develooper Front page | perl.perl5.porters | Postings from November 2010

RE: [perl #78710] perlbug AutoReply: varous strcpy() overflowing fixed size buffers on Win32

Thread Previous
Jan Dubois
November 1, 2010 17:32
RE: [perl #78710] perlbug AutoReply: varous strcpy() overflowing fixed size buffers on Win32
Message ID:
On Sat, 30 Oct 2010, wrote:
> "Jan Dubois" <> wrote:
> > I'm happy to apply this patch:

Pushed to blead now.

> > However, I can't actually make the code crash without the patch,
> > so I'm holding off until I actually understand why I can't trigger
> > the problem.  Did your sample commandline actually generate an access
> > violation for you?
> It's sensitive to the length of data being written to the buffer.
> The example i gave of:
> % perl -e "use DynaLoader; DynaLoader::dl_load_file('abc' x 1000)"
> ...causes the perl.exe to hang and consume all cpu.

Well, it didn't hang for me.  Neither does any longer filename, including
40MB, which should well extend the range of memory allocated for the
C stack.

I still don't understand why it doesn't hang/crash for me with extremely
long filenames.
> Running the following triggers Windows to launch the familiar
> "Debug"/"Send Error Report"/"Don't Send" dialogue:
> % .\perl.exe  -e "use DynaLoader; DynaLoader::dl_load_file('X' x 260)"
> The behaviour may be system specific, so if the above doesn't 'work', try
> increasing the length of the bogus filename.

This one does crash for me too, as well as other sizes that are just somewhat
larger than 260.  And those crashes do go away with my patch, which is why
I have committed it now.


Thread Previous Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at | Group listing | About