diff --git a/perl-5.25.4-perl-129287-Make-UTF8-append-null.patch b/perl-5.25.4-perl-129287-Make-UTF8-append-null.patch new file mode 100644 index 0000000..3709505 --- /dev/null +++ b/perl-5.25.4-perl-129287-Make-UTF8-append-null.patch @@ -0,0 +1,64 @@ +From b43665fffa48dd179eba1b5616d4ca35b4def876 Mon Sep 17 00:00:00 2001 +From: Father Chrysostomos +Date: Sun, 18 Sep 2016 20:17:08 -0700 +Subject: [PATCH] [perl #129287] Make UTF8 & append null +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The & and &. operators were not appending a null byte to the string +in utf8 mode. + +(The internal function that they use is the same. I used &. in the +test just because its intent is clearer.) + +Signed-off-by: Petr Písař +--- + doop.c | 1 + + t/op/bop.t | 14 +++++++++++++- + 2 files changed, 14 insertions(+), 1 deletion(-) + +diff --git a/doop.c b/doop.c +index ad9172a..234a425 100644 +--- a/doop.c ++++ b/doop.c +@@ -1093,6 +1093,7 @@ Perl_do_vop(pTHX_ I32 optype, SV *sv, SV *left, SV *right) + if (sv == left || sv == right) + (void)sv_usepvn(sv, dcorig, needlen); + SvCUR_set(sv, dc - dcorig); ++ *SvEND(sv) = 0; + break; + case OP_BIT_XOR: + while (lulen && rulen) { +diff --git a/t/op/bop.t b/t/op/bop.t +index 2afb8d7..1f96e9b 100644 +--- a/t/op/bop.t ++++ b/t/op/bop.t +@@ -19,7 +19,7 @@ BEGIN { + # If you find tests are failing, please try adding names to tests to track + # down where the failure is, and supply your new names as a patch. + # (Just-in-time test naming) +-plan tests => 192 + (10*13*2) + 5 + 29; ++plan tests => 192 + (10*13*2) + 5 + 30; + + # numerics + ok ((0xdead & 0xbeef) == 0x9ead); +@@ -664,3 +664,15 @@ is $^A, "123", '~v0 clears vstring magic on retval'; + is(-1 >> $w + 1, -1, "IV -1 right shift $w + 1 == -1"); + } + } ++ ++# [perl #129287] UTF8 & was not providing a trailing null byte. ++# This test is a bit convoluted, as we want to make sure that the string ++# allocated for &’s target contains memory initialised to something other ++# than a null byte. Uninitialised memory does not make for a reliable ++# test. So we do &. on a longer non-utf8 string first. ++for (["aaa","aaa"],[substr ("a\x{100}",0,1), "a"]) { ++ use feature "bitwise"; ++ no warnings "experimental::bitwise", "pack"; ++ $byte = substr unpack("P2", pack "P", $$_[0] &. $$_[1]), -1; ++} ++is $byte, "\0", "utf8 &. appends null byte"; +-- +2.7.4 + diff --git a/perl.spec b/perl.spec index f022ce7..6e87222 100644 --- a/perl.spec +++ b/perl.spec @@ -28,7 +28,7 @@ Name: perl Version: %{perl_version} # release number must be even higher, because dual-lived modules will be broken otherwise -Release: 386%{?dist} +Release: 387%{?dist} Epoch: %{perl_epoch} Summary: Practical Extraction and Report Language Group: Development/Languages @@ -256,6 +256,9 @@ Patch70: perl-5.24.1-perl-129342-ensure-range-start-is-set-after-error-in # in upstream after 5.25.8 Patch71: perl-5.24.1-perl-129377-don-t-read-past-start-of-string-for-unma.patch +# Fix UTF-8 string handling in & operator, RT#129287, in upstream after 5.25.4 +Patch72: perl-5.25.4-perl-129287-Make-UTF8-append-null.patch + # Link XS modules to libperl.so with EU::CBuilder on Linux, bug #960048 Patch200: perl-5.16.3-Link-XS-modules-to-libperl.so-with-EU-CBuilder-on-Li.patch @@ -2951,6 +2954,7 @@ Perl extension for Version Objects %patch69 -p1 %patch70 -p1 %patch71 -p1 +%patch72 -p1 %patch200 -p1 %patch201 -p1 @@ -3010,6 +3014,7 @@ perl -x patchlevel.h \ 'Fedora Patch69: Fix a use-after-free when processing scalar variables in forms (RT#129125)' \ 'Fedora Patch70: Fix a heap overflow if invalid octal or hexadecimal number is used in transliteration expression (RT#129342)' \ 'Fedora Patch71: Fix out-of-bound read in case of unmatched regexp backreference (RT#129377)' \ + 'Fedora Patch72: Fix UTF-8 string handling in & operator (RT#129287)' \ 'Fedora Patch200: Link XS modules to libperl.so with EU::CBuilder on Linux' \ 'Fedora Patch201: Link XS modules to libperl.so with EU::MM on Linux' \ %{nil} @@ -5286,6 +5291,9 @@ popd # Old changelog entries are preserved in CVS. %changelog +* Thu Jan 26 2017 Petr Pisar - 4:5.24.1-387 +- Fix UTF-8 string handling in & operator (RT#129287) + * Fri Jan 20 2017 Petr Pisar - 4:5.24.1-386 - Fix a buffer overflow in split in scalar context (RT#130262) - Fix a heap overflow with pack "W" (RT129149)