in reply to Re: Re: ActivateState crasher
in thread ActivePerl crasher

It doesn't (on this occasion) appear to be a CRT (C RunTime library) problem. Using 

#include <stdlib.h>

int main( int argc, char**argv ) {
    int rc = 0;
    printf( "Using '%s'\n as an argument to system()\n", argv[1] );
    rc = system( argv[1] );
    printf( "Command returned: %d\n", rc );
    return 0;
}

[download]

built with msc and calling it with an argument of 256 'A's gives: 

P:\test>system AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.....
Using 'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA...'
 as an argument to system()
'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA...AAA'
 is not recognized as an internal or external command, operable progra
+m or batch file.
Command returned: 1

[download]

Increasing the length to 300 'A's 

P:\test>system AAAAAAAAAAAAAAAAAAAAAAAAAAA
Using 'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA...AAA'
 as an argument to system()
The input line is too long.
Command returned: 1

[download]
Examine what is said, not who speaks.
"Efficiency is intelligent laziness." -David Dunham
"Think for yourself!" - Abigail

Replies are listed 'Best First'.
Re: Re: Re: Re: ActivateState crasher
by tilly (Archbishop) on May 18, 2004 at 05:34 UTC
    The behaviour has been different for people under very similar circumstances. It is also very possible that Microsoft has noticed the underlying security flaw and that different patchsets will result in different behaviour from the same exact code.

    My description of what it means to see the "illegal operation" error remains valid. The trick is whether it can be tickled just so as to get a working exploit. I never care to bet that it absolutely can't be done after that error shows up.

[reply]

In Section Meditations