diff options
author | Přemysl Janouch <p.janouch@gmail.com> | 2014-09-19 01:23:31 +0200 |
---|---|---|
committer | Přemysl Janouch <p.janouch@gmail.com> | 2014-09-19 01:24:39 +0200 |
commit | 125521ddc18647d54164d1910a753465c50fb010 (patch) | |
tree | aaadc8f7e00743fbe6f576911cb2557c302b6592 | |
parent | d4c60dc105e4f4a29873f4666a6c92541edb13eb (diff) | |
download | xK-125521ddc18647d54164d1910a753465c50fb010.tar.gz xK-125521ddc18647d54164d1910a753465c50fb010.tar.xz xK-125521ddc18647d54164d1910a753465c50fb010.zip |
script: set a scricter limit on memory
-rwxr-xr-x | plugins/script | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/plugins/script b/plugins/script index f725048..a9de176 100755 --- a/plugins/script +++ b/plugins/script @@ -32,6 +32,9 @@ #include <strings.h> #include <math.h> +#define ADDRESS_SPACE_LIMIT (100 * 1024 * 1024) +#include <sys/resource.h> + #if defined __GNUC__ #define ATTRIBUTE_PRINTF(x, y) __attribute__ ((format (printf, x, y))) #else // ! __GNUC__ @@ -2164,6 +2167,15 @@ main (int argc, char *argv[]) freopen (NULL, "rb", stdin); setvbuf (stdin, NULL, _IOLBF, BUFSIZ); freopen (NULL, "wb", stdout); setvbuf (stdout, NULL, _IOLBF, BUFSIZ); + struct rlimit limit = + { + .rlim_cur = ADDRESS_SPACE_LIMIT, + .rlim_max = ADDRESS_SPACE_LIMIT + }; + + // Lower the memory limits to something sensible to prevent abuse + (void) setrlimit (RLIMIT_AS, &limit); + read_db (); init_runtime_library (); register_handler (".", fn_dot); |