Red Hat Bugzilla – Bug 110422
Using aspell as a denial-of-service/crash from a normal user account
Last modified: 2007-11-30 17:06:59 EST
Description of problem:
aspell-0.33.7.1-25 goes into a bad memory/processor leak when invoked
in SGML mode
Version-Release number of selected component (if applicable):
invoke aspell with either -H or --mode=sgml
Steps to Reproduce:
$ echo 'Kill me' > text.txt
aspell -H -c text.txt
watch a top and see the system grind to a halt
I've had to hit the power button after several of these ran
simultaneously. I couldn't log in from the console or use
CTRL-ALT-DEL from the virtual terminal!
I verified that aspell does go into a loop and consumes lots of
memory, but aspell is a non-suid userland program. If in theory (*) it
can DoS, then any userland program can also do the same, and this is
something to be examined by the kernel/libc teams.
* I was able to recover from a few of these running. It was very
difficult and took a lot of time, but I could. Eventually the apps
should terminate after they've exhausted memory.
closing as i weas able to recover. if you aren't able to recover, the
DoS blame doesn't lie with the userspace app.