From 7f1876649d4157dd05b5ab03d21460668ed688c8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= Date: Tue, 14 Jun 2016 12:43:55 +0200 Subject: [PATCH] Fix a memory leak when compiling a regular expression with a POSIX class --- ...y-leak-in-strict-regex-posix-classes.patch | 150 ++++++++++++++++++ perl.spec | 12 +- 2 files changed, 161 insertions(+), 1 deletion(-) create mode 100644 perl-5.24.0-Fix-a-memory-leak-in-strict-regex-posix-classes.patch diff --git a/perl-5.24.0-Fix-a-memory-leak-in-strict-regex-posix-classes.patch b/perl-5.24.0-Fix-a-memory-leak-in-strict-regex-posix-classes.patch new file mode 100644 index 0000000..5420b2e --- /dev/null +++ b/perl-5.24.0-Fix-a-memory-leak-in-strict-regex-posix-classes.patch @@ -0,0 +1,150 @@ +From 4039933788b0393590f48aef41e9de5462fcc1e9 Mon Sep 17 00:00:00 2001 +From: Yves Orton +Date: Wed, 8 Jun 2016 18:42:30 +0200 +Subject: [PATCH] Fix a memory leak in strict regex posix classes +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This is a perl-5.24.0 port of these four upstream patches fixing RT#128313: + +commit ee072c898947f5fee316f1381b29ad692addcf05 +Author: Yves Orton +Date: Wed Jun 8 18:42:30 2016 +0200 + + [perl #128313] Fix leak in perl 5.24 with strict and regex posix char classes + + This patch is a refinement of one written by Dan Collins. + + Any thanks for this patch should go to him. + +commit 7eec73eb790f7c4982edfc28c17c011e8a072490 +Author: Yves Orton +Date: Fri Jun 10 12:20:20 2016 +0200 + + move warning text to RExC_state (via RExC_warn_text) + + This way we reuse the same AV each time, and avoid various refcount bookkeeping issues, all at a relatively modest cost (IMO) + +commit 0bf54b1ecaec8f6d80845d6cb77d62f8c9f4c415 +Author: Yves Orton +Date: Fri Jun 10 13:34:37 2016 +0200 + + fixup, guard av_top_index() for null RExC_warn_text + +commit 222c4b0094b4145d06cb164bedd2a66a3141203b +Author: Dan Collins +Date: Wed Jun 8 16:26:07 2016 -0400 + + [perl #128313] test for memory leak in POSIX classes + +Signed-off-by: Petr Písař +--- + regcomp.c | 21 ++++++++++----------- + t/op/svleak.t | 12 +++++++++++- + 2 files changed, 21 insertions(+), 12 deletions(-) + +diff --git a/regcomp.c b/regcomp.c +index be6cb96..f29892c 100644 +--- a/regcomp.c ++++ b/regcomp.c +@@ -199,6 +199,7 @@ struct RExC_state_t { + scan_frame *frame_head; + scan_frame *frame_last; + U32 frame_count; ++ AV *warn_text; + #ifdef ADD_TO_REGEXEC + char *starttry; /* -Dr: where regtry was called. */ + #define RExC_starttry (pRExC_state->starttry) +@@ -288,6 +289,7 @@ struct RExC_state_t { + #define RExC_frame_last (pRExC_state->frame_last) + #define RExC_frame_count (pRExC_state->frame_count) + #define RExC_strict (pRExC_state->strict) ++#define RExC_warn_text (pRExC_state->warn_text) + + /* Heuristic check on the complexity of the pattern: if TOO_NAUGHTY, we set + * a flag to disable back-off on the fixed/floating substrings - if it's +@@ -6767,6 +6769,7 @@ Perl_re_op_compile(pTHX_ SV ** const patternp, int pat_count, + #endif + } + ++ pRExC_state->warn_text = NULL; + pRExC_state->code_blocks = NULL; + pRExC_state->num_code_blocks = 0; + +@@ -13704,8 +13707,8 @@ S_populate_ANYOF_from_invlist(pTHX_ regnode *node, SV** invlist_ptr) + * routine. q.v. */ + #define ADD_POSIX_WARNING(p, text) STMT_START { \ + if (posix_warnings) { \ +- if (! warn_text) warn_text = newAV(); \ +- av_push(warn_text, Perl_newSVpvf(aTHX_ \ ++ if (! RExC_warn_text ) RExC_warn_text = (AV *) sv_2mortal((SV *) newAV()); \ ++ av_push(RExC_warn_text, Perl_newSVpvf(aTHX_ \ + WARNING_PREFIX \ + text \ + REPORT_LOCATION, \ +@@ -13836,7 +13839,6 @@ S_handle_possible_posix(pTHX_ RExC_state_t *pRExC_state, + bool has_opening_colon = FALSE; + int class_number = OOB_NAMEDCLASS; /* Out-of-bounds until find + valid class */ +- AV* warn_text = NULL; /* any warning messages */ + const char * possible_end = NULL; /* used for a 2nd parse pass */ + const char* name_start; /* ptr to class name first char */ + +@@ -13852,6 +13854,9 @@ S_handle_possible_posix(pTHX_ RExC_state_t *pRExC_state, + + PERL_ARGS_ASSERT_HANDLE_POSSIBLE_POSIX; + ++ if (posix_warnings && RExC_warn_text) ++ av_clear(RExC_warn_text); ++ + if (p >= e) { + return NOT_MEANT_TO_BE_A_POSIX_CLASS; + } +@@ -14469,14 +14474,8 @@ S_handle_possible_posix(pTHX_ RExC_state_t *pRExC_state, + ADD_POSIX_WARNING(p, "there is no terminating ']'"); + } + +- if (warn_text) { +- if (posix_warnings) { +- /* mortalize to avoid a leak with FATAL warnings */ +- *posix_warnings = (AV *) sv_2mortal((SV *) warn_text); +- } +- else { +- SvREFCNT_dec_NN(warn_text); +- } ++ if (posix_warnings && RExC_warn_text && av_top_index(RExC_warn_text) > -1) { ++ *posix_warnings = RExC_warn_text; + } + } + else if (class_number != OOB_NAMEDCLASS) { +diff --git a/t/op/svleak.t b/t/op/svleak.t +index 595bf3e..c18f498 100644 +--- a/t/op/svleak.t ++++ b/t/op/svleak.t +@@ -15,7 +15,7 @@ BEGIN { + + use Config; + +-plan tests => 131; ++plan tests => 132; + + # run some code N times. If the number of SVs at the end of loop N is + # greater than (N-1)*delta at the end of loop 1, we've got a leak +@@ -537,3 +537,13 @@ EOF + + ::leak(5, 0, \&f, q{goto shouldn't leak @_}); + } ++ ++# [perl #128313] POSIX warnings shouldn't leak ++{ ++ no warnings 'experimental'; ++ use re 'strict'; ++ my $a = 'aaa'; ++ my $b = 'aa'; ++ sub f { $a =~ /[^.]+$b/; } ++ ::leak(2, 0, \&f, q{use re 'strict' shouldn't leak warning strings}); ++} +-- +2.5.5 + diff --git a/perl.spec b/perl.spec index a51fb10..7c7b0cb 100644 --- a/perl.spec +++ b/perl.spec @@ -28,7 +28,7 @@ Name: perl Version: %{perl_version} # release number must be even higher, because dual-lived modules will be broken otherwise -Release: 364%{?dist} +Release: 365%{?dist} Epoch: %{perl_epoch} Summary: Practical Extraction and Report Language Group: Development/Languages @@ -113,6 +113,10 @@ Patch28: perl-5.22.0-Revert-const-the-core-magic-vtables.patch # This allows not to require perl-devel. Bug #1129443 Patch30: perl-5.22.1-Replace-EU-MM-dependnecy-with-EU-MM-Utils-in-IPC-Cmd.patch +# Fix a memory leak when compiling a regular expression with a POSIX class, +# RT#128313, in upstream after 5.25.1 +Patch31: perl-5.24.0-Fix-a-memory-leak-in-strict-regex-posix-classes.patch + # Link XS modules to libperl.so with EU::CBuilder on Linux, bug #960048 Patch200: perl-5.16.3-Link-XS-modules-to-libperl.so-with-EU-CBuilder-on-Li.patch @@ -2762,6 +2766,7 @@ Perl extension for Version Objects %patch26 -p1 %patch28 -p1 %patch30 -p1 +%patch31 -p1 %patch200 -p1 %patch201 -p1 @@ -2783,6 +2788,7 @@ perl -x patchlevel.h \ 'Fedora Patch27: Make PadlistNAMES() lvalue again (CPAN RT#101063)' \ 'Fedora Patch28: Make magic vtable writable as a work-around for Coro (CPAN RT#101063)' \ 'Fedora Patch30: Replace EU::MakeMaker dependency with EU::MM::Utils in IPC::Cmd (bug #1129443)' \ + 'Fedora Patch31: Fix a memory leak in compiling a POSIX class (RT#128313)' \ 'Fedora Patch200: Link XS modules to libperl.so with EU::CBuilder on Linux' \ 'Fedora Patch201: Link XS modules to libperl.so with EU::MM on Linux' \ %{nil} @@ -5049,6 +5055,10 @@ popd # Old changelog entries are preserved in CVS. %changelog +* Tue Jun 14 2016 Petr Pisar - 4:5.24.0-365 +- Fix a memory leak when compiling a regular expression with a POSIX class + (RT#128313) + * Thu May 19 2016 Petr Pisar - 4:5.24.0-364 - Remove reflexive dependencies - Use pregenerated dependencies on bootstrapping