From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham autolearn_force=no version=3.4.2 Received: from primenet.com.au (ns1.primenet.com.au [203.24.36.2]) by inbox.vuxu.org (OpenSMTPD) with ESMTP id 5ae55c11 for ; Tue, 14 May 2019 05:39:46 +0000 (UTC) Received: (qmail 2507 invoked by alias); 14 May 2019 05:39:31 -0000 Mailing-List: contact zsh-workers-help@zsh.org; run by ezmlm Precedence: bulk X-No-Archive: yes List-Id: Zsh Workers List List-Post: List-Help: List-Unsubscribe: X-Seq: 44295 Received: (qmail 6365 invoked by uid 1010); 14 May 2019 05:39:31 -0000 X-Qmail-Scanner-Diagnostics: from mail-lf1-f45.google.com by f.primenet.com.au (envelope-from , uid 7791) with qmail-scanner-2.11 (clamdscan: 0.101.2/25447. spamassassin: 3.4.2. Clear:RC:0(209.85.167.45):SA:0(-1.9/5.0):. Processed in 1.667875 secs); 14 May 2019 05:39:31 -0000 X-Envelope-From: schaefer@brasslantern.com X-Qmail-Scanner-Mime-Attachments: | X-Qmail-Scanner-Zip-Files: | Received-SPF: pass (ns1.primenet.com.au: SPF record at _netblocks.google.com designates 209.85.167.45 as permitted sender) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=brasslantern-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=RE+Z1klA4mxvWk4vsPWYlknuBe01UAaa03se3eikX1A=; b=GJqZ5XRjYaYc9kujod5Bpfj/5ZkfdebhaD1TslhS6XiPemq+WdV09e3U0xE2sflTSX HPivKB4D7ESLzAfw1ArPp29rktgpQhP2KUCP5qlOVZqEQkvLX2leMUIAsGO9mdg7K34x zGs1YX2op0JBNcclb5lvzuyEiuJVQy/fXvQxUw3sD7u9JoxYGtg5ve0Nv7wRYEbRLBM5 DOuDP8DDiPxAfhFnewfo5Xn5WmFBvdQ08QJb+ZwZlCcS2+iTuuRCObIfLY6Lp6u+qsxd N8t2/9rFWhjXeCibbunoSrTjF0OLzieeoVpVv3q5h/N0n88n+l3Ss1TXHqAcWWCSZUfJ N5Mw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=RE+Z1klA4mxvWk4vsPWYlknuBe01UAaa03se3eikX1A=; b=uKwqUmxwKiEY6mZbOUthkT7NFZTqInrNg7iFbYNBA3gP84ipIBo3IyPZZM06mP+1JK /dr7Sl6FhloJaek7Xzq5NrL8y35d9Vaw4DCFb/Lom7rMKhktjNJFhcnmqLbrRr1JZhSG Bj2YC0Asj9Xyn04nC64Ay9/0ZU4+InljpTEy0SdvRy36YCjr2cb4AKBzLwEorvewNiu6 NKvO1Ix3EDd/qeFaqi89m7hOTi8onolkDTpAPsJaMa7cFJlizwvqqiu1XE89CFYq4ewZ V4295xewzF5sSjxE3aS/pQ0aW5+VcVMAHsyIGkOY6xcPUklv8eSiBLwhFPCY6wS+UOap CL8A== X-Gm-Message-State: APjAAAXO/X0mu2WFslD/ZXqT6hTljOkk1P8+PXppAIFFOFSJh027J4s1 ujDVKxY6B6tlXHEZmdPqlzpw9wkHwH6ZxWLSPfPqdQ== X-Google-Smtp-Source: APXvYqzwyXYjL5qVbETsm1/DlB3bEj11aC9o64N9GwpI291ZBj/tQnFctyKRN4WCQUYk35Nk8L6cVSSiJbTRWLsRPT4= X-Received: by 2002:a19:c7c3:: with SMTP id x186mr16822041lff.107.1557812334583; Mon, 13 May 2019 22:38:54 -0700 (PDT) MIME-Version: 1.0 References: <10142-1557786965.820774@PTYq.v5pM.vFPY> In-Reply-To: From: Bart Schaefer Date: Mon, 13 May 2019 22:38:42 -0700 Message-ID: Subject: Re: #3 typeset and braces (Re: Zsh - Multiple DoS Vulnerabilities) To: Mikael Magnusson Cc: Oliver Kiddle , "zsh-workers@zsh.org" Content-Type: text/plain; charset="UTF-8" On Mon, May 13, 2019 at 5:13 PM Mikael Magnusson wrote: > > On 5/14/19, Oliver Kiddle wrote: > > On 10 May, Bart wrote: > >> > #3 Invalid read from *dupstring *in *string.c* > >> > POC folder: *03_dupstring_(string.c_39)* > > > > I've cut this one down to just: > > > > typeset Q= {X} > > Yeah it looks like some stuff is not exactly going right here, It's got something to do with handling it as a reserved word. BartMAC2014% disable -r typeset BartMAC2014% typeset Q= {X} typeset: not valid in this context: {X}