Bug#825378: perl: freeze on parsing (broken) code

Yuriy M. Kaminskiy yumkam at gmail.com
Thu May 26 13:22:45 UTC 2016 

Package: perl
Version: 5.20.2-3+deb8u4
Severity: normal
Tags: jessie

Dear Maintainer,

I've made typo in code, and found that it freezes perl on attempt to parse:
             perl -ce 's{foo}{$h->X({->aaa=>"b"},$d)}ge'
( it was meant to be 's{foo}{$h->X({-aaa=>"b"},$d)}ge' )

gdb backtrace (manually interrupted with ^C):
Program received signal SIGINT, Interrupt.
0x0806c60a in Perl_rpeep (my_perl=0x8215008, o=0x8238074) at op.c:11333
11333	op.c: No such file or directory.
(gdb) bt
#0  0x0806c60a in Perl_rpeep (my_perl=0x8215008, o=0x8238074) at op.c:11333
#1  0x08073509 in Perl_pmruntime (my_perl=0x8215008, o=0x82380f4, 
expr=0x8238474, isreg=true, floor=0) at op.c:4903
#2  0x080a3ae8 in Perl_yyparse (my_perl=0x8215008, gramtype=1536)
     at perly.y:1385
#3  0x0807e836 in S_parse_body (xsinit=<optimized out>, env=<optimized 
out>,     my_perl=<optimized out>) at perl.c:2298
#4  perl_parse (my_perl=0x8215008, xsinit=0x805ef80 <xs_init>, 
argc=136400904,     argv=0x8215008, env=0x0) at perl.c:1607
#5  0x0805ede8 in main (argc=3, argv=0xffffd674, env=0xffffd684)
     at perlmain.c:112

(Theoretically, this can be called "potential DoS on parsing untrusted 
code", but I'm pretty sure parsing untrusted perl code is not safe anyway).

It seems only jessie version affected, perl binaries extracted from 
perl-base packages from wheezy and squeeze seems correctly report error:
$ ./perl5.22.2 -ce 's{foo}{$h->X({->aaa=>"b"},$d)}ge'
syntax error at -e line 1, near "{->aaa"
syntax error at -e line 1, near ")}"
-e had compilation errors.

It seems no changes in 5.20.2-3+deb8u5 (from jessie-proposed-updates) 
(also freezes).

-- System Information:
Debian Release: 8.4
   APT prefers stable-updates
   APT policy: (500, 'stable-updates'), (500, 'stable'), (100, 
'proposed-updates')
Architecture: i386 (x86_64)
Foreign Architectures: amd64

Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=ru_RU.KOI8-R, LC_CTYPE=ru_RU.KOI8-R (charmap=KOI8-R)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages perl depends on:
ii  dpkg          1.17.26
ii  libbz2-1.0    1.0.6-7+b3
ii  libc6         2.19-18+deb8u4
ii  libdb5.3      5.3.28-9
ii  libgdbm3      1.8.3-13.1
ii  perl-base     5.20.2-3+deb8u4
ii  perl-modules  5.20.2-3+deb8u4
ii  zlib1g        1:1.2.8.dfsg-2+b1

Versions of packages perl recommends:
ii  netbase  5.3
ii  rename   0.20-3

Versions of packages perl suggests:
ii  libterm-readline-gnu-perl   1.24-2+b1
ii  libterm-readline-perl-perl  1.0303-1
ii  make                        4.0-8.1
ii  perl-doc                    5.20.2-3+deb8u4

-- no debconf information

More information about the Perl-maintainers mailing list