>During some work, I noticed GNU bash could be crashed by sending a >malformed perl request to the terminal. > > example: `perl -e 'print "*/*" x 3500'` > <bash crashes> It's a stack overflow, due to glob_filename (in glob.c) recursively calling itself while parsing the filename. So probably not exploitable. - Blazde
This archive was generated by hypermail 2b30 : Fri Feb 14 2003 - 08:35:49 PST