bug#26227: grep critical local DoS from userspace

[bloodman]

Hello,

Ah yes. Mea culpa. This, of course, may be a old bins/kernel/distro bug... ;]

address@hidden:~# cat /etc/debian_version
8.7
(upgraded)

address@hidden:~# cat /proc/version
Linux version 3.16.0-4-amd64 (address@hidden) (gcc version 4.8.4 (Debian 
4.8.4-1) ) #1 SMP Debian 3.16.39-1+deb8u2 (2017-03-07)

address@hidden:~# grep -V
grep (GNU grep) 2.20

address@hidden:~# cat /proc/cpuinfo
processor       : 0
vendor_id       : GenuineIntel
cpu family      : 6
model           : 42
model name      : Intel(R) Xeon(R) CPU E31240 @ 3.30GHz
stepping        : 7
microcode       : 0x29
cpu MHz         : 3292.508
cache size      : 8192 KB
[...]

address@hidden:~# free
             total       used       free     shared    buffers     cached
Mem:       8152512    7972816     179696      44868     179012    7212820
-/+ buffers/cache:     580984    7571528
Swap:      7811068      48236    7762832





> tags 26227 moreinfo
> done

> On Thu, Mar 23, 2017 at 12:11 PM,  <address@hidden> wrote:
>> Today I searched some files and... my server goes to hell (crash).
>>
>> replication:
>>
>> 0. log into root or user account (whatever)
>> 1. make a huge empty file (eg. 10 GB of zeros)
>> (my is: -rw-r--r-- 1 root root 10485760000 Feb 28 18:14 testfile.out)
>> 2. grep -Hi "\/tmp\/" * 2>/dev/null
>> 3. crash (probably due to out of memory)

> Thanks for the report, but...
> What version of grep are you using? The latest (grep-3.0) operates
> pretty quickly, and doesn't even use 3MB of RSS:

>   $ dd status=none bs=1M count=10000 of=big < /dev/zero && env time
> grep -l x big
>   3.69user 1.10system 0:04.81elapsed 99%CPU (0avgtext+0avgdata 
> 2388maxresident)k
>   0inputs+0outputs (0major+102minor)pagefaults 0swaps



-- 
Tomasz 'BloodMan' Tomkowiak