https://bugs.exim.org/show_bug.cgi?id=1749

--- Comment #28 from Petr Pisar <ppi...@redhat.com> ---
I confirm it works even if SELinux is configured to deny RWX pages
(deny_execmem SELinux boolean set to 1).

Now to the mkstemp(). If you make /tmp nonwritable, JIT compilation fails with
"no more memory" because the allocator returns NULL.

Would make sense to try more locations than only /tmp? I think $TMPDIR
environment variable value, /tmp, /var/tmp, and ./ could be tried in this order
before giving up and returning NULL.

Also what's your opinion on the transparent fallback to non-JIT mode if JIT
allocation fails because of failed mkstemp()? I think returning
PCRE2_ERROR_JIT_BADOPTION instead of PCRE2_ERROR_NOMEMORY as outlined in the
"Attempt to propagate mprotect() failure" attachment would be good idea.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-- 
## List details at https://lists.exim.org/mailman/listinfo/pcre-dev 

Reply via email to