develooper Front page | perl.perl5.porters | Postings from August 2017

[perl #131537] stack overflow in Perl_push_scope ()

From:
Tony Cook via RT
Date:
August 23, 2017 01:51
Subject:
[perl #131537] stack overflow in Perl_push_scope ()
Message ID:
rt-4.0.24-20690-1503453087-650.131537-15-0@perl.org
On Fri, 09 Jun 2017 03:30:56 -0700, davem wrote:
> On Thu, Jun 08, 2017 at 07:26:11AM -0700, sung wrote:
> > I have found a bug that triggered stack-buffer-overflow. this bug
> > affect on perl v5.22.1.
> 
> This is one of a class of perl bugs which can cause the C stack to
> overflow.  As well as your recursive DESTROY example, you can create
> similar effects with tied variable handlers, overload handlers etc.
> 
> I don't see that that it's a security issue though.

Yes, this isn't a security issue, and is now public.

If we treat it as a bug, I'm not sure how we could fix it without breaking other things (eg. time of destruction might change.)

Tony

---
via perlbug:  queue: perl5 status: open
https://rt.perl.org/Ticket/Display.html?id=131537



nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About