diff --git a/perl-5.24.0-crash-on-explicit-return-from-s-e.patch b/perl-5.24.0-crash-on-explicit-return-from-s-e.patch new file mode 100644 index 0000000..d7fd09d --- /dev/null +++ b/perl-5.24.0-crash-on-explicit-return-from-s-e.patch @@ -0,0 +1,94 @@ +From 2c639acf40b4abc2783352f8e20dbfb68389e633 Mon Sep 17 00:00:00 2001 +From: David Mitchell +Date: Mon, 28 Nov 2016 08:03:49 +0000 +Subject: [PATCH] crash on explicit return from s///e +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Petr Pisar: Ported to 5.24.0: + +commit 7332835e5da7b7a793ef814a84e53003be1d0138 +Author: David Mitchell +Date: Mon Nov 28 08:03:49 2016 +0000 + + crash on explicit return from s///e + + RT #130188 + + In + + sub f { + my $x = 'a'; + $x =~ s/./return;/e; + } + + the 'return' triggers popping any contexts above the subroutine context: + in this case, a CXt_SUBST context. In this case, Perl_dounwind() calls + cx_popblock() for the bottom-most popped context, to restore any saved + vars. However, CXt_SUBST is the one context type which *doesn't* use + 'struct block' as part of its context struct union, so you can't + cx_popblock() a CXt_SUBST context. + + This commit makes it skip the cx_popblock() in this case. + + Bug was introduced by me with v5.23.7-235-gfc6e609. + +Signed-off-by: Petr Písař +--- + pp_ctl.c | 6 ++++++ + t/re/subst.t | 17 ++++++++++++++++- + 2 files changed, 22 insertions(+), 1 deletion(-) + +diff --git a/pp_ctl.c b/pp_ctl.c +index 99ff59a..b94c09a 100644 +--- a/pp_ctl.c ++++ b/pp_ctl.c +@@ -1529,6 +1529,12 @@ Perl_dounwind(pTHX_ I32 cxix) + switch (CxTYPE(cx)) { + case CXt_SUBST: + CX_POPSUBST(cx); ++ /* CXt_SUBST is not a block context type, so skip the ++ * cx_popblock(cx) below */ ++ if (cxstack_ix == cxix + 1) { ++ cxstack_ix--; ++ return; ++ } + break; + case CXt_SUB: + cx_popsub(cx); +diff --git a/t/re/subst.t b/t/re/subst.t +index 26a78c7..c039cc4 100644 +--- a/t/re/subst.t ++++ b/t/re/subst.t +@@ -11,7 +11,7 @@ BEGIN { + require './loc_tools.pl'; + } + +-plan( tests => 270 ); ++plan( tests => 271 ); + + $_ = 'david'; + $a = s/david/rules/r; +@@ -1102,3 +1102,18 @@ SKIP: { + $s =~ s/..\G//g; + is($s, "\x{123}", "#RT 126260 gofs"); + } ++ ++# [perl #130188] crash on return from substitution in subroutine ++# make sure returning from s///e doesn't SEGV ++{ ++ my $f = sub { ++ my $x = 'a'; ++ $x =~ s/./return;/e; ++ }; ++ my $x = $f->(); ++ pass("RT #130188"); ++} ++ ++ ++ ++ +-- +2.7.4 + diff --git a/perl.spec b/perl.spec index 93fc725..5d598f3 100644 --- a/perl.spec +++ b/perl.spec @@ -223,6 +223,10 @@ Patch58: perl-5.24.0-perl-129130-make-chdir-allocate-the-stack-it-needs.p # RT130098 Patch59: perl-5.25.7-Fix-Storable-segfaults.patch +# Fix crash on explicit return from regular expression substitution, RT#130188, +# in upstream after 5.25.7 +Patch60: perl-5.24.0-crash-on-explicit-return-from-s-e.patch + # Link XS modules to libperl.so with EU::CBuilder on Linux, bug #960048 Patch200: perl-5.16.3-Link-XS-modules-to-libperl.so-with-EU-CBuilder-on-Li.patch @@ -2908,6 +2912,7 @@ Perl extension for Version Objects %patch57 -p1 %patch58 -p1 %patch59 -p1 +%patch60 -p1 %patch200 -p1 %patch201 -p1 @@ -2958,6 +2963,7 @@ perl -x patchlevel.h \ 'Fedora Patch57: Avoid infinite loop in h2xs tool if enum and type have the same name (RT130001)' \ 'Fedora Patch58: Fix stack handling when calling chdir without an argument (RT#129130)' \ 'Fedora Patch59: Fix crash in Storable when deserializing malformed code reference (RT#68348, RT#130098)' \ + 'Fedora Patch60: Fix crash on explicit return from regular expression substitution (RT#130188)' \ 'Fedora Patch200: Link XS modules to libperl.so with EU::CBuilder on Linux' \ 'Fedora Patch201: Link XS modules to libperl.so with EU::MM on Linux' \ %{nil} @@ -5239,6 +5245,7 @@ popd * Mon Nov 28 2016 Petr Pisar - 4:5.24.0-381 - Fix crash in Storable when deserializing malformed code reference (RT#68348, RT#130098) +- Fix crash on explicit return from regular expression substitution (RT#130188) * Wed Nov 09 2016 Petr Pisar - 4:5.24.0-380 - Tie perl-Errno release to interpreter build because of kernel version check