[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: Re: Stack overflow in lsys_load (lua/loadlib.c:134)
- From: Roberto Ierusalimschy <roberto@...>
- Date: Mon, 7 Sep 2020 18:23:36 -0300
> > > Stack overflow in lsys_load (lua/loadlib.c:134)
> > >
> > > [...]
>
> Python 3 has the same issue (which reinforces the blame on dlopen):
>
> $ python3
> Python 3.6.9 (default, Jul 17 2020, 12:50:27)
> [GCC 8.4.0] on linux
> Type "help", "copyright", "credits" or "license" for more information.
> >>> from ctypes import *
> >>> x = 'a' * 10000000
> >>> cdll.LoadLibrary(x)
> Segmentation fault (core dumped)
Perl also has the same issue:
$ perl -de1
Loading DB routines from perl5db.pl version 1.51
[...]
DB<1> require DynaLoader;
DB<2> print(&DynaLoader::dl_load_file("a" x 100000000, 1));
Segmentation fault (core dumped)
Again, the segfault happens inside open_path, which uses 'alloca' to
get a temporary buffer to manipulate the 'file' parameter.
Note that, in all cases, the given parameter is not intended to be a
pathname, because it does not contain a slash.
-- Roberto