On 03 Sep 2010, at 3:58 PM, HyperHacker wrote:
"first the attacker has to find a way to reduce system memory to an almost oom condition" Say, by attacking several httpd threads and/or unrelated processes to get them to eat up memory.
At which point the child processes are terminated, and httpd spawns new children to replace them.
If an attacker has a way to trigger an OOM condition, that is a separate problem completely unrelated to the behavior of apr_pcalloc().
Regards, Graham --
