AWK output buffer grows without bound, enabling memory exhaustion

[chaliy]

Summary

The AWK interpreter accumulates all output into self.output (a String) and file redirect output into self.file_outputs/self.file_appends (HashMap of Strings) with no size limit. Even with loop iterations capped at 100,000, each iteration can produce large output lines, exhausting memory.

Severity: Medium
Category: Denial of Service / Memory Exhaustion (TM-DOS)

Affected Files

• crates/bashkit/src/builtins/awk.rs lines 2970-2982

Steps to Reproduce

echo "" | awk '{for(i=0;i<100000;i++) print "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"}'
# 100,000 iterations × 64 bytes ≈ 6.4MB, but with printf width trick:
echo "" | awk '{for(i=0;i<100000;i++) printf "%10000s\n", "x"}'
# 100,000 × 10,000 bytes ≈ 1GB

Impact

Memory exhaustion, OOM crash of host process.

Acceptance Criteria

• Add output size limit to AWK interpreter (e.g., derived from FsLimits::max_file_size or max_stdout_bytes)
• Abort execution with error when output exceeds limit
• Apply limit to both stdout buffer and file redirect buffers
• Test: AWK script producing >10MB output is terminated with error
• Test: Normal AWK output under limit works correctly