Front page | perl.perl5.porters |
Postings from April 2008
On Wed Dec 05 17:37:58 2007, moritz@casella.verplant.org wrote:
> Jonathan Stowe wrote:
> > On Wed, 2007-12-05 at 01:01 -0800, steev@hot.pl (via RT) wrote:
> >> This little program causes a core dump :
> >>
> >> ######################################################
> >>
> >> #!/usr/bin/perl -w -CSDA
> >> use strict;
> >> use utf8;
> >> use encoding 'utf8';
> >> use locale;
> >>
> >> my $ans='Ostrów';
> >> $_="whatever...";
> >> if (/^$ans| $ans/) { print "I was wrong, sorry...\n" }
> >>
> >> ######################################################
> >>
> >> *** glibc detected *** perl: double free or corruption (!prev):
> 0x0977adf8 ***
> ...
> >> Site configuration information for perl v5.8.8:
> >>
> >> Configured by Red Hat, Inc. at Mon Nov 12 14:45:10 EST 2007.
> Just to provide additional data: it fails with Debian Etch's perl
> 5.8.8
> with the same error as in the original report, so it's not Red Hat's
> blame. (no -D_FORTIFY_SOURCE here)
This is also Debian bug #454792, and fully reproducible on x86 (but not
on amd64, FWIW.)
Bisecting the maint-5.8 branch shows it's fixed by change 32364, which
integrates change 29204 from blead. So it looks like this is a duplicate
of ticket #40641.
In the Debian bug report, Don Armstrong is concerned about possible
security aspects:
I've set the severity to serious and tagged with security as there is
(apparently) a possibility that this could result in execution of
arbitrary code. [I don't have any proof of concept for this or a CVE
though, so feel free to detag and lower severity.]
Informed opinions would be welcome, as the bug is present in the current
Debian stable distribution.
Cheers,
--
Niko Tyni
ntyni@debian.org