Fix a crash when parsing #line directives with large numbers in eval
This commit is contained in:
parent
f442fa2b90
commit
640c5891f6
@ -0,0 +1,49 @@
|
||||
From 515c395bcca24c55c85b5aeea239e5e836c36059 Mon Sep 17 00:00:00 2001
|
||||
From: Tony Cook <tony@develop-help.com>
|
||||
Date: Wed, 23 Aug 2017 14:18:26 +1000
|
||||
Subject: [PATCH] (perl #131562) correct large line numbers copying eval lines
|
||||
on #line
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
Previously this used I32 for line numbers, which takes half the range
|
||||
of line_t and folds it into negative numbers, leading to trying to store
|
||||
the lines at negative indexes.
|
||||
|
||||
The while loop was also modified to stop storing if/when the line number
|
||||
no longer fits into cop_line, or no longer fits into SSize_t (as a
|
||||
positive number) since the index parameter to av_store() is a SSize_t.
|
||||
|
||||
Signed-off-by: Petr Písař <ppisar@redhat.com>
|
||||
---
|
||||
toke.c | 10 +++++-----
|
||||
1 file changed, 5 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/toke.c b/toke.c
|
||||
index de4ab2e652..5a3fe78472 100644
|
||||
--- a/toke.c
|
||||
+++ b/toke.c
|
||||
@@ -1829,14 +1829,14 @@ S_incline(pTHX_ const char *s, const char *end)
|
||||
}
|
||||
else if (GvAV(cfgv)) {
|
||||
AV * const av = GvAV(cfgv);
|
||||
- const I32 start = CopLINE(PL_curcop)+1;
|
||||
- I32 items = AvFILLp(av) - start;
|
||||
+ const line_t start = CopLINE(PL_curcop)+1;
|
||||
+ SSize_t items = AvFILLp(av) - start;
|
||||
if (items > 0) {
|
||||
AV * const av2 = GvAVn(gv2);
|
||||
SV **svp = AvARRAY(av) + start;
|
||||
- I32 l = (I32)line_num+1;
|
||||
- while (items--)
|
||||
- av_store(av2, l++, SvREFCNT_inc(*svp++));
|
||||
+ Size_t l = line_num+1;
|
||||
+ while (items-- && l < SSize_t_MAX && l == (line_t)l)
|
||||
+ av_store(av2, (SSize_t)l++, SvREFCNT_inc(*svp++));
|
||||
}
|
||||
}
|
||||
}
|
||||
--
|
||||
2.20.1
|
||||
|
12
perl.spec
12
perl.spec
@ -83,7 +83,7 @@ License: GPL+ or Artistic
|
||||
Epoch: %{perl_epoch}
|
||||
Version: %{perl_version}
|
||||
# release number must be even higher, because dual-lived modules will be broken otherwise
|
||||
Release: 432%{?dist}
|
||||
Release: 433%{?dist}
|
||||
Summary: Practical Extraction and Report Language
|
||||
Url: https://www.perl.org/
|
||||
Source0: https://www.cpan.org/src/5.0/perl-%{perl_version}.tar.xz
|
||||
@ -247,6 +247,10 @@ Patch50: perl-5.29.6-PATCH-perl-133756-Failure-to-match-properly.patch
|
||||
# in upstream after 5.29.3
|
||||
Patch51: perl-5.29.3-RT-133573-X-fallback-when-platform-specific-techniqu.patch
|
||||
|
||||
# Fix a crash when parsing #line directives with large numbers in eval, RT#131562,
|
||||
# in upstream after 5.29.7
|
||||
Patch52: perl-5.29.7-perl-131562-correct-large-line-numbers-copying-eval-.patch
|
||||
|
||||
# Link XS modules to libperl.so with EU::CBuilder on Linux, bug #960048
|
||||
Patch200: perl-5.16.3-Link-XS-modules-to-libperl.so-with-EU-CBuilder-on-Li.patch
|
||||
|
||||
@ -2851,6 +2855,7 @@ Perl extension for Version Objects
|
||||
%patch49 -p1
|
||||
%patch50 -p1
|
||||
%patch51 -p1
|
||||
%patch52 -p1
|
||||
%patch200 -p1
|
||||
%patch201 -p1
|
||||
|
||||
@ -2895,6 +2900,7 @@ perl -x patchlevel.h \
|
||||
'Fedora Patch49: Prevent long jumps from clobbering local variables (RT#133575)' \
|
||||
'Fedora Patch50: Fix a mismatch with a case-insesitive regular expression on a text with ligatures (RT#133756)' \
|
||||
'Fedora Patch51: Fix the interpreter path if procfs is not mounted (RT#133573)' \
|
||||
'Fedora Patch52: Fix a crash when parsing #line directives with large numbers in eval (RT#131562)' \
|
||||
'Fedora Patch200: Link XS modules to libperl.so with EU::CBuilder on Linux' \
|
||||
'Fedora Patch201: Link XS modules to libperl.so with EU::MM on Linux' \
|
||||
%{nil}
|
||||
@ -5183,6 +5189,10 @@ popd
|
||||
|
||||
# Old changelog entries are preserved in CVS.
|
||||
%changelog
|
||||
* Fri Feb 22 2019 Petr Pisar <ppisar@redhat.com> - 4:5.28.1-433
|
||||
- Fix a crash when parsing #line directives with large numbers in eval
|
||||
(RT#131562)
|
||||
|
||||
* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 4:5.28.1-432
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user