From: Matthew Mondor <mmondor@pulsar-zone.net>
Date: Wed, 15 Jul 2015 03:52:29 +0000 (+0000)
Subject: *** empty log message ***
X-Git-Url: http://git.pulsar-zone.net/?a=commitdiff_plain;h=0ea8fc11619c35ae899c83d1a8a2d84abc28c7fa;p=mmondor.git

*** empty log message ***
---

diff --git a/netbsd/netbsd_improvements.txt b/netbsd/netbsd_improvements.txt
index 08d70cc..c118200 100644
--- a/netbsd/netbsd_improvements.txt
+++ b/netbsd/netbsd_improvements.txt
@@ -10,6 +10,15 @@ Status, defined by the first column:
 * The fix that was submitted via PR was accepted and commited.
 
 
+- csh(1) will reach the heap limit if given the following command:
+  "yes `yes maybe`" and similar.
+  psave() should ideally respect the ARG_MAX exec(2) limit, and it probably
+  could error with stderror() which eventually calls longjmp(3).
+  Since grepping the code of sh(1) and ksh(1) for ARG_MAX shows no results,
+  it's possible that they also should be fixed.  It doesn't seem to
+  necessarily be a security vulnerability, but it sure can be an annoyance
+  preventing graceful and quick recovery from a class of errors.
+
 - Signed kernel modules
   With ability to manage kernel keys; with keys locked in read-only non-exec
   pages after boot