Return-Path: Delivered-To: apmail-httpd-dev-archive@www.apache.org Received: (qmail 83726 invoked from network); 3 Sep 2010 22:23:35 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 3 Sep 2010 22:23:35 -0000 Received: (qmail 50119 invoked by uid 500); 3 Sep 2010 22:23:34 -0000 Delivered-To: apmail-httpd-dev-archive@httpd.apache.org Received: (qmail 49959 invoked by uid 500); 3 Sep 2010 22:23:33 -0000 Mailing-List: contact dev-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list dev@httpd.apache.org Received: (qmail 49950 invoked by uid 99); 3 Sep 2010 22:23:33 -0000 Received: from Unknown (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 03 Sep 2010 22:23:33 +0000 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests=FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,SPF_PASS,T_TO_NO_BRKTS_FREEMAIL X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of hyperhacker@gmail.com designates 209.85.214.173 as permitted sender) Received: from [209.85.214.173] (HELO mail-iw0-f173.google.com) (209.85.214.173) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 03 Sep 2010 22:23:10 +0000 Received: by iwn38 with SMTP id 38so2474021iwn.18 for ; Fri, 03 Sep 2010 15:22:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:content-type :content-transfer-encoding; bh=59oq10o6OJBNmwIJW6dFw9vsOUjCkqwtOmjSEeZE384=; b=BVrCmtyhoUaMH8GmHUreegttHoym4xWXfoMzqrQ9cS7zR9yWU6bEHItkcCqCR61EpE v8rvUjfeZsp6o99GHe58unMKg92NZi04ui7mWV1FwYY3I3LY5sOt4QkZyhQ54zH8s5W+ SDvfV98+e7ZnJyzANmxh7M5eki2xy+LNP6Hcw= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; b=kr/dxlU9+wCRIs0nCdaWG9+aWK+ha7D2ZupPNpEIyABUMlDnowcy5sGfwRwDqhhI2w wWA1uiHbMY9RYPz7K0C6yHDenFxVAKDOX6Kb/BIJ+Cws4L3XT+lzGD9FoFEBzavETaJa RopiCBT3Ka7Wf6s8rur7G2TTjOszhQoGTlGks= MIME-Version: 1.0 Received: by 10.231.30.134 with SMTP id u6mr1585754ibc.121.1283552569380; Fri, 03 Sep 2010 15:22:49 -0700 (PDT) Received: by 10.231.127.78 with HTTP; Fri, 3 Sep 2010 15:22:49 -0700 (PDT) In-Reply-To: References: <4C7F1A24.9090905@rowe-clan.net> <4C7FF9E2.1070006@rowe-clan.net> <6DBB8A57-7BA4-4F75-9371-2FB618108E3C@sharp.fm> <6114AB6A-C35C-4419-A732-9EAED8E534BF@sharp.fm> Date: Fri, 3 Sep 2010 16:22:49 -0600 Message-ID: Subject: Re: rational behind not checking the return value of apr_palloc and apr_pcalloc From: HyperHacker To: dev@httpd.apache.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Virus-Checked: Checked by ClamAV on apache.org On Fri, Sep 3, 2010 at 13:24, dave b wrote: >> "first the attacker has to find =A0a way to reduce system memory to an >> almost oom condition" >> Say, by attacking several httpd threads and/or unrelated processes to >> get them to eat up memory. >> >> -- >> Sent from my toaster. >> > > If you know something why not share it ;) ? > imho Apache is pretty good - so perhaps you could find a commonly used > module that leaks memory? > > Also, I hope your toaster is running netbsd with apache ^^ > > -- > As flies to wanton boys are we to the gods; they kill us for their > sport. =A0 =A0 =A0 =A0 =A0-- Shakespeare, "King Lear" > Just tossing around ideas. What's the threshold for killing these child processes? What prevents someone from bringing several to just below that threshold? --=20 Sent from my toaster.