develooper Front page | perl.perl5.porters | Postings from October 2012

Re: Security Issues in perl-5.16.x

Thread Previous | Thread Next
David Golden
October 2, 2012 18:24
Re: Security Issues in perl-5.16.x
Message ID:
On Tue, Oct 2, 2012 at 8:14 PM, Chip Salzenberg <> wrote:
> On Tue, Oct 2, 2012 at 4:43 PM, demerphq <> wrote:
>> It is not clear to me that nulls in package
>> names are intrinsically safe so for the sake of this discussion I am
>> assuming they are not.
> The primary question here, raised in annoying and roundabout fashion
> by Reini -- again -- is whether NULs in package names and/or open
> calls are in fact safe.  So you should not assume the conclusion;
> that's a serious logical fallacy.

Let's not assume it as a conclusion.

Let's assume it as a hypothesis:  *If* NULs in package names are not
safe, then how could an attacker exploit that fact?

I have yet to see any convincing explanation of a mechanism and people
seem very quick to get distracted by whether it's FUD or not or
whether we should just strip/warn/die for good measure.

Let's go further and assume that taint checking is on.

Admittedly, I have neither a white nor black hat, so am at risk of
talking out my ass about this, but an exploit would seem to need the

(1) Attacker needs a way to get a "payload" of malicious data into memory
(2) Attacker needs a way to execute said payload

Does the NUL issue relate to #1 or #2?  If so, how?


David Golden <>
Take back your inbox! →
Twitter/IRC: @xdg

Thread Previous | Thread Next Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at | Group listing | About