From 4147ba8fb470408fbf4e7a455f4b701b269b2882 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Wed, 5 Dec 2018 22:52:53 +0100 Subject: [PATCH] =?utf8?q?journald:=20lower=20the=20maximum=20entry=20size?= =?utf8?q?=20limit=20to=20=C2=BD=20for=20non-sealed=20fds?= MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit We immediately read the whole contents into memory, making thigs much more expensive. Sealed fds should be used instead since they are more efficient on our side. (cherry picked from commit 6670c9de196c8e2d5e84a8890cbb68f70c4db6e3) (cherry picked from commit f0ad5fe17fc6cee1f04f8f93899538ea2e96256c) Gbp-Pq: Name journald-lower-the-maximum-entry-size-limit-to-for-non-se.patch --- src/journal/journald-native.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/journal/journald-native.c b/src/journal/journald-native.c index 50aad6d1..221188db 100644 --- a/src/journal/journald-native.c +++ b/src/journal/journald-native.c @@ -376,8 +376,10 @@ void server_process_native_file( if (st.st_size <= 0) return; - if (st.st_size > ENTRY_SIZE_MAX) { - log_error("File passed too large. Ignoring."); + /* When !sealed, set a lower memory limit. We have to read the file, + * effectively doubling memory use. */ + if (st.st_size > ENTRY_SIZE_MAX / (sealed ? 1 : 2)) { + log_error("File passed too large (%"PRIu64" bytes). Ignoring.", (uint64_t) st.st_size); return; } -- 2.30.2