On Thu, Feb 13, 2003 at 02:26:51PM +0000, uk2sec (at) oakey.no-ip (dot) com [email concealed] wrote:
> [ Moderator: Post Edited Accordingly ]
>
> uk2sec /bin/bash Advisory
>
> By sending a perl request on the GNU bash terminal we can cause a
> Segmentation Fault.
>
> Work done was based on:
> GNU bash, version 2.05a.0(1)-release (i686-pc-linux-gnu)
> (Redhat 7.3)
[snip]
> Background:
>
> During some work, I noticed GNU bash could be crashed by sending a
> malformed perl request to the terminal.
>
> example: `perl -e 'print "*/*" x 3500'`
> <bash crashes>

I cannot reproduce this in bash-2.05b.0(1)-release on FreeBSD 4.7-STABLE.
ISTR that some of the changes between 2.05a and 2.05b had something to
do with globbing, but it is not immediately obvious from the 2.05b
change log, unless this is part of the internal malloc() overhaul.

Can you test this with bash-2.05b?

G'luck,
Peter

--
Peter Pentchev roam (at) ringlet (dot) net [email concealed] roam (at) sbnd (dot) net [email concealed] roam (at) FreeBSD (dot) org [email concealed]
PGP key: http://people.FreeBSD.org/~roam/roam.key.asc
Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553
.siht ekil ti gnidaer eb d'uoy ,werbeH ni erew ecnetnes siht fI

[ reply ]