs=1M count=10000 of=big < /dev/zero && env time grep -l x big 3.69user 1.10system 0:04.81elapsed 99%CPU (0avgtext+0avgdata 2388maxresident)k 0inputs+0outputs (0major+102minor)pagefaults 0swaps From unknown Sat Jun 21 05:14:22 2025 X-Loop: help-debbugs@gnu.org Subject: bug#26227: grep critical local DoS from userspace Resent-From: bloodman@gmail.com Original-Sender: "Debbugs-submit" Resent-CC: bug-grep@gnu.org Resent-Date: Fri, 24 Mar 2017 08:55:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 26227 X-GNU-PR-Package: grep X-GNU-PR-Keywords: To: Jim Meyering Cc: 26227@debbugs.gnu.org Reply-To: bloodman@gmail.com Received: via spool by 26227-submit@debbugs.gnu.org id=B26227.14903456659213 (code B ref 26227); Fri, 24 Mar 2017 08:55:02 +0000 Received: (at 26227) by debbugs.gnu.org; 24 Mar 2017 08:54:25 +0000 Received: from localhost ([127.0.0.1]:41706 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1crKzI-0002OX-T7 for submit@debbugs.gnu.org; Fri, 24 Mar 2017 04:54:25 -0400 Received: from mail-wr0-f175.google.com ([209.85.128.175]:33239) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1crJWM-0008SR-GV for 26227@debbugs.gnu.org; Fri, 24 Mar 2017 03:20:26 -0400 Received: by mail-wr0-f175.google.com with SMTP id y90so3513363wrb.0 for <26227@debbugs.gnu.org>; Fri, 24 Mar 2017 00:20:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=date:from:reply-to:message-id:to:cc:subject:in-reply-to:references :mime-version:content-transfer-encoding; bh=tE1MIIq21mC8S/nRJMkGNiFoKzGmaXuB4HJ+3u6tLCs=; b=F7Xio82mDJNLO4fNZ7g1re0u8H0un9LbbDsG6IkOJSR3dDYol9OKfAAQyeuQ9AffHt gK2NfGHvZb9Qvknf0AsLS4gGKkyjZnsXNoMyTe2B738mzabuxDrDeUV23pRiTOEWdjSB 2XPmTtLgQkR3G3+G0vMIIllsMBCg+Vr0ZINFOccwL/7QiBmCpj9HeDMWyMDSvSPdYqul XgK0oIl3ws8v6KWsINs1Pik1tTol0f1xVFrAgpBz/QPVzjQ3PCVpmKvoTDuhcZaE7puB C1FIfDMgPqXOnyAft3uaI0FsX9CejUnQcRk/v1udq7880S6gdH3q3wA/TcPJs18RfWIk glyQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:reply-to:message-id:to:cc:subject :in-reply-to:references:mime-version:content-transfer-encoding; bh=tE1MIIq21mC8S/nRJMkGNiFoKzGmaXuB4HJ+3u6tLCs=; b=mOv8qHj3/nUUOjBMlSRyunvroIxiOW4N9leba6sI3/hmdDr1UCKI61veMWbdpas7Ed dnkNUM0dDKvn767ocuFEJLLGaBeZ207DyCuBFtWemICKRqgrp4incokgSPac/zSvYir5 i6OEgw0/VFnEM8pTvAMdRPxQ8eXjUUWk2lq8x0KiEsKa2NhYKIbPke0S64xnj0LKOZMa 1VRon8UBmloG/RN57qmMAfZjCiSNNAKXge8bLrHWJG8dGI6GC+Wv6zNBwgW1hQVXcZ/u bGpN/PGVZ6yvfHg3XLejaafHEUPfen7C1LUoobScQFvocjGYOei3eOvaO7/Gge88A6AG bfzw== X-Gm-Message-State: AFeK/H21twdOfNN15WOTUEC4y1V0kQlxB225N6Gzjnt1+gC3jU5181FdfXmbKPmKcz424A== X-Received: by 10.223.130.183 with SMTP id 52mr4363539wrc.177.1490340020615; Fri, 24 Mar 2017 00:20:20 -0700 (PDT) Received: from bm.smtvsat.pl (bm.smtvsat.pl. [80.54.68.2]) by smtp.gmail.com with ESMTPSA id o2sm1276628wmb.28.2017.03.24.00.20.19 (version=TLS1 cipher=AES128-SHA bits=128/128); Fri, 24 Mar 2017 00:20:20 -0700 (PDT) Date: Fri, 24 Mar 2017 08:19:34 +0100 From: bloodman@gmail.com X-Priority: 3 (Normal) Message-ID: <12310648052.20170324081934@gmail.com> In-Reply-To: References: <44203396.20170323201158@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Spam-Score: -2.8 (--) X-Mailman-Approved-At: Fri, 24 Mar 2017 04:54:23 -0400 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -2.8 (--) Hello, Ah yes. Mea culpa. This, of course, may be a old bins/kernel/distro bug... ;] root@fal:~# cat /etc/debian_version 8.7 (upgraded) root@fal:~# cat /proc/version Linux version 3.16.0-4-amd64 (debian-kernel@lists.debian.org) (gcc version 4.8.4 (Debian 4.8.4-1) ) #1 SMP Debian 3.16.39-1+deb8u2 (2017-03-07) root@fal:~# grep -V grep (GNU grep) 2.20 root@fal:~# cat /proc/cpuinfo processor : 0 vendor_id : GenuineIntel cpu family : 6 model : 42 model name : Intel(R) Xeon(R) CPU E31240 @ 3.30GHz stepping : 7 microcode : 0x29 cpu MHz : 3292.508 cache size : 8192 KB [...] root@fal:~# free total used free shared buffers cached Mem: 8152512 7972816 179696 44868 179012 7212820 -/+ buffers/cache: 580984 7571528 Swap: 7811068 48236 7762832 > tags 26227 moreinfo > done > On Thu, Mar 23, 2017 at 12:11 PM, wrote: >> Today I searched some files and... my server goes to hell (crash). >> >> replication: >> >> 0. log into root or user account (whatever) >> 1. make a huge empty file (eg. 10 GB of zeros) >> (my is: -rw-r--r-- 1 root root 10485760000 Feb 28 18:14 testfile.out) >> 2. grep -Hi "\/tmp\/" * 2>/dev/null >> 3. crash (probably due to out of memory) > Thanks for the report, but... > What version of grep are you using? The latest (grep-3.0) operates > pretty quickly, and doesn't even use 3MB of RSS: > $ dd status=none bs=1M count=10000 of=big < /dev/zero && env time > grep -l x big > 3.69user 1.10system 0:04.81elapsed 99%CPU (0avgtext+0avgdata 2388maxresident)k > 0inputs+0outputs (0major+102minor)pagefaults 0swaps -- Tomasz 'BloodMan' Tomkowiak From unknown Sat Jun 21 05:14:22 2025 MIME-Version: 1.0 X-Mailer: MIME-tools 5.505 (Entity 5.505) X-Loop: help-debbugs@gnu.org From: help-debbugs@gnu.org (GNU bug Tracking System) To: bloodman@gmail.com Subject: bug#26227: closed (Re: bug#26227: grep critical local DoS from userspace) Message-ID: References: <44203396.20170323201158@gmail.com> X-Gnu-PR-Message: they-closed 26227 X-Gnu-PR-Package: grep Reply-To: 26227@debbugs.gnu.org Date: Sun, 26 Mar 2017 01:10:03 +0000 Content-Type: multipart/mixed; boundary="----------=_1490490603-19252-1" This is a multi-part message in MIME format... ------------=_1490490603-19252-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Your bug report #26227: grep critical local DoS from userspace which was filed against the grep package, has been closed. The explanation is attached below, along with your original report. If you require more details, please reply to 26227@debbugs.gnu.org. --=20 26227: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=3D26227 GNU Bug Tracking System Contact help-debbugs@gnu.org with problems ------------=_1490490603-19252-1 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at 26227-done) by debbugs.gnu.org; 26 Mar 2017 01:09:03 +0000 Received: from localhost ([127.0.0.1]:44828 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1crwg3-0004yy-Hb for submit@debbugs.gnu.org; Sat, 25 Mar 2017 21:09:03 -0400 Received: from mail-vk0-f53.google.com ([209.85.213.53]:35146) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1crwg2-0004yU-6o for 26227-done@debbugs.gnu.org; Sat, 25 Mar 2017 21:09:02 -0400 Received: by mail-vk0-f53.google.com with SMTP id r69so21622400vke.2 for <26227-done@debbugs.gnu.org>; Sat, 25 Mar 2017 18:09:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=lBOPWH0ATbb7MGaOft+X9aHJQccpZlMCemzfYEkPmx8=; b=ue00kfs0eVSx0g5nxu6LRvQBoGSofKp19WI7dI0bMtXxRxx1Nl2Z/eUmptmYKE+4/r rzm5+XH9LooUJ7lyWGSOIEtpIBDYPh8jUmm6BZjDjmJS3XxKg69AJfPzjL/6mYP0n1Rv 9kVpS+ttN6nKb9g2WPEQvNZbCyzSagIU137jCMcghTDCZY03OzGpUfMJOFXP0gwejWvB PzE6Czi1J45wXHP2/4IVVw6nVIiXzhSljgZcG7apz2l/B+BLWnd4NdFoMXrDsomtlDOA rfuQcAHaJmawoZD39NhQV8iMV1qmbUWB8lVzzn6uUdTSoycJIaUUCyYoGmmGx6uEIVVI lxug== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=lBOPWH0ATbb7MGaOft+X9aHJQccpZlMCemzfYEkPmx8=; b=F+COsg+2Mu7UAmDchVCATWjGXK5ucC3hkfze/vfLeAoRnpRmcqHB2exmYZ1I0Uet5f +gursM3SjMpIaYPgM+S0+D1l+Mnm5qZlltoXkZb8NyrLGy3YeJDHLG/njKqLxnyvqa5r PFfBvGt2/pfcnJv/xJq2KuI2oesV2D8GLwzTynABt0QH+OljsUy9+SUCuQqG+CS5ac/n omufKyIUMTCD1o2vIpQqV9dzk5OQC+NCNBCktR/+hHb5MWEzEctLZdUKeh/LJna1Cief hFrYz89ZE8py9QorFJIA5FwJebY+6DceigTq9+0ya27FY0qDFdN3PF8bdhJ3dPTpMsxb D7Nw== X-Gm-Message-State: AFeK/H38rRSEBPBJyGgEnrgGI+8fIuRS68r2woNJuzm1AjzAUEWaHGt3l/luUvjFP+5aOXXvp6I0Zxyno4aBaw== X-Received: by 10.31.147.11 with SMTP id v11mr7074107vkd.126.1490490536658; Sat, 25 Mar 2017 18:08:56 -0700 (PDT) MIME-Version: 1.0 Received: by 10.159.59.41 with HTTP; Sat, 25 Mar 2017 18:08:36 -0700 (PDT) In-Reply-To: <12310648052.20170324081934@gmail.com> References: <44203396.20170323201158@gmail.com> <12310648052.20170324081934@gmail.com> From: Jim Meyering Date: Sat, 25 Mar 2017 18:08:36 -0700 X-Google-Sender-Auth: MjG9xLoVJkg-1FZ7N19BCyDKa0o Message-ID: Subject: Re: bug#26227: grep critical local DoS from userspace To: Tomasz Tomkowiak Content-Type: text/plain; charset=UTF-8 X-Spam-Score: 0.2 (/) X-Debbugs-Envelope-To: 26227-done Cc: 26227-done@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 0.2 (/) tags 26227 notabug thanks On Fri, Mar 24, 2017 at 12:19 AM, wrote: > Ah yes. Mea culpa. This, of course, may be a old bins/kernel/distro bug... ;] > > root@fal:~# cat /etc/debian_version > 8.7 > (upgraded) > > root@fal:~# cat /proc/version > Linux version 3.16.0-4-amd64 (debian-kernel@lists.debian.org) (gcc version 4.8.4 (Debian 4.8.4-1) ) #1 SMP Debian 3.16.39-1+deb8u2 (2017-03-07) > > root@fal:~# grep -V > grep (GNU grep) 2.20 In that case, I'm closing this auto-created issue and tagging it as "notabug". ------------=_1490490603-19252-1 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at submit) by debbugs.gnu.org; 23 Mar 2017 19:42:29 +0000 Received: from localhost ([127.0.0.1]:41357 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1cr8cv-00086V-G7 for submit@debbugs.gnu.org; Thu, 23 Mar 2017 15:42:29 -0400 Received: from eggs.gnu.org ([208.118.235.92]:59641) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1cr8AK-0007NS-8Q for submit@debbugs.gnu.org; Thu, 23 Mar 2017 15:12:56 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cr8AE-0003YD-Cd for submit@debbugs.gnu.org; Thu, 23 Mar 2017 15:12:51 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=0.8 required=5.0 tests=BAYES_50,FREEMAIL_FROM, T_DKIM_INVALID autolearn=disabled version=3.3.2 Received: from lists.gnu.org ([2001:4830:134:3::11]:54729) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cr8AE-0003Y6-A9 for submit@debbugs.gnu.org; Thu, 23 Mar 2017 15:12:50 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:50604) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cr8AD-0003eY-8U for bug-grep@gnu.org; Thu, 23 Mar 2017 15:12:50 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cr8AA-0003XW-5v for bug-grep@gnu.org; Thu, 23 Mar 2017 15:12:49 -0400 Received: from mail-wm0-x232.google.com ([2a00:1450:400c:c09::232]:37363) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1cr8A9-0003XL-V2 for bug-grep@gnu.org; Thu, 23 Mar 2017 15:12:46 -0400 Received: by mail-wm0-x232.google.com with SMTP id n11so4535499wma.0 for ; Thu, 23 Mar 2017 12:12:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=date:from:reply-to:message-id:to:subject:mime-version :content-transfer-encoding; bh=KfMLQFmnSm7Vul3NIYtcMf37UOetF1RiNphZTh8CpSA=; b=qKZubmgBLrVL+J0ES4WuSLT2PxpX/VZf0ixi/Y/A5f01L/Oj4Fa+hY+e5iooK999On ANSdWXNttifLezpqfDlyzH1VAo3EengdJ3b8+1Q7dQuCbVU7ERLBD+zD719AmekXd/aR geYQG2QjPMxUPmRJnQHxIdL2CwA0deXRs01jrRJyN/2ezeVfLsi1kCFsu0nCQ+b1PQ14 I3w7cqkrfw9ufk3ow5TGbN0+zLmpI5Nz9kcgo/56LvHAwcg1EyQwFnQFHaKrh+XZYPmV fB/0gislPEvbGBO+tBXTq6sNn55BQ790meaBodgqrrD1cJoW9mIYOHOs1jG6GjuHDfQA fJ7w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:reply-to:message-id:to:subject :mime-version:content-transfer-encoding; bh=KfMLQFmnSm7Vul3NIYtcMf37UOetF1RiNphZTh8CpSA=; b=qHmg8dYO5wXUxU4v6+rJEMUPSmmSFfi4dlcTk8pFxnWBE/VYndOyZOblvFqMLWLmp7 7gClAvsYI8IbvegIvSEXKfl6M2Vv5y+UgnvnSk9LdjJItB5DHVlUDpmRk97Dwja3TyQk zmIYEID35HRw6OnJ6CLMDZSLB8kz1Z33kRIhOgHkP2kJAtSm2zcFbBCsIOprd2JUmvLk WGD4bBIymYtySU52ximOpiCf1kbz5FUKENUXmMG3ZRpAN9e3UeK+f7M6UUalIE8UZfbX TiwgDxbiEFgUKd7uWUhvWKlTo1V4LbrUGXC2wU8jsuV7QYCuDTWiB19ArsFdfGQsc/7w 4xVg== X-Gm-Message-State: AFeK/H3PfW2bSS2DnMJBbkVYXvkSMUaF3NUL5EEj4TtjPLpho3SmFioFuKMqcfDnZon0hg== X-Received: by 10.28.136.204 with SMTP id k195mr4234823wmd.99.1490296364542; Thu, 23 Mar 2017 12:12:44 -0700 (PDT) Received: from bm.smtvsat.pl (bm.smtvsat.pl. [80.54.68.2]) by smtp.gmail.com with ESMTPSA id h65sm6995569wrh.32.2017.03.23.12.12.43 for (version=TLS1 cipher=AES128-SHA bits=128/128); Thu, 23 Mar 2017 12:12:43 -0700 (PDT) Date: Thu, 23 Mar 2017 20:11:58 +0100 From: bloodman@gmail.com X-Priority: 3 (Normal) Message-ID: <44203396.20170323201158@gmail.com> To: bug-grep@gnu.org Subject: grep critical local DoS from userspace MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x X-Received-From: 2001:4830:134:3::11 X-Spam-Score: -4.0 (----) X-Debbugs-Envelope-To: submit X-Mailman-Approved-At: Thu, 23 Mar 2017 15:42:28 -0400 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: bloodman@gmail.com Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -4.0 (----) Hello, Today I searched some files and... my server goes to hell (crash). replication: 0. log into root or user account (whatever) 1. make a huge empty file (eg. 10 GB of zeros) (my is: -rw-r--r-- 1 root root 10485760000 Feb 28 18:14 testfile.out) 2. grep -Hi "\/tmp\/" * 2>/dev/null 3. crash (probably due to out of memory) ... damn... greetz, -- Tomasz 'BloodMan' Tomkowiak ------------=_1490490603-19252-1--