Date: Sat, 27 Oct 2012 15:08:00 -0400 From: Eitan Adler <lists@...anadler.com> To: oss-security@...ts.openwall.com Subject: Re: Medium severity flaw with Perl 5 On 26 October 2012 04:48, Tim Brown <timb@...-dimension.org.uk> wrote: > I recently discovered that Perl 5 interpreter is vulnerable to memory > corruption when large values are supplied to the x operator. > > After discussions with the vendor, CVE-2012-5195 was assigned to this > vulnerability. > > I know Red Hat and Debian have picked it up, but I'm not sure about other > vendors. On FreeBSD on amd64: typedef __uint64_t __size_t; on i386 I believe __size_t is __unit32_t; Since memset takes a size_t (typedefed of __size_t) a negative number would either be optimized out or turned into a large positive number. As such there is no negative offset or negative jump. and such we are not vulnerable. Is this correct or am I missing something? -- Eitan Adler
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.