Vulnerability Development mailing list archives

Re: possible stack flow in bash

From: FBO <fbo2 () gmx net>
Date: Sat, 29 Jun 2002 07:39:26 +0200

On Fri, Jun 28, 2002 at 04:03:27PM +0000, Junior wrote:

hi.

Hi,

Stack in bash stows observing possible.

Step 1 - bash-2.05a# ls "!x123456"
...exitexitexitexitexitexitexitexitexitexitexitexitexitexitexitexitexitexitexite
xitexitexitexitexitexitexitexitexitexitexitexitexitexitexitexitexitexitexitexite
xitexitexitexitexitexitexitexitexitexit"
bash: /bin/ls: Argument list too long

Step 2 - bash-2.05a# ls "!x123456"
...!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
bash: xrealloc: cannot reallocate 134322944 bytes (0 bytes allocated)


I'm lazy so I didn't type 123456 "!"s manually :-) :

bash-2.05a$ ls `perl -e 'print "!" x 123456'`
...
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!": Der Dateiname ist zu lang

It seems that I can run this line as often as a want - without being able
to reproduce your results.

FBO

Current thread:

possible stack flow in bash Junior (Jun 28)
- Re: possible stack flow in bash FBO (Jun 29)
- Re: possible stack flow in bash Sebastian Jaenicke (Jun 29)
- Re: possible stack flow in bash strange (Jun 29)