rpms/perl
5
0
Fork 0
Code Issues Pull Requests Releases Activity

Fix an undefined behaviour in S_hv_delete_common()

Browse Source
This commit is contained in:
Petr Písař 2018-11-30 14:05:06 +01:00
parent e3cdc90d65
commit 85f1254ef4
2 changed files with 44 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
perl-5.29.5-S_hv_delete_common-avoid-undefined-behaviour.patch Normal file
View File

@ -0,0 +1,38 @@
From 9ba9a28aaea66bad2de041880a2c4210a911dda6 Mon Sep 17 00:00:00 2001
From: David Mitchell <davem@iabyn.com>
Date: Wed, 21 Nov 2018 12:09:45 +0000
Subject: [PATCH] S_hv_delete_common(): avoid undefined behaviour
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
ASAN -fsanitize-undefined was tripping on the second of these two lines:
svp = AvARRAY(isa);
end = svp + AvFILLp(isa)+1;
In the case where svp is NULL and AvFILLp(isa) is -1, the first addition
is undefined behaviour. Add the 1 first, so that it becomes
svp + (-1+1), which is safe.
Signed-off-by: Petr Písař <ppisar@redhat.com>
---
hv.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hv.c b/hv.c
index d3d02d1046..fc90a5146b 100644
--- a/hv.c
+++ b/hv.c
@@ -1295,7 +1295,7 @@ S_hv_delete_common(pTHX_ HV *hv, SV *keysv, const char *key, STRLEN klen,
SV **svp, **end;
strip_magic:
svp = AvARRAY(isa);
- end = svp + AvFILLp(isa)+1;
+ end = svp + (AvFILLp(isa)+1);
while (svp < end) {
if (*svp)
mg_free_type(*svp, PERL_MAGIC_isaelem);
--
2.17.2

6
perl.spec
View File

@ -202,6 +202,9 @@ Patch32: perl-5.28.1-PATCH-perl-133547-script-run-broken.patch
# in upstream after 5.29.3 # in upstream after 5.29.3
Patch33: perl-5.29.3-Accept-also-ESTALE-fix-for-RT-133534.patch Patch33: perl-5.29.3-Accept-also-ESTALE-fix-for-RT-133534.patch
# Fix an undefined behaviour in S_hv_delete_common(), in upstream after 5.29.5
Patch34: perl-5.29.5-S_hv_delete_common-avoid-undefined-behaviour.patch
# Link XS modules to libperl.so with EU::CBuilder on Linux, bug #960048 # Link XS modules to libperl.so with EU::CBuilder on Linux, bug #960048
Patch200: perl-5.16.3-Link-XS-modules-to-libperl.so-with-EU-CBuilder-on-Li.patch Patch200: perl-5.16.3-Link-XS-modules-to-libperl.so-with-EU-CBuilder-on-Li.patch
@ -2786,6 +2789,7 @@ Perl extension for Version Objects
%patch31 -p1 %patch31 -p1
%patch32 -p1 %patch32 -p1
%patch33 -p1 %patch33 -p1
%patch34 -p1
%patch200 -p1 %patch200 -p1
%patch201 -p1 %patch201 -p1
@ -2820,6 +2824,7 @@ perl -x patchlevel.h \
'Fedora Patch30: Pass the correct CFLAGS to dtrace' \ 'Fedora Patch30: Pass the correct CFLAGS to dtrace' \
'Fedora Patch31: Fix script run matching to allow ASCII digits in scripts that use their own in addition (RT#133547)' \ 'Fedora Patch31: Fix script run matching to allow ASCII digits in scripts that use their own in addition (RT#133547)' \
'Fedora Patch33: Fix PathTools tests to cope with ESTALE error (RT#133534)' \ 'Fedora Patch33: Fix PathTools tests to cope with ESTALE error (RT#133534)' \
'Fedora Patch34: Fix an undefined behaviour in S_hv_delete_common()' \
'Fedora Patch200: Link XS modules to libperl.so with EU::CBuilder on Linux' \ 'Fedora Patch200: Link XS modules to libperl.so with EU::CBuilder on Linux' \
'Fedora Patch201: Link XS modules to libperl.so with EU::MM on Linux' \ 'Fedora Patch201: Link XS modules to libperl.so with EU::MM on Linux' \
%{nil} %{nil}
@ -5112,6 +5117,7 @@ popd
- Fix script run matching to allow ASCII digits in scripts that use their own in - Fix script run matching to allow ASCII digits in scripts that use their own in
addition (RT#133547) addition (RT#133547)
- Fix PathTools tests to cope with ESTALE error (RT#133534) - Fix PathTools tests to cope with ESTALE error (RT#133534)
- Fix an undefined behaviour in S_hv_delete_common()
* Fri Nov 30 2018 Jitka Plesnikova <jplesnik@redhat.com> - 4:5.28.1-426 * Fri Nov 30 2018 Jitka Plesnikova <jplesnik@redhat.com> - 4:5.28.1-426
- 5.28.1 bump - 5.28.1 bump