Possibly Bash explot

[Nikolay Kolev]

Basically, after doing a bunch of unset -f, I can crash Bash, version GNU bash, version 4.3.42(1)-release (x86_64-apple-darwin15.0.0), which could possibly be an attack vector. Here's the info from /var/log/system.log

Apr 21 15:45:00 NikolayKolev-mac iTerm2[87962]: ReceiveMessageAndFileDescriptor

Apr 21 15:45:00 NikolayKolev-mac iTerm2[87962]: calling recvmsg...

Apr 21 15:45:00 NikolayKolev-mac iTerm2-Server[87965]: Installing SIGHUP handler.

Apr 21 15:45:00 NikolayKolev-mac iTerm2-Server[87965]: Installing SIGCHLD handler.

Apr 21 15:45:00 NikolayKolev-mac iTerm2-Server[87965]: Unblocking SIGCHLD.

Apr 21 15:45:00 NikolayKolev-mac iTerm2-Server[87965]: Sending file descriptor and waiting on initial connection

Apr 21 15:45:00 NikolayKolev-mac iTerm2-Server[87965]: send master fd and child pid 87966

Apr 21 15:45:00 NikolayKolev-mac iTerm2-Server[87965]: All done. Waiting for client to disconnect or child to die.

Apr 21 15:45:00 NikolayKolev-mac iTerm2-Server[87965]: Calling select...

Apr 21 15:45:00 NikolayKolev-mac iTerm2[87962]: recvmsg returned 4, errno=n/a

Apr 21 15:45:00 NikolayKolev-mac iTerm2[87962]: recvmsg returned 4

Apr 21 15:45:00 NikolayKolev-mac iTerm2[87962]: Got a fd

Apr 21 15:45:00 NikolayKolev-mac iTerm2[87962]: Return 4

Apr 21 15:45:00 NikolayKolev-mac login[87966]: USER_PROCESS: 87966 ttys000

Apr 21 15:45:07 NikolayKolev-mac -bash[87967]: -bash(87967,0x7fff79c34000) malloc: *** error for object 0x7: pointer being freed was not allocated

*** set a breakpoint in malloc_error_break to debug

Apr 21 15:45:07 NikolayKolev-mac diagnosticd[71728]: error evaluating process info - pid: 87967, punique: 187665

Apr 21 15:45:07 NikolayKolev-mac login[87966]: DEAD_PROCESS: 87966 ttys000

Apr 21 15:45:07 NikolayKolev-mac iTerm2-Server[87965]: select returned -1, error = Interrupted system call

Apr 21 15:45:07 NikolayKolev-mac iTerm2-Server[87965]: Calling select...

Apr 21 15:45:07 NikolayKolev-mac iTerm2-Server[87965]: select returned 1, error = Interrupted system call

Apr 21 15:45:07 NikolayKolev-mac iTerm2-Server[87965]: select returned. child dead=2, connection closed=0

Apr 21 15:45:07 NikolayKolev-mac iTerm2-Server[87965]: Connection closed.

Apr 21 15:45:07 NikolayKolev-mac iTerm2-Server[87965]: Unlink /var/tmp/iTerm2.socket.87965

Apr 21 15:45:07 NikolayKolev-mac iTerm2[87962]: File descriptor server exited with status 0

Apr 21 15:45:07 NikolayKolev-mac ReportCrash[87670]: Saved crash report for bash[87967] version 0 to /Users/NikolayKolev/Library/Logs/DiagnosticReports/bash_2016-04-21-154507_NikolayKolev-mac.crash