Fix OOM on incorrect input. #2
Conversation
This is a cherry-pick of 66a22c8 against the v2.0 branch that omits the protobuf-fuzz changes since protobuf-fuzz doesn't exist on the v2.0 branch. Part of fixing pantsbuild/pants#7760.
|
|
We have a fix in-flight in pantsbuild/rust-protobuf#2 that will still need this `--ignore` even when we're consuming it. Adding the `--ignore` now silences nightly CRON audit noise in the meantime and going forward until we can upgrade to a public official release of protobuf with the `RUSTSEC-2019-0003` fix. Part of fixing pantsbuild#7760
There was a problem hiding this comment.
(Disclaimer: I don't understand this code as well as Daniel, so his review holds much more weight. On re-reading PR description, it's a cherry-pick though so kind of irrelevant.)
LGTM. Please update the PR title to clarify OOM means (out of memory), as I did not know that at first and had to look it up.
Thanks for fixing this and upstream!
I'm going to decline this one. The PR title is purposefully that of the cherry-pick mod the part unapplied: "Fuzz testing with OOM is in wide use and this just happens to be your first encounter I think. The oom killer is a thing - you're just lucky enough to have not been oom killed yet out on Aurora, Kubernetes, etc! |
We have a fix in-flight in pantsbuild/rust-protobuf#2 that will still need this `--ignore` even when we're consuming it. Adding the `--ignore` now silences nightly CRON audit noise in the meantime and going forward until we can upgrade to a public official release of protobuf with the `RUSTSEC-2019-0003` fix. Part of fixing #7760
This is a cherry-pick of 66a22c8
against the v2.0 branch that omits the protobuf-fuzz changes since
protobuf-fuzz doesn't exist on the v2.0 branch.
Part of fixing pantsbuild/pants#7760.