develooper Front page | perl.perl5.porters | Postings from January 2018

[perl #132640] PERL-5.26.1 heap_buffer_overflow READ of size 8

From:
Tony Cook via RT
Date:
January 30, 2018 05:29
Subject:
[perl #132640] PERL-5.26.1 heap_buffer_overflow READ of size 8
Message ID:
rt-4.0.24-20864-1517290177-1140.132640-15-0@perl.org
On Wed, 17 Jan 2018 16:24:03 -0800, tonyc wrote:
> On Mon, 08 Jan 2018 16:41:35 -0800, hv wrote:
> > This appears similar to rt131836, but is not fixed by its fix. It
> > reduces at least to:
> >   ./miniperl -e 's//${sub{b{]]]{}#$/ sub{}'
> > with the same stack trace.
> >
> > I'll come back to this after completing triage on the current batch
> > of
> > new tickets if nobody else gets to it, but I anticipate it'll need
> > more knowledge of the lex/parse phase than I can bring to bear.
> 
> This looks like another case of #125351 and other similar sublex
> recovery issues.

And so it is.

Since it requires feedng code to the interpreter it isn't a security issue, so it's now public.

Since it duplicates #125351 I'm merging it into that ticket.

Tony

---
via perlbug:  queue: perl5 status: open
https://rt.perl.org/Ticket/Display.html?id=132640



nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About