Fix memory handling when parsing string literals

This commit is contained in:
Petr Písař 2019-06-25 15:05:03 +02:00
parent 9426796960
commit 76d1bdbdfc
2 changed files with 55 additions and 0 deletions

View File

@ -0,0 +1,49 @@
From 89f69032d6a71f41b96ae6becbf3df4e2f9509a5 Mon Sep 17 00:00:00 2001
From: Karl Williamson <khw@cpan.org>
Date: Sat, 27 Apr 2019 13:56:39 -0600
Subject: [PATCH] S_scan_const() Properly test if need to grow
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
As we parse the input, creating a string constant, we may have to grow
the destination if it fills up as we go along. It allocates space in an
SV and populates the string, but it doesn' update the SvCUR until the
end, so in single stepping the debugger through the code, the SV looks
empty until the end. It turns out that as a result SvEND also doesn't
get updated and still points to the beginning of the string until SvCUR
is finally set. That means that the test changed by this commit was
always succeeding, because it was using SvEND that didn't get updated,
so it would attempt to grow each time through the loop. By moving a
couple of statements earlier, and using SvLEN instead, which does always
have the correct value, those extra growth attempts are avoided.
Signed-off-by: Petr Písař <ppisar@redhat.com>
---
toke.c | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/toke.c b/toke.c
index 68eea0cae6..03c4f2ba26 100644
--- a/toke.c
+++ b/toke.c
@@ -4097,10 +4097,12 @@ S_scan_const(pTHX_ char *start)
goto default_action; /* Redo, having upgraded so both are UTF-8 */
}
else { /* UTF8ness matters: convert this non-UTF8 source char to
- UTF-8 for output. It will occupy 2 bytes */
- if (d + 2 >= SvEND(sv)) {
- const STRLEN extra = 2 + (send - s - 1) + 1;
- const STRLEN off = d - SvPVX_const(sv);
+ UTF-8 for output. It will occupy 2 bytes, but don't include
+ the input byte since we haven't incremented 's' yet. See
+ Note on sizing above. */
+ const STRLEN off = d - SvPVX(sv);
+ const STRLEN extra = 2 + (send - s - 1) + 1;
+ if (off + extra > SvLEN(sv)) {
d = off + SvGROW(sv, off + extra);
}
*d++ = UTF8_EIGHT_BIT_HI(*s);
--
2.20.1

View File

@ -154,6 +154,9 @@ Patch14: perl-5.31.0-PATCH-perl-134134-read-beyond-end-of-buffer.patch
# Do not panic when outputting a warning, RT#134059, fixed after 5.31.0
Patch15: perl-5.31.0-PATCH-perl-134059-panic-outputting-a-warning.patch
# Fix memory handling when parsing string literals, fixed after 5.31.0
Patch16: perl-5.31.0-S_scan_const-Properly-test-if-need-to-grow.patch
# Link XS modules to libperl.so with EU::CBuilder on Linux, bug #960048
Patch200: perl-5.16.3-Link-XS-modules-to-libperl.so-with-EU-CBuilder-on-Li.patch
@ -2687,6 +2690,7 @@ Perl extension for Version Objects
%patch13 -p1
%patch14 -p1
%patch15 -p1
%patch16 -p1
%patch200 -p1
%patch201 -p1
@ -2709,6 +2713,7 @@ perl -x patchlevel.h \
'Fedora Patch13: Pass the correct CFLAGS to dtrace' \
'Fedora Patch14: Fix an out-of-buffer read while parsing a Unicode property name (RT#134134)' \
'Fedora Patch15: Do not panic when outputting a warning (RT#134059)' \
'Fedora Patch16: Fix memory handling when parsing string literals' \
'Fedora Patch200: Link XS modules to libperl.so with EU::CBuilder on Linux' \
'Fedora Patch201: Link XS modules to libperl.so with EU::MM on Linux' \
%{nil}
@ -4957,6 +4962,7 @@ popd
* Tue Jun 25 2019 Petr Pisar <ppisar@redhat.com> - 4:5.30.0-440
- Fix an out-of-buffer read while parsing a Unicode property name (RT#134134)
- Do not panic when outputting a warning (RT#134059)
- Fix memory handling when parsing string literals
* Tue Jun 11 2019 Jitka Plesnikova <jplesnik@redhat.com> - 4:5.30.0-439
- Define %%perl_vendor*, %%perl_archlib, %%perl_privlib, because in rpm