yesterday dree stumbled upon what seems a really nasty bug in perl 5.6.x on Win32,
so I'm posting this hoping that it can avoid some headache to someone in
the (near) future.
note that this seems to have been fixed in perl 5.8.0, so read this only if you have not upgraded (yet)!
the bug appears when you use warnings and close STDERR (which is not a meaningful thing to do, but nonetheless...) and it causes the readline operator (eg. <STDIN>) to only read the first line of a file.
AFFECTED PLATFORMS
first of all, these are the test reports I could gather so far:
| OS | Perl build | Buggy |
| Windows 2000 Pro, XP Pro | v5.6.0 built for MSWin32-x86-multi-thread | YES |
| Windows 2000 Pro, XP Pro | v5.6.1 built for MSWin32-x86-multi-thread | YES |
| Windows 2000 Pro, XP Pro | v5.6.1 built for cygwin-multi | NO |
| Windows 2000 Pro | v5.8.0 built for MSWin32-x86-multi-thread | NO |
| Red Hat Linux release 7.0 (Guinness) | v5.6.0 built for i386-linux | NO |
| Red Hat Linux release 7.0 (Guinness) | v5.8.0 built for i586-linux-thread-multi-ld | NO |
summing this up, the bug seems to show only on Win32 with Perl 5.6.0 and 5.6.1 (but not with Cygwin).
DESCRIPTION
this is the exploitation script (I called it dree.pl):if you run it as it is, it will read (and thus print) only the first line of the file.use warnings; close(STDERR); open(ME, "$0"); while (<ME>) { print; } close ME;
if you comment either the first line (use warnings) or the second line (close(STDERR)), the whole file is printed fine.
SUMMARY
if you mysteriously fail to read more than one line from a file, make sure that the following two conditions aren't both met:- use warnings
- STDERR is closed
cheers,
Aldo
King of Laziness, Wizard of Impatience, Lord of Hubris
Back to
Meditations