Subject: | Suspected buffer overflow while running executable made by Par::Packer |
Date: | Fri, 12 Sep 2008 16:26:41 -0400 |
To: | <bug-PAR [...] rt.cpan.org> |
From: | "Clarke, Dave S" <dave_clarke [...] merck.com> |
I have encountered an error while running an executable made by
Par::Packer. It occurs as part of a regexp pattern match.
The error has been narrowed down to this snippet of code (problem
bolded):
$_ =
q[TEXT="some_very_large_text_to_be_extracted_between_double_quotes"];
my $rQStr = qr/"((?:""|[^"])*)"/;
# String between double quotes (")
my $key = 'TEXT';
if (m/${key}=${rQStr}/) {
$_ = $1;
$_ at the start of the pattern match contains a large string (> 7000)
characters.
The perl script executes flawlessly, and has been in production for over
a year. I recently distributed this script and associated modules to
other users using Par::Packer.
The .exe generated by Par::Packer works for strings up to 7261
characters, but fails silently at 7262 characters between the quotes.
In other words, the .exe just exits w/o issuing any kind of error msg.
Perl Version:
This is perl, v5.8.8 built for MSWin32-x86-multi-thread
Binary build 820 [274739] provided by ActiveState
http://www.ActiveState.com
Built Jan 23 2007 15:57:46
Module Versions (installed from bribes):
PAR 0.982
PAR-Dist 0.31
PAR-Packer 0.982
OS Version:
Microsoft Windows XP Professional
Version 5.1.2600 Service Pack 2 Build 2600
If you need any additional information, or explanation of the problem.
Please E-Mail, or call me using the info below.
Dave Clarke
Aker Solutions Representative at Merck & Co., Inc
a& Co., Inc. - Business Confidential
Phone: (215) 993-3015
Email: dave_clarke@merck.com
Notice: This e-mail message, together with any attachments, contains
information of Merck & Co., Inc. (One Merck Drive, Whitehouse Station,
New Jersey, USA 08889), and/or its affiliates (which may be known
outside the United States as Merck Frosst, Merck Sharp & Dohme or
MSD and in Japan, as Banyu - direct contact information for affiliates is
available at http://www.merck.com/contact/contacts.html) that may be
confidential, proprietary copyrighted and/or legally privileged. It is
intended solely for the use of the individual or entity named on this
message. If you are not the intended recipient, and have received this
message in error, please notify us immediately by reply e-mail and
then delete it from your system.