develooper Front page | perl.perl5.porters | Postings from January 2017

[perl #130635] [PATCH] Stack overflow in Storable retrieve_hook

Thread Previous | Thread Next
From:
James E Keenan via RT
Date:
January 30, 2017 17:58
Subject:
[perl #130635] [PATCH] Stack overflow in Storable retrieve_hook
Message ID:
rt-4.0.24-30173-1485799094-1074.130635-15-0@perl.org
On Sun, 29 Jan 2017 00:41:50 GMT, john@nixnuts.net wrote:
> On Thu, 2017-01-26 at 13:48 -0800, James E Keenan via RT wrote:
> > As previously reported, I configure with:
> >
> > "-des -Dusedevel -Duseithreads -Doptimize='-O2 -pipe -fstack-
> > protector -fno-
> > strict-aliasing' -DDEBUGGING"
> >
> > ... because that gets us very close to the way that the FreeBSD port
> > of perl
> > is configured.
> >
> 
> Excellent, thanks.
> 
> The problem turned out to be that the AFL generated payload was
> hitting two
> other memory allocation errors before it even entered retrieve_hook().
> That
> combination of flags on FreeBSD seems to crash whenever Storable tries
> to
> allocate too much memory.
> 
> I adjusted the test data to use more realistic sizes when it enters
> retrieve_hash() and retrieve_flag_hash() so that it's only focusing on
> the stack
> overflow in retrieve_hook().
> 
> I also cleaned up the test output formatting a bit.
> 
> An updated patch is attached.

The third patch you submitted differs from the second patch submitted only in some test input data in t/store.t.  You haven't changed any source code.  Are you sure you're not simply fudging the test?

Thank you very much.

-- 
James E Keenan (jkeenan@cpan.org)

---
via perlbug:  queue: perl5 status: open
https://rt.perl.org/Ticket/Display.html?id=130635

Thread Previous | Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About