[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] Medium severity flaw with Perl 5
From: Eitan Adler <lists () eitanadler ! com>
Date: 2012-10-27 19:08:00
Message-ID: CAF6rxgkssC8Bt6jWGcLF0OSa=L9g4ogkDRMeVnDr4xivWnhRJQ () mail ! gmail ! com
[Download RAW message or body]
On 26 October 2012 04:48, Tim Brown <timb@nth-dimension.org.uk> wrote:
> I recently discovered that Perl 5 interpreter is vulnerable to memory
> corruption when large values are supplied to the x operator.
>
> After discussions with the vendor, CVE-2012-5195 was assigned to this
> vulnerability.
>
> I know Red Hat and Debian have picked it up, but I'm not sure about other
> vendors.
On FreeBSD
on amd64: typedef __uint64_t __size_t;
on i386 I believe __size_t is __unit32_t;
Since memset takes a size_t (typedefed of __size_t) a negative number
would either be optimized out or turned into a large positive number.
As such there is no negative offset or negative jump.
and such we are not vulnerable.
Is this correct or am I missing something?
--
Eitan Adler
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic