From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-1.1 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,FREEMAIL_FROM,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham autolearn_force=no version=3.4.2 Received: from primenet.com.au (ns1.primenet.com.au [203.24.36.2]) by inbox.vuxu.org (OpenSMTPD) with ESMTP id f19a8489 for ; Mon, 13 May 2019 22:37:03 +0000 (UTC) Received: (qmail 24224 invoked by alias); 13 May 2019 22:36:50 -0000 Mailing-List: contact zsh-workers-help@zsh.org; run by ezmlm Precedence: bulk X-No-Archive: yes List-Id: Zsh Workers List List-Post: List-Help: List-Unsubscribe: X-Seq: 44293 Received: (qmail 4015 invoked by uid 1010); 13 May 2019 22:36:50 -0000 X-Qmail-Scanner-Diagnostics: from park01.gkg.net by f.primenet.com.au (envelope-from , uid 7791) with qmail-scanner-2.11 (clamdscan: 0.101.2/25447. spamassassin: 3.4.2. Clear:RC:0(205.235.26.22):SA:0(-1.9/5.0):. Processed in 0.83057 secs); 13 May 2019 22:36:50 -0000 X-Envelope-From: SRS0=vIyL=TN=yahoo.co.uk=okiddle@bounces.park01.gkg.net X-Qmail-Scanner-Mime-Attachments: | X-Qmail-Scanner-Zip-Files: | Received-SPF: pass (ns1.primenet.com.au: SPF record at bounces.park01.gkg.net designates 205.235.26.22 as permitted sender) X-Virus-Scanned: by amavisd-new at gkg.net Authentication-Results: amavisd4.gkg.net (amavisd-new); dkim=pass (2048-bit key) header.d=yahoo.co.uk X-Greylist: domain auto-whitelisted by SQLgrey-1.8.0 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.co.uk; s=s2048; t=1557786970; bh=GUiMDqp+mas1EHpXMli2+hd9I033jM7niqBdn0DDr/A=; h=From:References:To:Subject:Date:From:Subject; b=DveucDNh3phoec6yW8gP7q/M9PnsMHf3ZBTCYjXuI/ycEzV5GeF+xY6bkydl68BF0AbpPnjqapocCL6DpF/qUHfTtW2yc1JQ51mMks7pXBw1bsZ4cPayAC6/ZQTwFgtXPYiE558xANnfHq75b3FU8sIt78qNQOC5E+YPLWpZWtx6b7WO4LGYK5wHpyCZZb7ewJ5o8ed3QMPtBSy/JpSjIeOQxhe9H4+GzCKf5AEFQublSG2Nao/8npdphet8PjwsS39OdT8tOQa1xLTNf7sxeblaMPPLWh9ofjjw306tPODIfgWGKx4rwFLdi2BssqRQeT48bGdnWnHkXSYLQZ8UWA== X-YMail-OSG: RuYslWQVM1kWO8wJfeM3JB.FSXST5iv3W33ruiHtrG3pCcmBe1rfZjfwexz.Rcg ihs6ibwQouZASBPzVOOvIxd_prE48KyiyQ2CwwcMN_oamWx83Ev7Q_GytCyt5zijCWDe101uR82N hLiPJB8Pb_q1_Ga5kyFN2RETvwBO05tRHReEcCOLVSz9ZteUXw3jlrxjchN1s8hVoprv1kYMEdQt zZW8sGTzWgh13HEtDpW2IFQo4p6ordiiI06tamZ58NvKtCkQQdjwTXltdjuS5bhlm3Z3qU7TQLYh PL.1WfcYofgpK_FpFYBhy7OHEf87ziAh5C3KJ2xZ7zYz_p0JHYhV25tNAqt4h9jOOE0YZ2ubnuS4 irbddASUoMl0zFyxCYbBM3Slreu4VcCaiiAQjEVnpbsSQ9MaAWeu76.2ZKPRKnn.W_O0AV8xZbQi w9NpP7bXCl6QdEOQw9wQ8JMgslW6UEzP3zjg.qtdpfzY5GBdlTSrLcx93d.cVJEIWsBtfPHqSFTt bO9i_DlyeRmYom3ye3F.6NSPvczH.l1jEEKJP01leL_CA5y06sCSboWjPxNW8W7eaZg8in.sUqPW His2Xu84wg0yAm3VqniQDbQIYw4GtZEotSW_exjssiBmfJu8L7rdwhR5dPb.xP37gqb_r9Yjxt4B NbujpcDNMp6CmK0nZC9G1VMWHPNGE7cK20zbUj5K4tphTBJ81ySCXo73YQiRRNkgmD9atdvBgZL6 .TUB8CE4MXHR04_c3SNd9kuc3_QZK1wO1uQI8q4EUSQRBhRNPFuCq5zb94b9iqk68PXxqnsb41xh VxGvYQ54TA6Bd3MdyPM5M7sy3wdWW1Xrne24vdun6lH_ttdeA_bGScQG21cxan.sf5nk3F5ngU0k usriUib1vyMtB1jXPCeDBpUypoLjxeRaFECyXx3NTUQnttoKIoVaNCM9By5f223kuLXta_llyEeq VqsvTteRTYOeRpW3pRM0BMx8GgcpVLuglvw0lHegSj9ZcytWLqPJnMcKWVeO9m84FOBSfuf0XitC 5bNsLd.SOMFsYVHWGwerJ7HFFbtZ4cZVzyYY6F_UNCPJKnmLA9RT1kVK_R8vOwX4LiaKl80gfgqu FyzDx7vb5LziPGxqthExYLZh4Pnc2SUeCUeFlpWg- In-reply-to: From: Oliver Kiddle References: To: "zsh-workers@zsh.org" Subject: #3 typeset and braces (Re: Zsh - Multiple DoS Vulnerabilities) MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <10141.1557786965.1@hydra> Date: Tue, 14 May 2019 00:36:05 +0200 Message-ID: <10142-1557786965.820774@PTYq.v5pM.vFPY> On 10 May, Bart wrote: > > #3 Invalid read from *dupstring *in *string.c* > > POC folder: *03_dupstring_(string.c_39)* > > This gives exactly the same errors as #2, and then exits with > > [long ugly filename]:87: parse error near `}' I've cut this one down to just: typeset Q= {X} That reliably seg faults for me. But that's about as far as I've been able to get - I'm not especially familiar with zsh's parsing code. Oliver