[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Potential Denial of Service Vulnerability in embedded commands - Bas
|
From: |
Chet Ramey |
|
Subject: |
Re: Potential Denial of Service Vulnerability in embedded commands - Bash version 4.4.12(1) - Release |
|
Date: |
Tue, 7 Nov 2017 10:06:43 -0500 |
|
User-agent: |
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:52.0) Gecko/20100101 Thunderbird/52.4.0 |
On 11/7/17 9:56 AM, Alex Nichols wrote:
> Thank you for taking the time to respond to my email.
> I accept that this is likely not a security issue outside of being a social
> engineering attack, but the buggy behaviour that i'm curious about is that
> in each case the allocation should only have been of 2147483647 bytes in
> size (the size of the file i was using cat on). but instead, according to
> the error, bash had attempted to allocate far more memory than was required
> which is what caused the crash. for example the Kali example attempted to
> allocate 18446744071562067968 bytes or roughly 18446744071 GB of memory.
> Its also worth noting that the Kali example should have been able to have
> allocated more than enough memory to hold the 2GB file since it was able to
> allocate up to 4296613888 bytes of heap memory when it crashed.
That depends on the behavior of the memory allocator under Kali. Bash's
power-of-two malloc sometimes causes requests to correspondingly exceed
the requested size, but any allocator (or allocation strategy) will
eventually exceed the available memory.
--
``The lyf so short, the craft so long to lerne.'' - Chaucer
``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, UTech, CWRU chet@case.edu http://cnswww.cns.cwru.edu/~chet/