develooper Front page | perl.perl5.porters | Postings from September 2001

[PATCH @12256 ext/DB_File.pm ext/GDBM_File.pm] Remove string evalfrom AUTOLOAD

Thread Next
From:
Jonathan Stowe
Date:
September 29, 2001 08:05
Subject:
[PATCH @12256 ext/DB_File.pm ext/GDBM_File.pm] Remove string evalfrom AUTOLOAD
Message ID:
Pine.LNX.4.33.0109291535120.18586-100000@orpheus.gellyfish.com
There is a minutely small possibility that the string eval in the AUTOLOAD
could be exploited if a black hat had access to the include files.

--- ext/DB_File/DB_File.pm~	Sat Sep 29 15:19:04 2001
+++ ext/DB_File/DB_File.pm	Sat Sep 29 15:20:48 2001
@@ -222,8 +222,9 @@
 ";
 	}
     }
-    eval "sub $AUTOLOAD { $val }";
-    goto &$AUTOLOAD;
+    no strict 'refs';
+    *{$AUTOLOAD} = sub { $val };
+    goto &{$AUTOLOAD};
 }


--- ext/GDBM_File/GDBM_File.pm~	Sat Sep 29 15:38:30 2001
+++ ext/GDBM_File/GDBM_File.pm	Sat Sep 29 15:39:55 2001
@@ -67,8 +67,9 @@
     ($constname = $AUTOLOAD) =~ s/.*:://;
     my ($error, $val) = constant($constname);
     Carp::croak $error if $error;
-    eval "sub $AUTOLOAD { $val }";
-    goto &$AUTOLOAD;
+    no strict 'refs';
+    *{$AUTOLOAD} = sub { $val };
+    goto &{$AUTOLOAD};
 }

 XSLoader::load 'GDBM_File', $VERSION;


It doesnt break anything - I will poke around for any more exploitable
string evals this weekend.

/J\
-- 
Jonathan Stowe                      |
<http://www.gellyfish.com>          |      This space for rent
                                    |


Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About