|
Oliver,
Quickly testing the below string at the command
line does crash perl.exe. I have ActivePerl 5.8.0 Build 805 install on a
Windows 2000 machine.
perl -e "$a="A" x 256; system($a)"
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Monday, May 17, 2004 4:24 PM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Buffer Overflow in ActivePerl ? hi folks,
i played around with ActiveState's ActivePerl for
Win32, and crashed
Perl.exe with the following command: perl -e "$a="A" x 256; system($a)"
I wonder if this bug isnt known?!? Because system()
is a very common
command.... Can anybody reproduce this? I put together a little advisory on my website,
including version
information and a debugger output (Drwatson): PS: Due to travel activity, i will not be able to respond to mails within the next 8 days! Regards,
Oliver
|
- Re: [Full-Disclosure] Off-Topic: IKEA ownz ... Adam
- RE: [Full-Disclosure] Off-Topic: IKEA o... Sean Crawford
- Re: [Full-Disclosure] Off-Topic: I... Vladimir Parkhaev
- RE: [Full-Disclosure] Off-Topic: I... Ron DuFresne
- Re: [Full-Disclosure] Off-Topic: IKEA o... Guido van Rooij
- Re: [Full-Disclosure] Off-Topic: IKEA ownz ... Nico Golde
- Re: [Full-Disclosure] Off-Topic: IKEA ownz Micr... Bart . Lansing
- Re: [Full-Disclosure] Off-Topic: IKEA ownz Micr... Georgi Guninski
- [Full-Disclosure] (no subject) Dinesh Kumar
- [Full-Disclosure] (no subject) Angelo Rosiello
- [Full-Disclosure] (no subject) steven.mcdonald
- [Full-Disclosure] (no subject) Bill Cerynik
- [Full-Disclosure] (no subject) raize
- [Full-Disclosure] (no subject) Robin Landis
- [Full-Disclosure] (no subject) Michael Simpson
- [Full-Disclosure] (no subject) adam
- Re: [Full-Disclosure] (no subject) J.A. Terranson
- Re: [Full-Disclosure] (no subject) VX Dude
- Re: [Full-Disclosure] (no subject) Will Image
- Re: [Full-Disclosure] (no subject) Glenn Hamblin
- [Full-Disclosure] outbind in MS outlook Stephen Taylor
