New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Reporting a use-after-free vulnerability in function Perl_sv_setpv_bufsize #16576
Comments
From yaohway@gmail.comCreated by yaohway@gmail.comThere's a use-after-free bug in function Perl_sv_setpv_bufsize(), when the ================================================================= 0x602000000fb0 is located 0 bytes inside of 10-byte region previously allocated by thread T0 here: SUMMARY: AddressSanitizer: heap-use-after-free Perl Info
|
From yaohway@gmail.com |
From @iabynOn Sat, Jun 02, 2018 at 01:56:20PM -0700, Yaohui Chen (via RT) wrote:
It can be reduced to this: It looks like like a stack-not-refcounted issue.
Since you've posted it to the public bug address, the issue is already However, it doesn't look like a realistic security issue. Real code isn't -- |
The RT System itself - Status changed from 'new' to 'open' |
From geeknik@protonmail.chThis is likely a duplicate of #130256. |
Migrated from rt.perl.org#133241 (status was 'open')
Searchable as RT133241$
The text was updated successfully, but these errors were encountered: