Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

PERL-5.26.1 stack_overflow #16315

Closed
p5pRT opened this issue Dec 19, 2017 · 6 comments
Closed

PERL-5.26.1 stack_overflow #16315

p5pRT opened this issue Dec 19, 2017 · 6 comments

Comments

@p5pRT
Copy link

p5pRT commented Dec 19, 2017

Migrated from rt.perl.org#132605 (status was 'open')

Searchable as RT132605$
@p5pRT
Copy link
Author

p5pRT commented Dec 19, 2017

From [email protected]

=================================================================
==28064==ERROR​: AddressSanitizer​: stack-overflow on address 0x7ffd1f999f98
(pc 0x0000011a9b9c bp 0x7ffd1f99a200 sp 0x7ffd1f999f98 T0)
  #0 0x11a9b9b in S_reg
/home/asan_perl/Documents/perl-5.26.1/regcomp.c​:10574
  #1 0x137bb0d in S_regatom
/home/asan_perl/Documents/perl-5.26.1/regcomp.c​:12565
  #2 0x140a32f in S_regpiece
/home/asan_perl/Documents/perl-5.26.1/regcomp.c​:11669
  #3 0x140a32f in S_regbranch
/home/asan_perl/Documents/perl-5.26.1/regcomp.c​:11594
  #4 0x11ac400 in S_reg
/home/asan_perl/Documents/perl-5.26.1/regcomp.c​:11332
  #5 0x137bb0d in S_regatom
/home/asan_perl/Documents/perl-5.26.1/regcomp.c​:12565
  #6 0x140a32f in S_regpiece
/home/asan_perl/Documents/perl-5.26.1/regcomp.c​:11669
  #7 0x140a32f in S_regbranch
/home/asan_perl/Documents/perl-5.26.1/regcomp.c​:11594
  #8 0x11ac400 in S_reg
/home/asan_perl/Documents/perl-5.26.1/regcomp.c​:11332
  #9 0x137bb0d in S_regatom
/home/asan_perl/Documents/perl-5.26.1/regcomp.c​:12565
  #10 0x140a32f in S_regpiece
/home/asan_perl/Documents/perl-5.26.1/regcomp.c​:11669
  #11 0x140a32f in S_regbranch
/home/asan_perl/Documents/perl-5.26.1/regcomp.c​:11594
  #12 0x11ac400 in S_reg
/home/asan_perl/Documents/perl-5.26.1/regcomp.c​:11332

  #316 0x11ac400 in S_reg
/home/asan_perl/Documents/perl-5.26.1/regcomp.c​:11332
  #317 0x137bb0d in S_regatom
/home/asan_perl/Documents/perl-5.26.1/regcomp.c​:12565
  #318 0x140a32f in S_regpiece
/home/asan_perl/Documents/perl-5.26.1/regcomp.c​:11669
  #319 0x140a32f in S_regbranch
/home/asan_perl/Documents/perl-5.26.1/regcomp.c​:11594
  #320 0x11ac400 in S_reg
/home/asan_perl/Documents/perl-5.26.1/regcomp.c​:11332
  #321 0x137bb0d in S_regatom
/home/asan_perl/Documents/perl-5.26.1/regcomp.c​:12565
  #322 0x140a32f in S_regpiece
/home/asan_perl/Documents/perl-5.26.1/regcomp.c​:11669
  #323 0x140a32f in S_regbranch
/home/asan_perl/Documents/perl-5.26.1/regcomp.c​:11594
  #324 0x11ac400 in S_reg
/home/asan_perl/Documents/perl-5.26.1/regcomp.c​:11332
  #325 0x137bb0d in S_regatom
/home/asan_perl/Documents/perl-5.26.1/regcomp.c​:12565
  #326 0x140a32f in S_regpiece
/home/asan_perl/Documents/perl-5.26.1/regcomp.c​:11669
  #327 0x140a32f in S_regbranch
/home/asan_perl/Documents/perl-5.26.1/regcomp.c​:11594
  #328 0x11ac400 in S_reg
/home/asan_perl/Documents/perl-5.26.1/regcomp.c​:11332
  #329 0x137bb0d in S_regatom
/home/asan_perl/Documents/perl-5.26.1/regcomp.c​:12565
  #330 0x140a32f in S_regpiece
/home/asan_perl/Documents/perl-5.26.1/regcomp.c​:11669
  #331 0x140a32f in S_regbranch
/home/asan_perl/Documents/perl-5.26.1/regcomp.c​:11594
  #332 0x11ac400 in S_reg
/home/asan_perl/Documents/perl-5.26.1/regcomp.c​:11332
  #333 0x137bb0d in S_regatom
/home/asan_perl/Documents/perl-5.26.1/regcomp.c​:12565
  #334 0x140a32f in S_regpiece
/home/asan_perl/Documents/perl-5.26.1/regcomp.c​:11669
  #335 0x140a32f in S_regbranch
/home/asan_perl/Documents/perl-5.26.1/regcomp.c​:11594

SUMMARY​: AddressSanitizer​: stack-overflow
/home/asan_perl/Documents/perl-5.26.1/regcomp.c​:10574 S_reg
==28064==ABORTING

--
Regards,
SRAUMS

@p5pRT
Copy link
Author

p5pRT commented Dec 19, 2017

From [email protected]

0_0

@p5pRT
Copy link
Author

p5pRT commented Dec 19, 2017

From [email protected]

SRAUMS JN wrote​:

==28064==ERROR​: AddressSanitizer​: stack-overflow on address 0x7ffd1f999f98

Not exploitable​: overflowing the stack just causes segv.

-zefram

@p5pRT
Copy link
Author

p5pRT commented Dec 19, 2017

The RT System itself - Status changed from 'new' to 'open'

@p5pRT
Copy link
Author

p5pRT commented Jan 23, 2018

From @tonycoz

On Mon, 18 Dec 2017 22​:06​:02 -0800, zefram@​fysh.org wrote​:

SRAUMS JN wrote​:

==28064==ERROR​: AddressSanitizer​: stack-overflow on address 0x7ffd1f999f98

Not exploitable​: overflowing the stack just causes segv.

Moved to the public queue.

Tony

@khwilliamson
Copy link
Contributor

Fixed by
commit 6ef7fe5
Author: Karl Williamson [email protected]
Date: Sun Mar 17 22:11:04 2019 -0600

PATCH: [perl #131551] Too deep regex compilation recursion

This patch, started by Yves Orton, and refined in consultation with Tony
Cook, imposes a maximum depth of unclosed left parentheses, at which
point it croaks.  This is to prevent the segfault in the ticket.

The patch adds a variable that can be set to increase or decrease this
limit at run time (actually regex compilation time) should this be
desired, and hence our pre-determined limit of 1000 can be changed if
necessary.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@khwilliamson @p5pRT