Re: Java and buffer overflows

From: Loki (loki_@softhome.net)
Date: 06/26/02


Date: Wed, 26 Jun 2002 20:13:51 +0200
From: Loki <loki_@softhome.net>
To: Rafael Anschau <rhanscha@terra.com.br>

On Tue, Jun 25, 2002 at 07:41:04PM -0300, Rafael Anschau wrote:
> I read in phrack that the perl interpreter will execute a progam if given a code
> like fopen("cat /etc/passwd|") (due to an internal parsing error of the character |)

it's a feature.

man perlfunc

--loki



Relevant Pages

  • Re: Difficulty with Brad Rodriguez screenful
    ... With your language feature, you have to treat every original return ... which you cannot prove for words that call EXECUTE or DEFERred ... This is not a language feature I ... most of the benefits of an analytic inlining compiler, ...
    (comp.lang.forth)
  • Re: why no temp functions?
    ... My guess is that the feature was introduced in the 6.x days to support ODBC's Prepare and Execute ... There was also a setting in the ODBC config to turn off this behavior. ... Tibor Karaszi, SQL Server MVP ...
    (microsoft.public.sqlserver.server)
  • Re: fwd: Intresting case of SQL Injection
    ... > The application was developed under PHP 4.2.1, Apache and MSSQL. ... > execute our code: ... When I first heard about this "feature" I thought someone went crazy. ...
    (perl.dbi.users)
  • Re: Executing a line of code defined in a string
    ... dbaseIII, FoxPro etc. had what is called macro substitution, and in fact ... could execute commands contained inside of a string. ... as to how useful this "macro" substitution feature is. ...
    (microsoft.public.access.formscoding)
  • Re: Anquet v06
    ... > The truncated text is probably a Windows 'feature' it is usualy caused ... assume the progam will be OK if you used 100%? ... support desk and ask why it does not work properly. ...
    (uk.rec.walking)