[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Re: Format String Vulnerabilities in Perl Programs

To: "Steven M. Christey" <coley@xxxxxxxxx>
Subject: [Full-disclosure] Re: Format String Vulnerabilities in Perl Programs
From: "Michael J. Pomraning" <mjp@xxxxxxxxxxxxxx>
Date: Sat, 3 Dec 2005 20:49:47 -0600 (CST)

On Fri, 2 Dec 2005, Steven M. Christey wrote:

> In particular, the sprintf() and printf() functions in Perl can be
> abused if an attacker can control the contents of the format string.
> Since similar functions are used in C, it is possible that these
> functions will be used more frequently by C programmers who are new to
> Perl.
<<SNIP>> 
>  - for each programming language, identify and publicize all builtin
>    or common library functions that use format strings.

For Perl projects, I'd also nominate syslog(), from the standard Sys::Syslog
module, for special attention.  It's common in *NIX environments regardless
of programmers' backgrounds and is extremely likely to be called with
untrusted data interpolated directly in the format string argument --
syslog("info", "A user said $user_input"), for example.

Regards,
Mike
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] Re: Format String Vulnerabilities in Perl Programs
  - From: Stan Bubrouski

References:
- [Full-disclosure] Format String Vulnerabilities in Perl Programs
  - From: Steven M. Christey

Prev by Date: [Full-disclosure] have you ever been BluePIMped?
Next by Date: Re: [Full-disclosure] Re: Format String Vulnerabilities in Perl Programs
Previous by thread: [Full-disclosure] Format String Vulnerabilities in Perl Programs
Next by thread: Re: [Full-disclosure] Re: Format String Vulnerabilities in Perl Programs
Index(es):
- Date
- Thread