Security of binary_to_term ?
Wed Jun 27 19:48:39 CEST 2001
Pascal Brisset <> writes:
> Well this is what security is about, isn't it ? :) Actually I stumbled
> on one of those pathological cases, and I was wondering whether it was
> just a bug or whether additional checks were required anyway.
> $ erl
> Erlang (BEAM) emulator version 18.104.22.168 [source]
> Eshell V22.214.171.124 (abort with ^G)
> 1> binary_to_term(<<131,111,255,0,0,0>>).
> zsh: 30198 segmentation fault ./bin/erl
This is bug. There ARE range checks in binary_to_term/1.
I don't know why there is crasch only on certain platform.
It doesn't crasch on Solaris/Sparc, but it crasches on Linux and FreeBSD.
I'll try to look into this problem next week.
Björn Gustavsson Ericsson Utvecklings AB
+46 8 727 56 87 125 25 Älvsjö
More information about the erlang-questions