Increase stack size limit on Linux#9347
Conversation
kevinbackhouse
added
the
forward-to-main
kevinbackhouse
force-pushed
the
increase_stack_limit
branch
2 times, most recently
from
9b9300b to
f8c36e3
Compare
kevinbackhouse
force-pushed
the
increase_stack_limit
branch
from
f8c36e3 to
9d9118d
Compare
There was a problem hiding this comment.
Pull request overview
This PR aims to mitigate stack-overflow crashes (reported as potential DoS/security issues) caused by deeply recursive parsing on Linux by raising the process stack soft limit at startup via getrlimit/setrlimit.
Changes:
- Call a new utility
Util::increase_stack_limit()early inmain(). - Add
Util::increase_stack_limit()declaration and implementation usinggetrlimit(RLIMIT_STACK)/setrlimit(RLIMIT_STACK).
Show a summary per file
| File | Description |
|---|---|
| app/exiv2.cpp | Calls the new stack-limit adjustment helper during startup. |
| app/app_utils.hpp | Declares the new Util::increase_stack_limit() helper and documents intent. |
| app/app_utils.cpp | Implements stack limit bump using getrlimit/setrlimit when available. |
Copilot's findings
Tip
Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
- Files reviewed: 3/3 changed files
- Comments generated: 4
kevinbackhouse
force-pushed
the
increase_stack_limit
branch
from
bce74de to
d574d75
Compare
kevinbackhouse
force-pushed
the
increase_stack_limit
branch
from
d574d75 to
dc5451e
Compare
|
So how come it isn't a problem on Windows if it has 8x smaller stack limit by default? |
Oh, you're right. I got confused about the sizes. I've never actually tried to reproduce one of these issues on Windows, so I'm not sure what happens. Based on some googling, I think it might be possible to configure a larger stack size in the build system for Windows. |
|
I've updated the description. I'll need to run some tests to see if there are similar problems (and solutions) on other platforms (Windows, MacOS). I'll do that in separate PRs though. |
I'm not sure why I never thought of this solution before. We keep getting "security" reports like #9303 which trigger a crash by causing the process to run out of stack space due to a deep recursion. On Linux, the default stack size is 8192KB, which makes it very easy to hit the limit. I've never considered this to be a genuine security issue because it's trivial to increase the limit with a command like
ulimit -s 10000000. But today, I realized that we can do that ourselves in the Exiv2 app, by callingsetrlimit.There are two limits: the "soft" limit and the "hard" limit. An unprivileged process like Exiv2 is allowed to increase its own soft limit (no higher than the hard limit). In this PR, I'm setting it as high as it will go. We could choose some other number like 1MB, but I can't see any particular benefit to that.
On Windows, the default size is apparently 1MB. I've never tested one of these issues on Windows, so I'm not sure if the behavior is the same as Linux. I'll do some investigation, but I expect Windows also has a way to increase the stack size.
Given that all of our parsing algorithms use recursion, I think that increasing the stack size limit is by far the easiest and best way to handle deeply nested files.