[Pljava-dev] Recent RedHat/CentOS kernel update and PL/Java

Red Hat and CentOS are rolling out kernel updates that address
a possible stack-smashing exploit by increasing the size of the
guard region below the stack, in a way that causes Java to crash
with a SIGBUS (as reported twice now in PL/Java's issue tracker--
#128 and #129--and online for several other Java-based projects).

The suggested solution according to other projects is to add -Xss2M
(or larger) to the Java VM options, forcing a stack of 2 MB (or
larger) to be allocated.

For PL/Java, that's accomplished by adding -Xss2M to the setting
of pljava.vmoptions. A simple test can be done in a new session
simply by giving

SET pljava.vmoptions TO '-Xss2M';

before calling a PL/Java function. If that works, the setting can
be saved by ALTER DATABASE SET, ALTER SYSTEM, or editing postgresql.conf,
whatever method you are already using to persist pljava settings.

Per Oracle's docs, -Xss is both an initial stack size and a limit;
when specified, the stack will have that initial size and be unable
to grow. If whatever PL/Java is being used for could require more
than 2 MB of stack (or, if stack overflow errors are seen with a
setting of 2 MB) then the option may need further upward adjustment.

I assume this is an interim fix and Oracle will eventually release
a Java update that plays nicely with the new kernel's stack guard,
and then giving an explicit stack size will no longer be needed.

-Chap
_______________________________________________
Pljava-dev mailing list
Pljava-dev(at)lists(dot)pgfoundry(dot)org
http://lists.pgfoundry.org/mailman/listinfo/pljava-dev