My Perl brain never dies. I was looking at the perl code used to break a misconfigured sudo installation at https://thehackernews.com/2020/02/sudo-linux-vulnerability.html

The code being 

perl -e 'print(("A"x  100 . "\x{00}") x 50)' | sudo  -S id

[download]
So, in the interest of all good programmers everywhere, what would be the best defense against a buffer overflow, as shown above? How would one most efficiently and effectively take login information so the c libraries below, or Perl itself, are not locked up? If you were taking that sudo input pipe with perl code, how would you stop a code lockup with Perl as an input filter?

I would write the code myself, but remember, laziness is a virtue, :-)

BTW I still see Perl as the best tool for bizarre code magic, and I've yet to really see it fail me when using it, whearas Python mixups between 2.7 and 3.5 ,pip, pip3, WTK******??????? x 50 just is off the wall crazy. Nothing works as good as CPAN. And remember, Perl comes with Perl/Tk and Perl/GTK2 which have much smaller footprints and libraries loaded that the other bloatware graphics coding schemes. :-) All the libraries come standard in most distros, same libs firefox uses.

.... in the immortal words of Winston Churchill, KBO.... I'm still alive in my cave...

I'm not really a human, but I play one on earth. ..... an animated JAPH

In reply to Greetings and salutations | sudo by zentara

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.