in reply to Re: Attack on Perl or Perl's need better PR (again)
in thread Attack on Perl or Perl's need better PR (again)

I've seen the details, and I'm angry with the reporting. The problem is not Perl. The problem is undereducated Perl Programmers.

Sorry you are wrong.

Perl very definately has buffer overrun issues in printf. This is very clear from the p5p activitiy on this subject. While there is no doubt that the original problem is due to not properly vetting printf format strings the fact is that such behaviour also coincides with bugs in Perl that make the problem much much worse. The following are some of the examples from the p5p thread on the subject. 

D:\dev\PM>perl -e"printf'%9999999999s' 
(coredump)
D:\dev\PM>perl -w -le "print sprintf 'xxx%n'; print undef"
xxx
3

[download]

Having said this you can expect this issue to be closed in 5.8.8

---
$world=~s/war/peace/g

Replies are listed 'Best First'.
Re^3: Attack on Perl or Perl's need better PR (again)
by tirwhan (Abbot) on Dec 01, 2005 at 09:16 UTC

    Seconded. This advisory seems to have the most technical meat on the subject (also posted to the dailydave mailing list this morning). There is a buffer overrun but the only way to exploit is via a format string vulnerability. So this is news regarding a flaw in perl and not just a vulnerability discovered in webmin.


    Debugging is twice as hard as writing the code in the first place. Therefore, if you write the code as cleverly as possible, you are, by definition, not smart enough to debug it. -- Brian W. Kernighan
[reply]

In Section Meditations