[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Chicken-hackers] [Chicken-users] [SECURITY] Buffer overrun vulnerab
|
From: |
Mario Domenech Goulart |
|
Subject: |
Re: [Chicken-hackers] [Chicken-users] [SECURITY] Buffer overrun vulnerability in Chicken's scheduler |
|
Date: |
Fri, 29 Jun 2012 14:04:35 -0400 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/23.1.91 (gnu/linux) |
Hi,
On Mon, 11 Jun 2012 19:40:46 +0200 Peter Bex <address@hidden> wrote:
> On Mon, Jun 11, 2012 at 12:33:28PM +0200, Peter Bex wrote:
>> Currently a patch is being developed. In the meanwhile an effective
>> workaround is to limit the maximum number of open descriptors using
>> the Unix "ulimit -n" command.
>
> For those feeling adventurous, please test the attached patch. We are
> currently debating whether it should be applied, but unsure because
> there could be some potential portability problems with it as well as
> the fact that it's a reasonably large change to a core component of
> Chicken which is pretty subtle.
>
> It would be especially useful if people using anything *other* than
> Linux or BSD could report back success or failure.
Do we have reports on the stability of the patch Peter submited
(http://lists.nongnu.org/archive/html/chicken-users/2012-06/txtjStUisJaDm.txt)?
I'd be specially interested in feedback about it on non-Linux platforms.
{www,tests,wiki}.call-cc.org have been running it for 16 days now
without issues.
It would be nice to have this issue fixed in 4.8.0.
Best wishes.
Mario
--
http://parenteses.org/mario
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- Re: [Chicken-hackers] [Chicken-users] [SECURITY] Buffer overrun vulnerability in Chicken's scheduler,
Mario Domenech Goulart <=