in reply to Re^3: use of print f and sprint f
in thread use of print f and sprint f
yes, perl is vulnerable. (There's a "but" explained below.) We can see it that it's vulnerable here:
$f = "%%%%";
If perl wasn't vulnerable, it would display %%%% instead of %%. However, the vulnerability cannot be exploited. Perl's version of the (s)printf functions will not clobber the stack if the numbre or replaceables does not match the number of the arguments. What you'll get is incorrectly formatted data (which could possibly be used to exploit something else), but that's it.