Vulnerability Development mailing list archives

RE: Buffer overflow in awk

From: "Kosh Naranek" <kosh () cloud s2engine com>
Date: Sun, 17 Mar 2002 06:07:50 +1000

On debian 2.2r3 unstable
squall:~# awk -f `perl -e 'print "A" x 1022'` 
awk: cannot open
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAA (File name too long)

Same for 8177 and 65535


-----Original Message-----
From: Charles-Edouard Ruault [mailto:cruault () 724 com] 
Sent: Saturday, 16 March 2002 03:06
To: Walter Jr.
Cc: vuln-dev () securityfocus com
Subject: Re: Buffer overflow in awk


same behaviour on GNU Awk 3.1.0, on redhat 7.2

Walter Jr. wrote:

So does conectiva  2.2.13-9cl , awk 3.0.3

From: "Max" <flux9 () 101freeway net>

I can reproduce this on Slackware 8.0, but it takes 8177 char's to 
segfault.

From: keoki [mailto:keoki () techie com]

A buffer overflow exist in awk(named awk on most
systems, but actualy is gawk/GNU awk) when calling

the -f option, to include an awk script, and supplying a
filename with a buffer length of 1022 and up. 
[root@neural keoki]# awk -f `perl -e 'print "A" x 1022'` 
awk: fatal error: internal error 
Abort (core dumped



-- 
Charles-Edouard Ruault

Current thread:

Re: Buffer overflow in awk, (continued)
- - - Re: Buffer overflow in awk Kurt Seifried (Mar 15)
    - Re: Buffer overflow in awk Pavel Kankovsky (Mar 17)
    - Re: Buffer overflow in awk Jeff Fields (Mar 19)
    - Re: Buffer overflow in awk Jirka Kosina (Mar 20)
    - Re: Buffer overflow in awk nilton . gs . sc (Mar 15)
    - Re: Buffer overflow in awk Rui Miguel Silva Seabra (Mar 15)
- RE: Buffer overflow in awk dong-h0un U (Mar 15)
- Re: Buffer overflow in awk zero (Mar 16)
  - Re: Buffer overflow in awk Crist J. Clark (Mar 17)
  - Re: Buffer overflow in awk Jose Nazario (Mar 18)
- RE: Buffer overflow in awk Kosh Naranek (Mar 17)
  - RE: Buffer overflow in awk Hani Mustafa (Mar 24)
    - Re: Buffer overflow in awk Elan Hasson (Mar 24)
    - Re: Buffer overflow in awk Tim Gerritsen (Mar 24)
    - Re: Buffer overflow in awk Replugge [ROD] (Mar 25)