On Thu, May 14, 2020 at 08:53:42AM +0200, Tobi wrote: > using your suggestion with valgrind I found that the main-stacksize > seems to be the problem. By using --main-stacksize with different values > I found that the last working value is 59449345, changing to ...344 let > postmap segfault:
But whatever the stacksize, the PCRE library must not segfault. We need to be sure that it returns an error to the caller, rather than blows up. > > ==7988== Stack overflow in thread #1: can't grow stack to 0x1ffb74f000 > > We will try allowing more stacksize by /etc/security/limits.conf to > postfix and re-design our pcre pattern(s) to avoid (where possible) the > usage of .* without any limits :-) Keeping your (ir)regular expressions simpler is always a good idea. Especially avoid costly use of multiple '.*' patterns in the same expression. Not a good idea: /a.*b.*c.*d.*...z/ Perhaps there's something we can do with default resource limits. >From the pcre2pattern(2) manpage: Setting match resource limits The pcre2_match() function contains a counter that is incremented every time it goes round its main loop. The caller of pcre2_match() can set a limit on this counter, which therefore limits the amount of computing resource used for a match. The maximum depth of nested backtracking can also be limited; this indirectly restricts the amount of heap memory that is used, but there is also an explicit memory limit that can be set. These facilities are provided to catch runaway matches that are provoked by patterns with huge matching trees. A common example is a pattern with nested unlimited repeats applied to a long string that does not match. When one of these limits is reached, pcre2_match() gives an error return. The limits can also be set by items at the start of the pattern of the form (*LIMIT_HEAP=d) (*LIMIT_MATCH=d) (*LIMIT_DEPTH=d) where d is any number of decimal digits. However, the value of the setting must be less than the value set (or defaulted) by the caller of pcre2_match() for it to have any effect. In other words, the pattern writer can lower the limits set by the programmer, but not raise them. If there is more than one setting of one of these limits, the lower value is used. The heap limit is specified in kibibytes (units of 1024 bytes). Prior to release 10.30, LIMIT_DEPTH was called LIMIT_RECURSION. This name is still recognized for backwards compatibility. The heap limit applies only when the pcre2_match() or pcre2_dfa_match() interpreters are used for matching. It does not apply to JIT. The match limit is used (but in a different way) when JIT is being used, or when pcre2_dfa_match() is called, to limit computing resource usage by those matching functions. The depth limit is ignored by JIT but is relevant for DFA matching, which uses function recursion for recursions within the pattern and for lookaround assertions and atomic groups. In this case, the depth limit controls the depth of such recursion. -- Viktor.