Skip Menu |
Report information
Id: 132609
Status: open
Priority: 0/
Queue: perl5

Owner: Nobody
Requestors: sraums2498 [at] gmail.com
Cc:
AdminCc:

Operating System: (no value)
PatchStatus: (no value)
Severity: (no value)
Type: (no value)
Perl Version: (no value)
Fixed In: (no value)



From: SRAUMS JN <sraums2498 [...] gmail.com>
Subject: PERL-5.26.1 stack_overflow
To: perl5-security-report [...] perl.org
Date: Tue, 19 Dec 2017 16:29:58 +0530
Download (untitled) / with headers
text/plain 21.3k

Message body is not shown because it is too large.

Message body is not shown because it is too large.

Download 254
application/octet-stream 6.1k

Message body not shown because it is not plain text.

RT-Send-CC: perl5-security-report [...] perl.org
Download (untitled) / with headers
text/plain 465b
This reduces to: ./miniperl -e 'pack "[" x 20000' .. which explodes the stack because we check for close parens recursively in pack.c:S_group_end(): else if (c == '[') patptr = group_end(patptr, patend, ']') + 1; The same happens for "(", for the same reason. I don't think we class such things as vulnerabilities, can anyone confirm or deny? I'm also not sure what would be involved in avoiding this, or if there's value in doing so. Hugo
From: Zefram <zefram [...] fysh.org>
Date: Thu, 11 Jan 2018 02:01:02 +0000
Subject: Re: [perl #132609] PERL-5.26.1 stack_overflow
To: perl5-security-report [...] perl.org
Download (untitled) / with headers
text/plain 204b
Hugo van der Sanden via RT wrote: Show quoted text
>I don't think we class such things as vulnerabilities, can anyone >confirm or deny?
Confirmed, we don't consider busting the C stack to be a security failure. -zefram
RT-Send-CC: perl5-porters [...] perl.org
Download (untitled) / with headers
text/plain 297b
On Wed, 10 Jan 2018 18:01:19 -0800, zefram@fysh.org wrote: Show quoted text
> Hugo van der Sanden via RT wrote:
> >I don't think we class such things as vulnerabilities, can anyone > >confirm or deny?
> > Confirmed, we don't consider busting the C stack to be a security failure.
Moved to the public queue. Tony


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

For issues related to this RT instance (aka "perlbug"), please contact perlbug-admin at perl.org