develooper Front page | perl.perl5.porters | Postings from October 2016

[perl #129130] heap-buffer-overflow Perl_pp_chdir (pp_sys.c:3685)

Tony Cook via RT
October 24, 2016 03:22
[perl #129130] heap-buffer-overflow Perl_pp_chdir (pp_sys.c:3685)
Message ID:
On Sun Sep 04 22:50:16 2016, tonyc wrote:
> Fix attached.

Applied as 92c843fb4b4e1a1e0ac7ec0fe198dc77266838da.

> I don't think this would be exploitable beyond a denial of service if it
> crashes perl - it only writes one pointersize beyond the end of the
> allocated block, and is always the address of a new SV (should this use
> PL_sv_yes and PL_sv_no?)

And made this public.


via perlbug:  queue: perl5 status: open Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at | Group listing | About