[grsec] gradm learning process segfaults
Barry.Schwartz at chemoelectric.org
Barry.Schwartz at chemoelectric.org
Wed Nov 3 14:03:19 EST 2004
Marc Schiffbauer <marc at schiffbauer.net> wrote:
> If I try to use "gradm -L ... -O ..." on such a big file gradm eats
> all memory (>3GB) and finally gets killed by the kernel due to OOM.
> (machine has 512MB RAM and I extended swap to 3GB)
That might be the bug I discovered a while back:
In gradm_learn.c, in merge_acl_rules (), there are two loops
"for (i = ipp->low; i <= ipp->high; i++)" nested in a loop
"for (i = 0; i < subject->ip_num; i++)"
The index variables need to be different.
It's been fixed in CVS.
More information about the grsecurity
mailing list