lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20040518090339.GA15384@ecos.de>
From: beckert at ecos.de (Axel Beckert)
Subject: Re: Buffer Overflow in ActivePerl?

Hi!

Am Mon, May 17, 2004 at 10:23:56PM +0200, Oliver@...yhat.de schrieb:
> i played around with ActiveState's ActivePerl for Win32, and crashed 
> Perl.exe with the following command:
> 
> perl -e "$a="A" x 256; system($a)"
> 
> I wonder if this bug isnt known?!? Because system() is a very common 
> command....
> Can anybody reproduce this?

I can confirm this for Perl v5.8.0 built for MSWin32-x86-multi-thread
(Binary build 805 provided by ActiveState Corp.) on W2K.

My first thought was that the nested double-quotes maybe the reason,
but even 

  perl -e "$a='A' x 256; system($a)"

crashes. 

  perl -e "system('A'x256)"

chrashes also btw.

            Kind regards, Axel Beckert
-- 
-------------------------------------------------------------
Axel Beckert      ecos electronic communication services gmbh
it security solutions * web applications with apache and perl

Mail:       Tulpenstrasse 5       D-55276 Dienheim near Mainz
E-Mail:     beckert@...s.de       Voice:     +49 6133 939-220
WWW:        http://www.ecos.de/   Fax:       +49 6133 939-333
-------------------------------------------------------------

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ