55 lines
1.8 KiB
Diff
55 lines
1.8 KiB
Diff
|
From 06cbc317229e882f379e75eb3adf7cf9c071febd Mon Sep 17 00:00:00 2001
|
||
|
From: David Mitchell <davem@iabyn.com>
|
||
|
Date: Wed, 3 Apr 2019 11:06:22 +0100
|
||
|
Subject: [PATCH] Fix recent double free in S_parse_gv_stash_name()
|
||
|
MIME-Version: 1.0
|
||
|
Content-Type: text/plain; charset=UTF-8
|
||
|
Content-Transfer-Encoding: 8bit
|
||
|
|
||
|
RT #133977
|
||
|
|
||
|
My recent commit v5.29.9-29-g657ed7c1c1 moved all buffer freeing to
|
||
|
the end of the function, but missed removing one of the existing frees.
|
||
|
|
||
|
The problem was spotted by James E Keenan and diagnosed by Tony Cook; I just
|
||
|
added a test.
|
||
|
|
||
|
A simple reproducer is
|
||
|
|
||
|
my $def = defined *{"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'x"};
|
||
|
|
||
|
Signed-off-by: Petr Písař <ppisar@redhat.com>
|
||
|
---
|
||
|
gv.c | 1 -
|
||
|
t/op/stash_parse_gv.t | 2 +-
|
||
|
2 files changed, 1 insertion(+), 2 deletions(-)
|
||
|
|
||
|
diff --git a/gv.c b/gv.c
|
||
|
index 61085f5c53..3b8759e88a 100644
|
||
|
--- a/gv.c
|
||
|
+++ b/gv.c
|
||
|
@@ -1665,7 +1665,6 @@ S_parse_gv_stash_name(pTHX_ HV **stash, GV **gv, const char **name,
|
||
|
gvp = (GV**)hv_fetch(*stash, key, is_utf8 ? -((I32)*len) : (I32)*len, add);
|
||
|
*gv = gvp ? *gvp : NULL;
|
||
|
if (!*gv || *gv == (const GV *)&PL_sv_undef) {
|
||
|
- Safefree(tmpfullbuf); /* free our tmpfullbuf if it was used */
|
||
|
goto notok;
|
||
|
}
|
||
|
/* here we know that *gv && *gv != &PL_sv_undef */
|
||
|
diff --git a/t/op/stash_parse_gv.t b/t/op/stash_parse_gv.t
|
||
|
index 05694ca8ce..bd9e95cf37 100644
|
||
|
--- a/t/op/stash_parse_gv.t
|
||
|
+++ b/t/op/stash_parse_gv.t
|
||
|
@@ -23,7 +23,7 @@ foreach my $t (@tests) {
|
||
|
my ( $sub, $name ) = @$t;
|
||
|
|
||
|
fresh_perl_is(
|
||
|
- qq[sub $sub { print qq[ok\n]} &{"$sub"} ],
|
||
|
+ qq[sub $sub { print qq[ok\n]} &{"$sub"}; my \$d = defined *{"foo$sub"} ],
|
||
|
q[ok],
|
||
|
{ switches => ['-w'] },
|
||
|
$name
|
||
|
--
|
||
|
2.20.1
|
||
|
|