Fix memory handling when parsing string literals

perl-5.31.0-S_scan_const-Properly-test-if-need-to-grow.patch

@@ -0,0 +1,49 @@
+From 89f69032d6a71f41b96ae6becbf3df4e2f9509a5 Mon Sep 17 00:00:00 2001
+From: Karl Williamson <khw@cpan.org>
+Date: Sat, 27 Apr 2019 13:56:39 -0600
+Subject: [PATCH] S_scan_const() Properly test if need to grow
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+As we parse the input, creating a string constant, we may have to grow
+the destination if it fills up as we go along.  It allocates space in an
+SV and populates the string, but it doesn' update the SvCUR until the
+end, so in single stepping the debugger through the code, the SV looks
+empty until the end.  It turns out that as a result SvEND also doesn't
+get updated and still points to the beginning of the string until SvCUR
+is finally set.  That means that the test changed by this commit was
+always succeeding, because it was using SvEND that didn't get updated,
+so it would attempt to grow each time through the loop.  By moving a
+couple of statements earlier, and using SvLEN instead, which does always
+have the correct value, those extra growth attempts are avoided.
+
+Signed-off-by: Petr Písař <ppisar@redhat.com>
+---
+ toke.c | 10 ++++++----
+ 1 file changed, 6 insertions(+), 4 deletions(-)
+
+diff --git a/toke.c b/toke.c
+index 68eea0cae6..03c4f2ba26 100644
+--- a/toke.c
++++ b/toke.c
+@@ -4097,10 +4097,12 @@ S_scan_const(pTHX_ char *start)
+             goto default_action; /* Redo, having upgraded so both are UTF-8 */
+         }
+         else {  /* UTF8ness matters: convert this non-UTF8 source char to
+-                   UTF-8 for output.  It will occupy 2 bytes */
+-            if (d + 2 >= SvEND(sv)) {
+-                const STRLEN extra = 2 + (send - s - 1) + 1;
+-		const STRLEN off = d - SvPVX_const(sv);
++                   UTF-8 for output.  It will occupy 2 bytes, but don't include
++                   the input byte since we haven't incremented 's' yet. See
++                   Note on sizing above. */
++            const STRLEN off = d - SvPVX(sv);
++            const STRLEN extra = 2 + (send - s - 1) + 1;
++            if (off + extra > SvLEN(sv)) {
+ 		d = off + SvGROW(sv, off + extra);
+ 	    }
+             *d++ = UTF8_EIGHT_BIT_HI(*s);
+-- 
+2.20.1
+

perl.spec

@@ -154,6 +154,9 @@ Patch14:        perl-5.31.0-PATCH-perl-134134-read-beyond-end-of-buffer.patch
 # Do not panic when outputting a warning, RT#134059, fixed after 5.31.0
 Patch15:        perl-5.31.0-PATCH-perl-134059-panic-outputting-a-warning.patch
 
+# Fix memory handling when parsing string literals, fixed after 5.31.0
+Patch16:        perl-5.31.0-S_scan_const-Properly-test-if-need-to-grow.patch
+
 # Link XS modules to libperl.so with EU::CBuilder on Linux, bug #960048
 Patch200:       perl-5.16.3-Link-XS-modules-to-libperl.so-with-EU-CBuilder-on-Li.patch
 
@@ -2687,6 +2690,7 @@ Perl extension for Version Objects
 %patch13 -p1
 %patch14 -p1
 %patch15 -p1
+%patch16 -p1
 %patch200 -p1
 %patch201 -p1
 
@@ -2709,6 +2713,7 @@ perl -x patchlevel.h \
     'Fedora Patch13: Pass the correct CFLAGS to dtrace' \
     'Fedora Patch14: Fix an out-of-buffer read while parsing a Unicode property name (RT#134134)' \
     'Fedora Patch15: Do not panic when outputting a warning (RT#134059)' \
+    'Fedora Patch16: Fix memory handling when parsing string literals' \
     'Fedora Patch200: Link XS modules to libperl.so with EU::CBuilder on Linux' \
     'Fedora Patch201: Link XS modules to libperl.so with EU::MM on Linux' \
     %{nil}
@@ -4957,6 +4962,7 @@ popd
 * Tue Jun 25 2019 Petr Pisar <ppisar@redhat.com> - 4:5.30.0-440
 - Fix an out-of-buffer read while parsing a Unicode property name (RT#134134)
 - Do not panic when outputting a warning (RT#134059)
+- Fix memory handling when parsing string literals
 
 * Tue Jun 11 2019 Jitka Plesnikova <jplesnik@redhat.com> - 4:5.30.0-439
 - Define %%perl_vendor*, %%perl_archlib, %%perl_privlib, because in rpm