develooper Front page | perl.perl5.porters | Postings from January 2017

Re: [perl #130635] [PATCH] Stack overflow in Storable retrieve_hook

Thread Next
John Lightsey
January 26, 2017 23:19
Re: [perl #130635] [PATCH] Stack overflow in Storable retrieve_hook
Message ID:
On Thu, 2017-01-26 at 13:48 -0800, James E Keenan via RT wrote:
> As previously reported, I configure with:
> "-des -Dusedevel -Duseithreads -Doptimize='-O2 -pipe -fstack-protector -fno-
> strict-aliasing' -DDEBUGGING"
> ... because that gets us very close to the way that the FreeBSD port of perl
> is configured.

Excellent, thanks.

The problem turned out to be that the AFL generated payload was hitting two
other memory allocation errors before it even entered retrieve_hook(). That
combination of flags on FreeBSD seems to crash whenever Storable tries to
allocate too much memory.

I adjusted the test data to use more realistic sizes when it enters
retrieve_hash() and retrieve_flag_hash() so that it's only focusing on the stack
overflow in retrieve_hook().

I also cleaned up the test output formatting a bit.

An updated patch is attached.
Thread Next Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at | Group listing | About