Full Disclosure mailing list archives
Re: Format String Vulnerabilities in Perl Programs
From: "Michael J. Pomraning" <mjp () securepipe com>
Date: Sat, 3 Dec 2005 20:49:47 -0600 (CST)
On Fri, 2 Dec 2005, Steven M. Christey wrote:
In particular, the sprintf() and printf() functions in Perl can be abused if an attacker can control the contents of the format string. Since similar functions are used in C, it is possible that these functions will be used more frequently by C programmers who are new to Perl.
<<SNIP>>
- for each programming language, identify and publicize all builtin or common library functions that use format strings.
For Perl projects, I'd also nominate syslog(), from the standard Sys::Syslog
module, for special attention. It's common in *NIX environments regardless
of programmers' backgrounds and is extremely likely to be called with
untrusted data interpolated directly in the format string argument --
syslog("info", "A user said $user_input"), for example.
Regards,
Mike
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Format String Vulnerabilities in Perl Programs Steven M. Christey (Dec 02)
- Re: Format String Vulnerabilities in Perl Programs Michael J. Pomraning (Dec 03)
- Re: Re: Format String Vulnerabilities in Perl Programs Stan Bubrouski (Dec 03)
- Re: Re: Format String Vulnerabilities in Perl Programs Steven M. Christey (Dec 04)
- Re: Re: Format String Vulnerabilities in Perl Programs Stan Bubrouski (Dec 03)
- Re: Format String Vulnerabilities in Perl Programs Chris Umphress (Dec 03)
- Re: Format String Vulnerabilities in Perl Programs Steven M. Christey (Dec 04)
- Re: Format String Vulnerabilities in Perl Programs Michael J. Pomraning (Dec 03)