New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[PATCH] Bug & fix: hang when using study + taint mode (perl 5.6.1, 5.8.x) #8835
Comments
From sad@eltex.netHello! It doesn't hang if it's run in untainted mode, or study is commented. Flags: Site configuration information for perl v5.8.7: Configured by Debian Project at Sat Jul 9 12:13:16 EST 2005. Summary of my perl5 (revision 5 version 8 subversion 7) configuration: Locally applied patches: @INC for perl v5.8.7: Environment for perl v5.8.7: Complete configuration data for perl v5.8.7: Author='' email protected and scanned by AdvascanTM - keeping email useful - www.advascan.com |
From sad@eltex.net |
From sad@eltex.netFrom: "Kills Body Bacteria" <ukzphdpra@royal.net> CERTIFIED BY BBC/ABC News |
From @ysthOn Tue, Aug 23, 2005 at 04:28:30AM -0700, Eugene Morozov wrote:
Confirmed in bleadperl@25216. -Dr shows it looping on $ perl5.9.3 -Dr -T bugtest.pl EXECUTING... Guessing start of match, REx "^To:\s\w+\@\w\n" against "From: "Kills Body Bacteria" <ukzphdpra@royal.net> CERTIFIED BY BBC/ABC News "
CERTIFIED BY BBC/ABC News "...
CERTIFIED BY BBC/ABC News "...
|
The RT System itself - Status changed from 'new' to 'open' |
From quarl@cs.berkeley.eduCreated by quarl@cs.berkeley.eduDear Perl hackers, Perl 5.6.1+ hangs when: Test case: # ---------- cut ---------- #!/usr/bin/perl -T my $DATA = <<'END' END sub read_some_tainted_data() { warn "tainting data"; warn "studying data"; warn "trying to match..."; ## don't set $SIG{ALRM}, since we'd never get to a user-level handler as perl alarm(1); if ($DATA =~ /^line2.*line4/m) { warn "match didn't hang!"; # ---------- cut ---------- The output of 'perl -T -Drv testcase' may be informative: ... continues infinitely until killed. Gdb backtrace: This bug appears in Perl versions 5.6.1 and 5.8.x, The bug doesn't appear in Perl 5.6.0, 5.005, 5.004. Specifically, the bug causes an unexpected DoS in I believe the bug was introduced in change 7407 by jhi on http://public.activestate.com/cgi-bin/perlbrowse/p/7407 Below is a patch to regexec.c that fixes the problem for me Inline Patch
Regards, Karl Perl Info
|
From @TuxOn Wed, 14 Mar 2007 22:01:55 -0700, "quarl@cs.berkeley.edu (via RT)"
Current state of affairs (devel or blead) does not show this `flaw': nb09:/pro/3gl/CPAN/perl-current 113 > ./perl -T -Ilib /tmp/xx.pl And neither does the current maint branch (leading up to 5.8.9): nb09:/pro/3gl/CPAN/perl-5.8.x-dor 117 > ./perl -T -Ilib /tmp/xx.pl I've got the regex guru sitting next to me, and he says he Would you be able to do your test on the most recent blead (devel) -- |
The RT System itself - Status changed from 'new' to 'open' |
From quarl+dated+1174444136.16e51e@nospam.quarl.org
Merijn> Current state of affairs (devel or blead) does not Merijn> Would you be able to do your test on the most recent Hi, thank you for checking. You're right -- perl-current doesn't Could the fix be extracted from the 5.8.9 line so it can be -- |
From @nwc10On Thu, Mar 15, 2007 at 07:34:33PM -0700, Karl Chen wrote:
Good point. I thought it better to adapt your sample code, rather than adding
5.8.9 isn't a line, so much as the not-yet-made release on the 5.8.x line, Nicholas Clark |
From quarl@cs.berkeley.edu
Nicholas> Good point. I thought it better to adapt your sample Thank you! Was the commenting-out of the 'study' line intentional? Because >> Could the fix be extracted from the 5.8.9 line so it can be Nicholas> 5.8.9 isn't a line, so much as the not-yet-made Current Debian stable/testing/unstable all have the bug, which is -- |
@smpeters - Status changed from 'open' to 'resolved' |
From @cpansproutThis was fixed in perl 5.8.9 and 5.10.0. |
@cpansprout - Status changed from 'open' to 'resolved' |
Migrated from rt.perl.org#41831 (status was 'resolved')
Searchable as RT41831$
The text was updated successfully, but these errors were encountered: