develooper Front page | perl.perl5.porters | Postings from December 2017

[perl #131999] Heap-buffer-over-flow in Storable.xs:retrieve_hookthat could lead to RCE

From:
Tony Cook via RT
Date:
December 13, 2017 22:47
Subject:
[perl #131999] Heap-buffer-over-flow in Storable.xs:retrieve_hookthat could lead to RCE
Message ID:
rt-4.0.24-27365-1513205243-939.131999-15-0@perl.org
On Tue, 10 Oct 2017 21:27:59 -0700, tonyc wrote:
> On Tue, Oct 10, 2017 at 08:48:39PM -0700, Nguyen Duc Manh wrote:
> > # New Ticket Created by  Nguyen Duc Manh 
> > # Please include the string:  [perl #132264]
> > # in the subject line of all future correspondence about this issue. 
> > # <URL: https://rt.perl.org/Ticket/Display.html?id=132264 >
> > 
> > 
> > Hello,
> > I haven't received your reply for this please?
> 
> Sorry for not replying earlier, I've been busy with another project
> and I guess everyone else is busy too.
> 
> We don't support feeding arbitrary or untrusted storable dumps to
> Storable.
> 
> Feeding untrusted data to Storable can lead to much simpler and worse
> vulnerabilities.

This isn't a security issue, but it is a bug.

I've moved it to the public queue.

I have a fix for it in my working Storable branch.

Tony

---
via perlbug:  queue: perl5 status: open
https://rt.perl.org/Ticket/Display.html?id=131999



nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About