Vulnerability Development mailing list archives
Re: Bash Blues.
From: "Roland Postle" <mail () blazde co uk>
Date: Thu, 13 Feb 2003 17:34:36 +0000
During some work, I noticed GNU bash could be crashed by sending a
malformed perl request to the terminal.
example: `perl -e 'print "*/*" x 3500'`
<bash crashes>
It's a stack overflow, due to glob_filename (in glob.c) recursively calling itself while parsing the filename. So probably not exploitable. - Blazde
Current thread:
- Bash Blues. uk2sec (Feb 13)
- Re: Bash Blues. Andrew Walkingshaw (Feb 13)
- Re: Bash Blues. Kurt Seifried (Feb 14)
- Re: Bash Blues. Dack (Feb 14)
- Re: Bash Blues. Roland Postle (Feb 14)
- glibc glob_filename() recurse call stack overflow (Re[2]: Bash Blues) 3APA3A (Feb 15)
- Re: glibc glob_filename() recurse call stack overflow (Re[2]: Bash Blues) Vladamir Shmirnov (Feb 15)
- Re: glibc glob_filename() recurse call stack overflow (Re[2]: Bash Blues) Roland Postle (Feb 16)
- Re: glibc glob_filename() recurse call stack overflow (Re[2]: Bash Blues) spacewalker (Feb 16)
- glibc glob_filename() recurse call stack overflow (Re[2]: Bash Blues) 3APA3A (Feb 15)
- Re: Bash Blues. Andrew Walkingshaw (Feb 13)
- Re: Bash Blues. TerraTrans Security (Feb 14)
- A different bash blues admin (Feb 15)
- RE: A different bash blues Adam Gilmore (Feb 16)
- A different bash blues admin (Feb 15)
- RE: Bash Blues. Adam Gilmore (Feb 14)
- Re: Bash Blues. Peter Pentchev (Feb 14)