Security of binary_to_term ?
Bjorn Gustavsson
bjorn@REDACTED
Wed Jun 27 19:48:39 CEST 2001
Pascal Brisset <pascal.brisset@REDACTED> writes:
> Well this is what security is about, isn't it ? :) Actually I stumbled
> on one of those pathological cases, and I was wondering whether it was
> just a bug or whether additional checks were required anyway.
>
> $ erl
> Erlang (BEAM) emulator version 5.0.2.4 [source]
>
> Eshell V5.0.2.4 (abort with ^G)
> 1> binary_to_term(<<131,111,255,0,0,0>>).
> zsh: 30198 segmentation fault ./bin/erl
This is bug. There ARE range checks in binary_to_term/1.
I don't know why there is crasch only on certain platform.
It doesn't crasch on Solaris/Sparc, but it crasches on Linux and FreeBSD.
I'll try to look into this problem next week.
/Bjorn
--
Björn Gustavsson Ericsson Utvecklings AB
bjorn@REDACTED ÄT2/UAB/F/P
BOX 1505
+46 8 727 56 87 125 25 Älvsjö
More information about the erlang-questions
mailing list