Ruby interpreter crashes with invalid input
Last week I found a bug in ruby's parser, NULL pointer reference will happen when the following program is parsed:
Now it was fixed in CVS.
This is not a serious security problem. I tried to find if it will result in a remote DOS vulnerability in Ruby on Rails, but find nothing.
C:\ruby-1.8.4-i386-mswin32\bin>ruby -e 'def a=.a=;end'
-e:1: identifier a= is not valid
-e:1: [BUG] Segmentation fault ruby 1.8.4 (2005-12-24) [i386-mswin32]
This application has requested the Runtime to terminate it in an unusual way.
Please contact the application's support team for more information.
Now it was fixed in CVS.
This is not a serious security problem. I tried to find if it will result in a remote DOS vulnerability in Ruby on Rails, but find nothing.
posted by xue.yong.zhi at 8:51 AM
0 Comments:
Post a Comment
<< Home