[Full-disclosure] Re: Format String Vulnerabilities in Perl Programs



On Fri, 2 Dec 2005, Steven M. Christey wrote:

> In particular, the sprintf() and printf() functions in Perl can be
> abused if an attacker can control the contents of the format string.
> Since similar functions are used in C, it is possible that these
> functions will be used more frequently by C programmers who are new to
> Perl.
<<SNIP>>
> - for each programming language, identify and publicize all builtin
> or common library functions that use format strings.

For Perl projects, I'd also nominate syslog(), from the standard Sys::Syslog
module, for special attention. It's common in *NIX environments regardless
of programmers' backgrounds and is extremely likely to be called with
untrusted data interpolated directly in the format string argument --
syslog("info", "A user said $user_input"), for example.

Regards,
Mike
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



Relevant Pages

  • Re: Python or PHP?
    ... >> languages that took the opposite tack (i.e. - Perl and Common LISP) ... design philosphy of the language. ... I just had a glance on Python, ... Then why do most Perl programmers consider unless "! ...
    (comp.lang.python)
  • Re: Perldocs for Schwartzian transforms?
    ... >> accompanied by documentation ... standard perldocs doesn't mean I'm not interested in non-perldoc ... As for referencing the standard Perl documentation over other ... So good, in fact, that I encourage all Perl programmers ...
    (comp.lang.perl.misc)
  • Re: perls threads
    ... Though of course possible in Perl it is ... The idea that threads are always bad regardless of programming language or ... The main thing is that for a very long time programmers have had very ... expected to be deployed on very powered machines, ...
    (perl.beginners)
  • Re: Python, Perl, Lua, Ruby -- anybody??
    ... everything-else have spoilt programmers into not even trying to ... removing write support for VFAT probably slimmed it ... I guess that's one argument for using Perl instead. ... Perl can byte compile (or compile with GCC via "perlcc" although ...
    (comp.os.msdos.djgpp)
  • Re: Unix commands
    ... might have a problem or two with installing some CPAN modules as well. ... Skilled programmers are able to see the ... Then their problem already starts with using Perl on Windows (for ... Most external tools have switches that enable / disable features. ...
    (comp.lang.perl.misc)