Re: xmalloc buffer overflow?

[Gwendolynn ferch Elydyr <gwen () reptiles org>]

Hrm. Under solaris8/intel, it takes a while, but eventually fails out
with some modicum of grace. It also doesn't slow the system to any notable
extent.

$ uname -a
SunOS <foo> 5.8 Generic_108529-04 i86pc i386 i86pc
$ date; vi `perl -e 'print "." x 90000000'`; date
Fri Nov  9 18:36:09 GMT 2001
/usr/bin/vi: arg list too long
Fri Nov  9 18:38:05 GMT 2001

cheers!

On Thu, 8 Nov 2001 dotslash () snosoft com wrote:
> Heh by the way don't try this on OSX... it gets reeeeeeeeal pissed. I
> tryed du `perl -e ... blah blah like below... OSX
> went to a crawl instantly. Had to take her down hard.
> -KF
>
> On Thursday, November 9, 2000, at 04:51 AM, Robert Freeman wrote:
>
> > Can anybody else verify these results? It doesn't matter what `perl -e
> > 'print "." x 90000000'` is appended to, I just chose vi (the vi buffer
> > overflow being my inspiration). Please use the exploit responsibly;
> > also if
> > it is redundant, I apologize.
> >
> >
> > # uname -a
> > Linux linux 2.4.4-4GB #1 Fri May 18 14:11:12 GMT 2001 i686 unknown  [I
> > know
> > about the clock...]
> > # id
> > uid=500(nobody) gid=100(users) groups=100(users)
> > # vi `perl -e 'print "." x 90000000'`
> > bash: xmalloc: cannot allocate 90000001 bytes (0 bytes allocated)
> > # id
> > uid=0(root) gid=0(root)
> > groups=0(root),1(bin),14(uucp),15(shadow),16(dialout),17(audio),65534
> > (nogrou
> > p)
> >
> >
> > Robert Freeman
> >
> > ----------------------------------------------------
> > Sign Up for NetZero Platinum Today
> > Only $9.95 per month!
> > http://my.netzero.net/s/signup?r=platinum&refcd=PT97

==========================================================================
"A cat spends her life conflicted between a deep, passionate and profound
desire for fish and an equally deep, passionate and profound desire to
avoid getting wet.  This is the defining metaphor of my life right now."