Tar component in busybox version 1.34.1 has a memory leak bug when trying to unpack a tar file.
Laurent Bercot
ska-dietlibc at skarnet.org
Wed Dec 1 20:58:27 UTC 2021
>A stock Linux system will happily slaughter your system services with the OOM killer before malloc ever returns NULL.
Only if overcommit is activated, which is not a good idea in embedded
systems where busybox is likely to be used.
Also, resource limits are a thing, and proper administration practices
make use of them.
malloc returning NULL is not so far out as people think it is, far
from it. It *does* happen.
--
Laurent
More information about the busybox
mailing list