Date: Sat, 27 Oct 2012 15:08:00 -0400 From: Eitan Adler <lists@...anadler.com> To: oss-security@...ts.openwall.com Subject: Re: Medium severity flaw with Perl 5 On 26 October 2012 04:48, Tim Brown <timb@...-dimension.org.uk> wrote: > I recently discovered that Perl 5 interpreter is vulnerable to memory > corruption when large values are supplied to the x operator. > > After discussions with the vendor, CVE-2012-5195 was assigned to this > vulnerability. > > I know Red Hat and Debian have picked it up, but I'm not sure about other > vendors. On FreeBSD on amd64: typedef __uint64_t __size_t; on i386 I believe __size_t is __unit32_t; Since memset takes a size_t (typedefed of __size_t) a negative number would either be optimized out or turned into a large positive number. As such there is no negative offset or negative jump. and such we are not vulnerable. Is this correct or am I missing something? -- Eitan Adler
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ