+-- On Mon, 6 Mar 2017, Eric Blake wrote --+ | If you impose any limit smaller than _SC_ARG_MAX, you are needlessly | limiting things. Furthermore, _SC_ARG_MAX may not always be the same | value, depending on how the kernel was compiled. So it's probably | asiest to just let execve() impose its own limits (and correctly report | errors to the caller when execve() fails), rather than trying to impose | limits yourself.
Okay. | In short, the bug that you are fixing is not caused by the guest | requesting something beyond execve() limits, but caused by poor use of | alloca() leading to a stack overrun. Yes, true. | You only need to fix the bug (by switching alloca() to heap allocation), Okay, I'll send just one revised patch. Thank you. -- Prasad J Pandit / Red Hat Product Security Team 47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F
