C vs BASH Fork bomb?

A fork bomb is a Denial of Service (DoS) attack that exploits the fork() system call to create an exponentially growing number of processes, eventually exhausting system resources. Both BASH and C can implement fork bombs, but they work differently.

Syntax

pid_t fork(void);

BASH Fork Bomb

The classic BASH fork bomb is a compact one-liner −

:(){ :|: & };:

This code works as follows:

• :() − Defines a function named :
• { :|: & } − Function body that pipes itself to itself and runs in background
• ; − Ends the function definition
• : − Calls the function to start the bomb

C Fork Bomb

The C version uses the fork() system call to create child processes continuously −

Warning: Do not run this code on important systems. It can freeze or crash the system by consuming all available process IDs and memory.

#include <unistd.h>

int main() {
    while (1) {
        fork();
    }
    return 0;
}

How It Works

The C fork bomb creates an exponential explosion of processes:

• Initially: 1 process runs the loop
• After 1st fork(): 2 processes run the loop
• After 2nd iteration: 4 processes run the loop
• After 3rd iteration: 8 processes run the loop
• This continues as 2^n processes

Comparison

Prevention

Fork bombs can be prevented using system limits:

• Set ulimit -u to limit processes per user
• Configure /etc/security/limits.conf for permanent limits
• Use systemd user slices to control resource usage

Conclusion

Both BASH and C fork bombs exploit the same principle of exponential process creation. While BASH version is more compact, the C version demonstrates the underlying system call mechanism. Proper system limits prevent such attacks from succeeding.