Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SEGV in Perl_rpeep for perl5.21.8 #17183

Closed
p5pRT opened this issue Oct 13, 2019 · 10 comments
Closed

SEGV in Perl_rpeep for perl5.21.8 #17183

p5pRT opened this issue Oct 13, 2019 · 10 comments

Comments

@p5pRT
Copy link

p5pRT commented Oct 13, 2019

Migrated from rt.perl.org#134496 (status was 'open')

Searchable as RT134496$

@p5pRT
Copy link
Author

p5pRT commented Oct 13, 2019

From jstocode@163.com

Hello. I run the perl 5.21.8 on my Raspberry 3 Model B+ device.

The GCC version is 6.3.0. The OS environment is raspberrypi 4.14.79-v7+

When I use the perl command, I get an interesting test input which causes the Segmentation fault.
Initial analysis shows that it is the stack overflow, which can incur a failure.

The command line to crash the perl is as following​:

perl [input]
The test input is attached. I use gdb to debug it and the crash information is as follows​:

Program received signal SIGSEGV, Segmentation fault.
0x0003e1e0 in Perl_rpeep ()
(gdb) backtrace
#0 0x0003e1e0 in Perl_rpeep ()
#1 0x0003687c in Perl_newPROG ()
#2 0x00073f24 in Perl_yyparse ()
#3 0x7efff288 in ?? ()
Backtrace stopped​: previous frame identical to this frame (corrupt stack?)

@p5pRT
Copy link
Author

p5pRT commented Oct 13, 2019

From jstocode@163.com

9-testcase

@p5pRT
Copy link
Author

p5pRT commented Oct 14, 2019

From @jkeenan

On Sun, 13 Oct 2019 09​:08​:48 GMT, jstocode@​163.com wrote​:

Hello. I run the perl 5.21.8 on my Raspberry 3 Model B+ device.

perl-5.21.8 was a development version from 5 years ago. The production release it was pointing toward, perl-5.22, is long out of support.

Can you reproduce your problem using perl-5.30 (which is currently supported)?

The GCC version is 6.3.0. The OS environment is raspberrypi 4.14.79-
v7+

When I use the perl command, I get an interesting test input which
causes the Segmentation fault.
Initial analysis shows that it is the stack overflow, which can incur
a failure.

The command line to crash the perl is as following​:

perl [input]
The test input is attached. I use gdb to debug it and the crash
information is as follows​:

Program received signal SIGSEGV, Segmentation fault.
0x0003e1e0 in Perl_rpeep ()
(gdb) backtrace
#0 0x0003e1e0 in Perl_rpeep ()
#1 0x0003687c in Perl_newPROG ()
#2 0x00073f24 in Perl_yyparse ()
#3 0x7efff288 in ?? ()
Backtrace stopped​: previous frame identical to this frame (corrupt
stack?)

If the attachment is a Perl 5 program, could you please re-attach it as a plain-text file (not binary) with a '.pl' suffix?

Thank you very much.

--
James E Keenan (jkeenan@​cpan.org)

@p5pRT
Copy link
Author

p5pRT commented Oct 14, 2019

The RT System itself - Status changed from 'new' to 'open'

@p5pRT
Copy link
Author

p5pRT commented Oct 17, 2019

From jstocode@163.com

Yes, It is a short perl5 script which is attached.

At 2019-10-14 09​:49​:20, "James E Keenan via RT" <perlbug-followup@​perl.org> wrote​:

On Sun, 13 Oct 2019 09​:08​:48 GMT, jstocode@​163.com wrote​:

Hello. I run the perl 5.21.8 on my Raspberry 3 Model B+ device.

perl-5.21.8 was a development version from 5 years ago. The production release it was pointing toward, perl-5.22, is long out of support.

Can you reproduce your problem using perl-5.30 (which is currently supported)?

The GCC version is 6.3.0. The OS environment is raspberrypi 4.14.79-
v7+

When I use the perl command, I get an interesting test input which
causes the Segmentation fault.
Initial analysis shows that it is the stack overflow, which can incur
a failure.

The command line to crash the perl is as following​:

perl [input]
The test input is attached. I use gdb to debug it and the crash
information is as follows​:

Program received signal SIGSEGV, Segmentation fault.
0x0003e1e0 in Perl_rpeep ()
(gdb) backtrace
#0 0x0003e1e0 in Perl_rpeep ()
#1 0x0003687c in Perl_newPROG ()
#2 0x00073f24 in Perl_yyparse ()
#3 0x7efff288 in ?? ()
Backtrace stopped​: previous frame identical to this frame (corrupt
stack?)

If the attachment is a Perl 5 program, could you please re-attach it as a plain-text file (not binary) with a '.pl' suffix?

Thank you very much.

--
James E Keenan (jkeenan@​cpan.org)

@p5pRT
Copy link
Author

p5pRT commented Oct 17, 2019

From jstocode@163.com

9-testcase.pl

@dur-randir
Copy link
Member

@toddr, the first attachment downloads fine, but the second one reports "can't find metadata for attachment 844033".

@toddr
Copy link
Member

toddr commented Oct 19, 2019

@dur-randir fixed.

@JsToCode
Copy link

9-testcase.zip
The testcase seems to be mal-format for the perl5 grammar, because I got it by fuzzing.

@jkeenan
Copy link
Contributor

jkeenan commented Oct 21, 2019 via email

@toddr toddr closed this as completed Oct 24, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

5 participants