Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:On unix, use setrlimit() to limit total heap space usage to 1GB on 32-bit systems and 10GB on 64-bit systems, and total stack space to 2MB, as a proactive defense again the "stack clash" vulnerability found on many unix-like OSes. I do not yet know if these limits are reasonable.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256:6e6e4b1d26e187ed5e2bd2aae0c62bf70c587ef8a2fc01dc8563296326621c13
User & Date: drh 2017-06-20 13:35:25
Context
2017-06-21
11:48
Unicode 10 is officially released now. check-in: 14d8d31b user: jan.nijtmans tags: trunk
2017-06-20
13:35
On unix, use setrlimit() to limit total heap space usage to 1GB on 32-bit systems and 10GB on 64-bit systems, and total stack space to 2MB, as a proactive defense again the "stack clash" vulnerability found on many unix-like OSes. I do not yet know if these limits are reasonable. check-in: 6e6e4b1d user: drh tags: trunk
2017-06-19
01:55
Make sure the /uv webpage returns a sensible error if the unversioned table does not exist. check-in: a49ef378 user: drh tags: trunk
Changes

Changes to src/main.c.

551
552
553
554
555
556
557










558
559
560
561
562
563
564
#endif
int main(int argc, char **argv)
#endif
{
  const char *zCmdName = "unknown";
  const CmdOrPage *pCmd = 0;
  int rc;










  if( sqlite3_libversion_number()<3014000 ){
    fossil_fatal("Unsuitable SQLite version %s, must be at least 3.14.0",
                 sqlite3_libversion());
  }
  sqlite3_config(SQLITE_CONFIG_MULTITHREAD);
  sqlite3_config(SQLITE_CONFIG_LOG, fossil_sqlite_log, 0);
  memset(&g, 0, sizeof(g));







>
>
>
>
>
>
>
>
>
>







551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
#endif
int main(int argc, char **argv)
#endif
{
  const char *zCmdName = "unknown";
  const CmdOrPage *pCmd = 0;
  int rc;

  /* Limit the total amount of heap and stack space available to 
  ** Fossil as a defense against "stack clash" attacks.  64-bit systems
  ** have much larger limits than 32-bit systems. */
  if( sizeof(pCmd)==4 ){
    fossil_limit_memory( 1000000000, 2000000); /* 32-bit systems */
  }else{
    fossil_limit_memory(10000000000, 2000000); /* 64-bit systems */
  }

  if( sqlite3_libversion_number()<3014000 ){
    fossil_fatal("Unsuitable SQLite version %s, must be at least 3.14.0",
                 sqlite3_libversion());
  }
  sqlite3_config(SQLITE_CONFIG_MULTITHREAD);
  sqlite3_config(SQLITE_CONFIG_LOG, fossil_sqlite_log, 0);
  memset(&g, 0, sizeof(g));

Changes to src/util.c.

445
446
447
448
449
450
451


























  }else{
    sqlite3_open("",&db);
  }
  sqlite3_file_control(db, 0, SQLITE_FCNTL_TEMPFILENAME, (void*)&zTFile);
  if( g.db==0 ) sqlite3_close(db);
  return zTFile;
}

































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
  }else{
    sqlite3_open("",&db);
  }
  sqlite3_file_control(db, 0, SQLITE_FCNTL_TEMPFILENAME, (void*)&zTFile);
  if( g.db==0 ) sqlite3_close(db);
  return zTFile;
}

/*
** Limit the total amount of memory available to Fossil
*/
void fossil_limit_memory(sqlite3_int64 nHeap, sqlite3_int64 nStack){
#if defined(__unix__)
  struct rlimit x;

#if defined(RLIMIT_DATA)
  getrlimit(RLIMIT_DATA, &x);
  if( sizeof(x.rlim_cur)<8 && nHeap>0x7fffffff ){
    nHeap = 0x7fffffff;
  }
  x.rlim_cur = (rlim_t)nHeap;
  setrlimit(RLIMIT_DATA, &x);
#endif /* defined(RLIMIT_DATA) */
#if defined(RLIMIT_STACK)
  getrlimit(RLIMIT_STACK, &x);
  if( sizeof(x.rlim_cur)<8 && nStack>0x7fffffff ){
    nStack = 0x7fffffff;
  }
  x.rlim_cur = (rlim_t)nStack;
  setrlimit(RLIMIT_STACK, &x);
#endif /* defined(RLIMIT_STACK) */
#endif /* defined(__unix__) */
}