What are the consequences of allocating and then populating an extremely large buffer in C? Can a stack have a maximum size and if so what are the security mechanisms that enforce this.
1 Answers
What are the consequences of allocating and then populating an extremely large buffer in C?
If a process grows excessively large in virtual memory it can result in thrashing.
Can a stack have a maximum size and if so what are the security mechanisms that enforce this.
This question has been asked and answered here: how does the linux kernel enforce stack size limits?
Related: Linux Stack Sizes
From the getrlimit
and setrlimit
man page:
RLIMIT_STACK
This is the maximum size of the process stack, in bytes. Upon reaching this limit, a SIGSEGV signal is generated. To handle this signal, a process must employ an alternate signal stack (sigaltstack(2)).
Since Linux 2.6.23, this limit also determines the amount of space used for the process's command-line arguments and environment variables; for details, see execve(2).
The limits such as RLIMIT_STACK are enforced by the kernel:
DESCRIPTION
The getrlimit() and setrlimit() system calls get and set resource limits respectively. Each resource has an associated soft and hard limit, as defined by the rlimit structure:
struct rlimit {
rlim_t rlim_cur; /* Soft limit */
rlim_t rlim_max; /* Hard limit (ceiling for rlim_cur) */
};
The soft limit is the value that the kernel enforces for the corresponding resource. The hard limit acts as a ceiling for the soft limit: an unprivileged process may set only its soft limit to a value in the range from 0 up to the hard limit, and (irreversibly) lower its hard limit. A privileged process (under Linux: one with the CAP_SYS_RESOURCE capability) may make arbitrary changes to either limit value.
The value RLIM_INFINITY denotes no limit on a resource (both in the structure returned by getrlimit() and in the structure passed to setrlimit()).
- 1,269
- 1
- 8
- 15
-
1That has cleared many things up. Many thanks for your excellent response – Us3rname Jun 16 '17 at 23:05