[MBT] new ticket for pkg flex "Flex seg faults on very long lines"
bugs at pld.org.pl
bugs at pld.org.pl
Sat Sep 7 12:41:25 CEST 2002
Date: 2002-09-07 12:41:24+02 Author: Krzysiek Taraszka (dzimi) <dzimi at pld.org.pl>
Title: Flex seg faults on very long lines
Ticket ID: #321
Ticket URL: http://bugs.pld.org.pl/?bug=321
Package: flex-2.5.4a-16
Distribution: PLD-Ra.main PLD-1.0.devel.main
Category: security problem
Current state: opened
Text:
---> flextest.lex <---
BOGUS aaa[insert 3000 more a's here]aaa
%%
a { /* example */ }
---> end <---
causes a segfault:
$ flex flextest.lex
Segmentation fault
This could be a potential security issue, since nmdef is an automatic
variable defined inside a function, and hence lands up on the stack.
More information about the pld-bugs
mailing list