On 9/23/22 3:24 PM, srobert...@peratonlabs.com wrote:
Bash Version: 5.1
Patch Level: 8
Release Status: release
Description:
Repeatable buffer overflow core-dump in bash's readline
due to rl_forced_update_display trying to zeroize a
string that is not NUL terminated.
On Tue, Apr 12, 2022 at 02:45:15PM -0400, Sergio Fuentes wrote:
> Please, run the following 3 commands to reproduce the bug:
>
> echo '. ./poc.sh' > poc.sh
> chmod +x poc.sh
> bash -c './poc.sh'
You're performing an infinite recursion. Eventually, you'll overflow
the stack, and bash will crash.
On Tue, Apr 12, 2022, 3:18 PM Sergio Fuentes <
fuentes.sergio.nov2...@gmail.com> wrote:
> Hello,
>
> Please, run the following 3 commands to reproduce the bug:
>
> echo '. ./poc.sh' > poc.sh
> chmod +x poc.sh
> bash -c './poc.sh'
>
> The backtrace from gdb:
> gdb /bin/bash core
> ...
> Program ter
On 4/12/22 2:45 PM, Sergio Fuentes wrote:
> Hello,
>
> Please, run the following 3 commands to reproduce the bug:
>
> echo '. ./poc.sh' > poc.sh
> chmod +x poc.sh
> bash -c './poc.sh'
You've created infinite recursion using `.' and run yourself out of stack
space. This isn't a bug.
You can set
> Description:
> Log files are showing an increased level of buffer overflows from common
> CLI usage and scripts that previously did not result in excessive overflows
> being passed.
Can you show us a sample of these log files? Also the scripts that are causing
the issue.
On 1/3/15 6:50 PM, Smokey Mtn Digital Hams wrote:
> Bash Version: 4.3
> Patch Level: 11
> Release Status: release
>
> Description:
> Log files are showing an increased level of buffer overflows from common
> CLI usage and scripts that previously did not result in excessive overflows
> being passe
Ben Okopnik writes:
> ./borked1: line 6: n/core-default.xml: expression recursion level exceeded
> (error token is "n/core-default.xml")
${foo[n/core-default.xml]} tries to expand n first, which yields
n/core-default.xml, rinse and repeat.
> ./borked2: line 6: on/core-default.xml: division by 0
