New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
heap-use-after-free in Perl_sv_setpv (sv.c:4990) #15684
Comments
From @geeknikTriggered in Perl v5.25.7 (v5.25.6-71-gac15b3d) with AFL+ASAN. perl -e '($0+=(*0)=@0=($0)=N)=@0=(($0)=0)=@0=()'==31223==ERROR: AddressSanitizer: heap-use-after-free on address 0x60200000e630 is located 0 bytes inside of 10-byte region previously allocated by thread T0 (N) here: SUMMARY: AddressSanitizer: heap-use-after-free ??:0 __asan_memmove Perl 5.20.2-3+deb8u6 fails gracefully: Non-ASAN build of Perl v5.25.7 (v5.25.6-76-gc1b1197) + Valgrind: valgrind -q ./perl -e '($0+=(*0)=@0=($0)=N)=@0=(($0)=0)=@0=()' |
From @tonycozOn Tue, 25 Oct 2016 17:01:07 -0700, brian.carpenter@gmail.com wrote:
Simplifies to: ./perl -e '($0+=(*0)=@0=$0)=@0=$0' Removing the first =$0 gives: ./perl -e '($0+=(*0)=@0)=@0=$0' This looks like yet another stack-not-refcounted issue. I don't think it's a security issue. Tony |
The RT System itself - Status changed from 'new' to 'open' |
From @tonycozOn Sun, 06 Nov 2016 19:58:17 -0800, tonyc wrote:
Now public. Tony |
Migrated from rt.perl.org#129963 (status was 'open')
Searchable as RT129963$
The text was updated successfully, but these errors were encountered: