Skip to content

Instantly share code, notes, and snippets.

@d630

d630/x.sh

Last active November 2, 2016 15:27
Show Gist options
  • Save d630/ed3a8d30ba6f3fffb0a59633890f7be1 to your computer and use it in GitHub Desktop.
Save d630/ed3a8d30ba6f3fffb0a59633890f7be1 to your computer and use it in GitHub Desktop.
Download ZIP
bash: stack overflow, segmentation fault
Raw
x.sh
% printf 'echo dylan?;' \; >/tmp/prize; for i in {0..32767}; do printf ':;'; done >> /tmp/prize
% stat /tmp/prize
File: '/tmp/prize'
Size: 65548 Blocks: 136 IO Block: 4096 regular file
Device: 801h/2049d Inode: 12320778 Links: 1
Access: (0640/-rw-r-----) Uid: ( 1000/ user1) Gid: ( 1000/ user1)
Access: 2016-11-02 13:42:52.864527834 +0000
Modify: 2016-11-02 13:46:12.501955930 +0000
Change: 2016-11-02 13:46:12.501955930 +0000
Birth: -
% command \bash -c 'ulimit -s; . /tmp/prize'
1024
Segmentation fault
*% command \dash -c 'ulimit -s; . /tmp/prize'
1024
Segmentation fault
*% command \ksh93 -c 'ulimit -s; . /tmp/prize'
Segmentation fault
*% command \mksh -c 'ulimit -s; . /tmp/prize'
1024
dylan?
*% command \zsh -c 'ulimit -s; . /tmp/prize'
1024
Segmentation fault
*% command \posh -c 'ulimit -s; . /tmp/prize'
posh: ulimit: not found
dylan?
*% command \yash -c 'ulimit -s; . /tmp/prize'
1024
dylan?
*% command \rc -c 'ulimit -s; . /tmp/prize'
rc: cannot find `ulimit'
rc: line 1: yacc stack overflow near ';'
Raw
x002.sh
% printf 'echo dylan?;if :; then ' \; >/tmp/prize; for i in {0..32767}; do echo ':;'; done >> /tmp/prize; echo 'fi' >> /tmp/prize
% stat /tmp/prize
File: '/tmp/prize'
Size: 98330 Blocks: 200 IO Block: 4096 regular file
Device: 801h/2049d Inode: 12320778 Links: 1
Access: (0640/-rw-r-----) Uid: ( 1000/ user1) Gid: ( 1000/ user1)
Access: 2016-11-02 14:07:27.894844399 +0000
Modify: 2016-11-02 14:08:06.760640674 +0000
Change: 2016-11-02 14:08:06.760640674 +0000
Birth: -
% command \bash -c 'ulimit -s; . /tmp/prize'
1024
dylan?
Segmentation fault
Raw
x003.sh
% printf 'echo dylan?;while :; do ' >/tmp/prize; for i in {0..32767}; do echo ':;'; done >> /tmp/prize; echo 'break; done' >> /tmp/prize
% stat /tmp/prize
File: '/tmp/prize'
Size: 98340 Blocks: 200 IO Block: 4096 regular file
Device: 801h/2049d Inode: 12320778 Links: 1
Access: (0640/-rw-r-----) Uid: ( 1000/ user1) Gid: ( 1000/ user1)
Access: 2016-11-02 14:13:16.675045773 +0000
Modify: 2016-11-02 14:13:41.417639714 +0000
Change: 2016-11-02 14:13:41.417639714 +0000
Birth: -
% command \bash -c 'ulimit -s; . /tmp/prize'
1024
dylan?
Segmentation fault
Raw
x004.sh
% printf $'echo dylan?; (\n' >/tmp/prize; for i in {0..32767}; do echo ':;'; done >> /tmp/prize; echo ')' >> /tmp/prize
% stat /tmp/prize
File: '/tmp/prize'
Size: 98321 Blocks: 200 IO Block: 4096 regular file
Device: 801h/2049d Inode: 12320778 Links: 1
Access: (0640/-rw-r-----) Uid: ( 1000/ user1) Gid: ( 1000/ user1)
Access: 2016-11-02 14:15:13.932380971 +0000
Modify: 2016-11-02 14:15:11.652510588 +0000
Change: 2016-11-02 14:15:11.652510588 +0000
Birth: -
% command \bash -c 'ulimit -s; . /tmp/prize'
1024
dylan?
Segmentation fault
Raw
x005.sh
*% printf $'echo dylan?; {\n' >/tmp/prize; for i in {0..32767}; do echo ':;'; done >> /tmp/prize; echo '}' >> /tmp/prize
% stat /tmp/prize
File: '/tmp/prize'
Size: 98321 Blocks: 200 IO Block: 4096 regular file
Device: 801h/2049d Inode: 12320778 Links: 1
Access: (0640/-rw-r-----) Uid: ( 1000/ user1) Gid: ( 1000/ user1)
Access: 2016-11-02 14:15:13.932380971 +0000
Modify: 2016-11-02 14:16:25.388317991 +0000
Change: 2016-11-02 14:16:25.388317991 +0000
Birth: -
% command \bash -c 'ulimit -s; . /tmp/prize'
1024
dylan?
Segmentation fault
Raw
x006.sh
% printf $'echo dylan?;' >/tmp/prize; for i in {0..32767}; do printf ': && '; done >> /tmp/prize; echo ':;' >> /tmp/prize
% stat /tmp/prize
File: '/tmp/prize'
Size: 163855 Blocks: 328 IO Block: 4096 regular file
Device: 801h/2049d Inode: 12320778 Links: 1
Access: (0640/-rw-r-----) Uid: ( 1000/ user1) Gid: ( 1000/ user1)
Access: 2016-11-02 14:18:40.244647592 +0000
Modify: 2016-11-02 14:18:38.424751123 +0000
Change: 2016-11-02 14:18:38.424751123 +0000
Birth: -
% command \bash -c 'ulimit -s; . /tmp/prize'
1024
dylan?
Segmentation fault
Raw
x007.sh
% printf $'echo dylan?;if ! :; then :;' >/tmp/prize; for i in {0..32767}; do echo 'elif ! :; then :;'; done >> /tmp/prize; echo 'else :; fi' >> /tmp/prize
% stat /tmp/prize
File: '/tmp/prize'
Size: 589862 Blocks: 1160 IO Block: 4096 regular file
Device: 801h/2049d Inode: 12320778 Links: 1
Access: (0640/-rw-r-----) Uid: ( 1000/ user1) Gid: ( 1000/ user1)
Access: 2016-11-02 14:21:13.711915507 +0000
Modify: 2016-11-02 14:22:09.024767630 +0000
Change: 2016-11-02 14:22:09.024767630 +0000
Birth: -
% command \bash -c 'ulimit -s; . /tmp/prize'
1024
/tmp/prize: line 2498: syntax error near unexpected token `;'
/tmp/prize: line 2498: `elif ! :; then :;'
% command \dash -c 'ulimit -s; . /tmp/prize'
1024
dylan?
Segmentation fault
Raw
x008.sh
*% printf $'echo dylan?;for ((;;)); do ' >/tmp/prize; for i in {0..32767}; do echo ':;'; done >> /tmp/prize; echo 'break; done' >> /tmp/prize
% stat /tmp/prize
File: '/tmp/prize'
Size: 98343 Blocks: 200 IO Block: 4096 regular file
Device: 801h/2049d Inode: 12320778 Links: 1
Access: (0640/-rw-r-----) Uid: ( 1000/ user1) Gid: ( 1000/ user1)
Access: 2016-11-02 14:27:09.911716800 +0000
Modify: 2016-11-02 14:27:27.500569267 +0000
Change: 2016-11-02 14:27:27.500569267 +0000
Birth: -
% command \bash -c 'ulimit -s; . /tmp/prize'
1024
dylan?
Segmentation fault
Raw
x009.sh
% printf $'echo dylan?;for i in x; do ' >/tmp/prize; for i in {0..32767}; do echo ':;'; done >> /tmp/prize; echo 'done' >> /tmp/prize
% stat /tmp/prize
File: '/tmp/prize'
Size: 98336 Blocks: 200 IO Block: 4096 regular file
Device: 801h/2049d Inode: 12320778 Links: 1
Access: (0640/-rw-r-----) Uid: ( 1000/ user1) Gid: ( 1000/ user1)
Access: 2016-11-02 14:28:16.440117980 +0000
Modify: 2016-11-02 14:28:15.296310566 +0000
Change: 2016-11-02 14:28:15.296310566 +0000
Birth: -
% command \bash -c 'ulimit -s; . /tmp/prize'
1024
dylan?
Segmentation fault
Raw
x010.sh
% printf $'echo dylan?;case 1 in (1) ' >/tmp/prize; for i in {0..32767}; do echo ':;'; done >> /tmp/prize; echo 'esac' >> /tmp/prize
% stat /tmp/prize
File: '/tmp/prize'
Size: 98335 Blocks: 200 IO Block: 4096 regular file
Device: 801h/2049d Inode: 12320778 Links: 1
Access: (0640/-rw-r-----) Uid: ( 1000/ user1) Gid: ( 1000/ user1)
Access: 2016-11-02 14:29:49.365190811 +0000
Modify: 2016-11-02 14:29:47.553469059 +0000
Change: 2016-11-02 14:29:47.553469059 +0000
Birth: -
% command \bash -c 'ulimit -s; . /tmp/prize'
1024
dylan?
Segmentation fault
Raw
x011.sh
% printf $'echo dylan?; [[\n' >/tmp/prize; for i in {0..32767}; do echo '1 -eq 1 &&'; done >> /tmp/prize; echo '1 -eq 1 ]]' >> /tmp/prize
% stat /tmp/prize
File: '/tmp/prize'
Size: 360475 Blocks: 712 IO Block: 4096 regular file
Device: 801h/2049d Inode: 12320778 Links: 1
Access: (0640/-rw-r-----) Uid: ( 1000/ user1) Gid: ( 1000/ user1)
Access: 2016-11-02 14:37:54.715513216 +0000
Modify: 2016-11-02 14:38:23.644417227 +0000
Change: 2016-11-02 14:38:23.644417227 +0000
Birth: -
% command \bash -c 'ulimit -s; . /tmp/prize'
1024
dylan?
Segmentation fault
Raw
x012.sh
% printf $'echo dylan?;' >/tmp/prize; for i in {0..32767}; do echo ':;'; done >> /tmp/prize
% stat /tmp/prize
File: '/tmp/prize'
Size: 98316 Blocks: 200 IO Block: 4096 regular file
Device: 801h/2049d Inode: 12320778 Links: 1
Access: (0640/-rw-r-----) Uid: ( 1000/ user1) Gid: ( 1000/ user1)
Access: 2016-11-02 14:31:16.752307060 +0000
Modify: 2016-11-02 14:31:15.384501067 +0000
Change: 2016-11-02 14:31:15.384501067 +0000
Birth: -
% command \bash -c 'ulimit -s; . /tmp/prize'
1024
dylan?
Raw
x013.sh
% printf $'echo dylan?; ((\n' >/tmp/prize; for i in {0..32767}; do echo '+ 1'; done >> /tmp/prize; echo '))' >> /tmp/prize
% stat /tmp/prize
File: '/tmp/prize'
Size: 131091 Blocks: 264 IO Block: 4096 regular file
Device: 801h/2049d Inode: 12320778 Links: 1
Access: (0640/-rw-r-----) Uid: ( 1000/ user1) Gid: ( 1000/ user1)
Access: 2016-11-02 14:33:02.110008803 +0000
Modify: 2016-11-02 14:33:00.926162854 +0000
Change: 2016-11-02 14:33:00.926162854 +0000
Birth: -
% command \bash -c 'ulimit -s; . /tmp/prize'
1024
dylan?
Raw
x014.sh
% printf $'x=$(< <(\necho dylan?; ulimit -s;\n' >/tmp/prize; for i in {0..32767}; do echo ':;'; done >> /tmp/prize; echo ')); echo "$x"' >> /tmp/prize
% stat /tmp/prize
File: '/tmp/prize'
Size: 98351 Blocks: 200 IO Block: 4096 regular file
Device: 801h/2049d Inode: 12320778 Links: 1
Access: (0640/-rw-r-----) Uid: ( 1000/ user1) Gid: ( 1000/ user1)
Access: 2016-11-02 14:59:07.419217758 +0000
Modify: 2016-11-02 14:59:24.782586143 +0000
Change: 2016-11-02 14:59:24.782586143 +0000
Birth: -
% command \bash -c 'ulimit -s; . /tmp/prize'
1024
dylan?
1024
Raw
x015.sh
% printf $'x=$(\necho dylan?; ulimit -s;\n' >/tmp/prize; for i in {0..32767}; do echo ':;'; done >> /tmp/prize; echo '); echo "$x"' >> /tmp/prize
% stat /tmp/prize
File: '/tmp/prize'
Size: 98346 Blocks: 200 IO Block: 4096 regular file
Device: 801h/2049d Inode: 12320778 Links: 1
Access: (0640/-rw-r-----) Uid: ( 1000/ user1) Gid: ( 1000/ user1)
Access: 2016-11-02 15:02:02.759925871 +0000
Modify: 2016-11-02 15:02:06.663742737 +0000
Change: 2016-11-02 15:02:06.663742737 +0000
Birth: -
% command \bash -c 'ulimit -s; . /tmp/prize'
1024
dylan?
1024
Raw
x016.sh
% printf $'mapfile -t << IN \necho dylan?; ulimit -s;\n' >/tmp/prize; for i in {0..32767}; do echo ':;'; done >> /tmp/prize; { echo 'IN'; echo 'echo ${#MAPFILE[@]}'; } >> /tmp/prize
% stat /tmp/prize
File: '/tmp/prize'
Size: 98369 Blocks: 200 IO Block: 4096 regular file
Device: 801h/2049d Inode: 12320778 Links: 1
Access: (0640/-rw-r-----) Uid: ( 1000/ user1) Gid: ( 1000/ user1)
Access: 2016-11-02 15:05:51.316030985 +0000
Modify: 2016-11-02 15:06:06.211184781 +0000
Change: 2016-11-02 15:06:06.211184781 +0000
Birth: -
% command \bash -c 'ulimit -s; . /tmp/prize'
1024
32769
Raw
x017.sh
% printf $'echo dylan?; \n:' >/tmp/prize; for i in {0..32767}; do printf $'|: \\\n'; done >> /tmp/prize; echo '|:;' >> /tmp/prize
% stat /tmp/prize
File: '/tmp/prize'
Size: 163859 Blocks: 328 IO Block: 4096 regular file
Device: 801h/2049d Inode: 12320778 Links: 1
Access: (0640/-rw-r-----) Uid: ( 1000/ user1) Gid: ( 1000/ user1)
Access: 2016-11-02 15:20:30.750333334 +0000
Modify: 2016-11-02 15:23:52.055978427 +0000
Change: 2016-11-02 15:23:52.055978427 +0000
Birth: -
% command \bash -c 'ulimit -s; . /tmp/prize'
1024
dylan?
/tmp/prize: line 3334: syntax error near unexpected token `|'
/tmp/prize: line 3334: `|: \'
% command \dash -c 'ulimit -s; . /tmp/prize'
1024
dylan?
dash: 1: /tmp/prize: Cannot fork
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment