[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Chicken-users] [SECURITY] Buffer overrun vulnerability in Chicken's

From: Peter Bex
Subject: Re: [Chicken-users] [SECURITY] Buffer overrun vulnerability in Chicken's scheduler
Date: Mon, 11 Jun 2012 19:40:46 +0200
User-agent: Mutt/

On Mon, Jun 11, 2012 at 12:33:28PM +0200, Peter Bex wrote:
> Currently a patch is being developed.  In the meanwhile an effective
> workaround is to limit the maximum number of open descriptors using
> the Unix "ulimit -n" command.

For those feeling adventurous, please test the attached patch.  We are
currently debating whether it should be applied, but unsure because
there could be some potential portability problems with it as well as
the fact that it's a reasonably large change to a core component of
Chicken which is pretty subtle.

It would be especially useful if people using anything *other* than
Linux or BSD could report back success or failure.

"The process of preparing programs for a digital computer
 is especially attractive, not only because it can be economically
 and scientifically rewarding, but also because it can be an aesthetic
 experience much like composing poetry or music."
                                                        -- Donald Knuth

Attachment: 0001-Fix-scheduler-so-it-can-handle-file-descriptors-over.patch
Description: Text document

reply via email to

[Prev in Thread] Current Thread [Next in Thread]