Front page | perl.perl5.porters |
Postings from January 2018
On Wed, 13 Dec 2017 08:12:00 -0800, davem wrote:
> On Fri, Dec 08, 2017 at 11:37:54AM -0800, Brian Carpenter wrote:
> > Triggered with v5.27.6-156-g5d4548b73b, compiled with clang 6.0.0-
> > trunk and
> > -fsanitize=address. This bug looks similar to 129012 and 132187.
> >
> >
> > ./perl -e '$_="0000000\x{600000}";/^000.\000000?\00000/'
> > =================================================================
> > ==29563==ERROR: AddressSanitizer: heap-buffer-overflow on address
> > 0x602000000ebe at pc 0x000000451a60 bp 0x7ffe25406c50 sp
> > 0x7ffe254063f8
> > READ of size 2 at 0x602000000ebe thread T0
> > #0 0x451a5f in __interceptor_memchr
> > /b/build/slave/linux_upload_clang/build/src/third_party/llvm/compiler-
> > rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc:823:3
> > #1 0x7bd1a6 in Perl_fbm_instr /root/perl/util.c:985:42
> > #2 0xaabce3 in Perl_re_intuit_start /root/perl/regexec.c:935:13
>
> Fixed with v5.27.6-216-g37e6bbd.
>
> Not exploitable; I'll move to the public queue in a few days time.
Done.
Tony
---
via perlbug: queue: perl5 status: open
https://rt.perl.org/Ticket/Display.html?id=132552