diff --git a/perl-5.29.5-S_hv_delete_common-avoid-undefined-behaviour.patch b/perl-5.29.5-S_hv_delete_common-avoid-undefined-behaviour.patch new file mode 100644 index 0000000..3f85d31 --- /dev/null +++ b/perl-5.29.5-S_hv_delete_common-avoid-undefined-behaviour.patch @@ -0,0 +1,38 @@ +From 9ba9a28aaea66bad2de041880a2c4210a911dda6 Mon Sep 17 00:00:00 2001 +From: David Mitchell +Date: Wed, 21 Nov 2018 12:09:45 +0000 +Subject: [PATCH] S_hv_delete_common(): avoid undefined behaviour +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +ASAN -fsanitize-undefined was tripping on the second of these two lines: + + svp = AvARRAY(isa); + end = svp + AvFILLp(isa)+1; + +In the case where svp is NULL and AvFILLp(isa) is -1, the first addition +is undefined behaviour. Add the 1 first, so that it becomes +svp + (-1+1), which is safe. + +Signed-off-by: Petr Písař +--- + hv.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/hv.c b/hv.c +index d3d02d1046..fc90a5146b 100644 +--- a/hv.c ++++ b/hv.c +@@ -1295,7 +1295,7 @@ S_hv_delete_common(pTHX_ HV *hv, SV *keysv, const char *key, STRLEN klen, + SV **svp, **end; + strip_magic: + svp = AvARRAY(isa); +- end = svp + AvFILLp(isa)+1; ++ end = svp + (AvFILLp(isa)+1); + while (svp < end) { + if (*svp) + mg_free_type(*svp, PERL_MAGIC_isaelem); +-- +2.17.2 + diff --git a/perl.spec b/perl.spec index 548c2f3..b90f1e0 100644 --- a/perl.spec +++ b/perl.spec @@ -202,6 +202,9 @@ Patch32: perl-5.28.1-PATCH-perl-133547-script-run-broken.patch # in upstream after 5.29.3 Patch33: perl-5.29.3-Accept-also-ESTALE-fix-for-RT-133534.patch +# Fix an undefined behaviour in S_hv_delete_common(), in upstream after 5.29.5 +Patch34: perl-5.29.5-S_hv_delete_common-avoid-undefined-behaviour.patch + # Link XS modules to libperl.so with EU::CBuilder on Linux, bug #960048 Patch200: perl-5.16.3-Link-XS-modules-to-libperl.so-with-EU-CBuilder-on-Li.patch @@ -2786,6 +2789,7 @@ Perl extension for Version Objects %patch31 -p1 %patch32 -p1 %patch33 -p1 +%patch34 -p1 %patch200 -p1 %patch201 -p1 @@ -2820,6 +2824,7 @@ perl -x patchlevel.h \ 'Fedora Patch30: Pass the correct CFLAGS to dtrace' \ 'Fedora Patch31: Fix script run matching to allow ASCII digits in scripts that use their own in addition (RT#133547)' \ 'Fedora Patch33: Fix PathTools tests to cope with ESTALE error (RT#133534)' \ + 'Fedora Patch34: Fix an undefined behaviour in S_hv_delete_common()' \ 'Fedora Patch200: Link XS modules to libperl.so with EU::CBuilder on Linux' \ 'Fedora Patch201: Link XS modules to libperl.so with EU::MM on Linux' \ %{nil} @@ -5112,6 +5117,7 @@ popd - Fix script run matching to allow ASCII digits in scripts that use their own in addition (RT#133547) - Fix PathTools tests to cope with ESTALE error (RT#133534) +- Fix an undefined behaviour in S_hv_delete_common() * Fri Nov 30 2018 Jitka Plesnikova - 4:5.28.1-426 - 5.28.1 bump