http://qa.mandrakesoft.com/show_bug.cgi?id=1683
------- Additional Comments From [EMAIL PROTECTED] 2003-31-08 06:04 ------- Bug still exists. To reproduce, create a shell script called script.sh with a single line inside: eval `perl -e 'print ":;" x 97500'` then run strace sh script.sh will give you the whole thing and at the end: brk(0) = 0x9e50000 brk(0x9e51000) = 0x9e51000 --- SIGSEGV (Segmentation fault) @ 0 (0) --- +++ killed by SIGSEGV +++ -- Configure bugmail: http://qa.mandrakesoft.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is. ------- Reminder: ------- assigned_to: [EMAIL PROTECTED] status: NEW creation_date: description: Hello, >From a discussion on [EMAIL PROTECTED] and on [EMAIL PROTECTED] bash SIGSEVs when you pass it some unreasonable values : in a bash shell just type $ eval `perl -e 'print ":;" x 97500'` it will make bash sigsev. I have no idea if it's exploitable. Nobody claimed it was, so far, on either list. Have a nice day, Fabrice.
