Fix a buffer overflow in my_atof2()
This commit is contained in:
parent
73bead49db
commit
938de5960e
@ -0,0 +1,37 @@
|
|||||||
|
From 9604fbf0722bd97ca6031a263c50ad52b6633db7 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Tony Cook <tony@develop-help.com>
|
||||||
|
Date: Wed, 14 Jun 2017 09:42:31 +1000
|
||||||
|
Subject: [PATCH] (perl #131526) don't go beyond the end of the NUL in my_atof2
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
Perl_my_atof2() calls GROK_NUMERIC_RADIX() to detect and skip past
|
||||||
|
a decimal point and then can increment the parse pointer (s) before
|
||||||
|
checking what it points at, so skipping the terminating NUL if the
|
||||||
|
decimal point is immediately before the NUL.
|
||||||
|
|
||||||
|
Signed-off-by: Petr Písař <ppisar@redhat.com>
|
||||||
|
---
|
||||||
|
numeric.c | 4 ++--
|
||||||
|
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/numeric.c b/numeric.c
|
||||||
|
index 6ea6968..5771907 100644
|
||||||
|
--- a/numeric.c
|
||||||
|
+++ b/numeric.c
|
||||||
|
@@ -1485,9 +1485,9 @@ Perl_my_atof2(pTHX_ const char* orig, NV* value)
|
||||||
|
else if (!seen_dp && GROK_NUMERIC_RADIX(&s, send)) {
|
||||||
|
seen_dp = 1;
|
||||||
|
if (sig_digits > MAX_SIG_DIGITS) {
|
||||||
|
- do {
|
||||||
|
+ while (isDIGIT(*s)) {
|
||||||
|
++s;
|
||||||
|
- } while (isDIGIT(*s));
|
||||||
|
+ }
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
--
|
||||||
|
2.9.4
|
||||||
|
|
@ -158,6 +158,9 @@ Patch35: perl-5.27.0-perl-131221-sv_dup-sv_dup_inc-are-only-available-und
|
|||||||
# in upstream after 5.27.0
|
# in upstream after 5.27.0
|
||||||
Patch36: perl-5.26.0-perl-131263-clear-the-UTF8-flag-on-a-glob-if-it-isn-.patch
|
Patch36: perl-5.26.0-perl-131263-clear-the-UTF8-flag-on-a-glob-if-it-isn-.patch
|
||||||
|
|
||||||
|
# Fix a buffer overflow in my_atof2(), RT#131526, in upstream after 5.27.0
|
||||||
|
Patch37: perl-5.27.0-perl-131526-don-t-go-beyond-the-end-of-the-NUL-in-my.patch
|
||||||
|
|
||||||
# Link XS modules to libperl.so with EU::CBuilder on Linux, bug #960048
|
# Link XS modules to libperl.so with EU::CBuilder on Linux, bug #960048
|
||||||
Patch200: perl-5.16.3-Link-XS-modules-to-libperl.so-with-EU-CBuilder-on-Li.patch
|
Patch200: perl-5.16.3-Link-XS-modules-to-libperl.so-with-EU-CBuilder-on-Li.patch
|
||||||
|
|
||||||
@ -2812,6 +2815,7 @@ Perl extension for Version Objects
|
|||||||
%patch34 -p1
|
%patch34 -p1
|
||||||
%patch35 -p1
|
%patch35 -p1
|
||||||
%patch36 -p1
|
%patch36 -p1
|
||||||
|
%patch37 -p1
|
||||||
%patch200 -p1
|
%patch200 -p1
|
||||||
%patch201 -p1
|
%patch201 -p1
|
||||||
|
|
||||||
@ -2837,6 +2841,7 @@ perl -x patchlevel.h \
|
|||||||
'Fedora Patch33: Fix an improper cast of a negative integer to an unsigned 8-bit type (RT#131190)' \
|
'Fedora Patch33: Fix an improper cast of a negative integer to an unsigned 8-bit type (RT#131190)' \
|
||||||
'Fedora Patch34: Fix cloning :via handles on thread creation (RT#131221)' \
|
'Fedora Patch34: Fix cloning :via handles on thread creation (RT#131221)' \
|
||||||
'Fedora Patch36: Fix glob UTF-8 flag on a glob reassignment (RT#131263)' \
|
'Fedora Patch36: Fix glob UTF-8 flag on a glob reassignment (RT#131263)' \
|
||||||
|
'Fedora Patch37: Fix a buffer overflow in my_atof2() (RT#131526)' \
|
||||||
'Fedora Patch200: Link XS modules to libperl.so with EU::CBuilder on Linux' \
|
'Fedora Patch200: Link XS modules to libperl.so with EU::CBuilder on Linux' \
|
||||||
'Fedora Patch201: Link XS modules to libperl.so with EU::MM on Linux' \
|
'Fedora Patch201: Link XS modules to libperl.so with EU::MM on Linux' \
|
||||||
%{nil}
|
%{nil}
|
||||||
@ -5125,6 +5130,7 @@ popd
|
|||||||
- Fix an improper cast of a negative integer to an unsigned 8-bit type (RT#131190)
|
- Fix an improper cast of a negative integer to an unsigned 8-bit type (RT#131190)
|
||||||
- Fix cloning :via handles on thread creation (RT#131221)
|
- Fix cloning :via handles on thread creation (RT#131221)
|
||||||
- Fix glob UTF-8 flag on a glob reassignment (RT#131263)
|
- Fix glob UTF-8 flag on a glob reassignment (RT#131263)
|
||||||
|
- Fix a buffer overflow in my_atof2() (RT#131526)
|
||||||
|
|
||||||
* Tue Jun 06 2017 Jitka Plesnikova <jplesnik@redhat.com> - 4:5.26.0-393
|
* Tue Jun 06 2017 Jitka Plesnikova <jplesnik@redhat.com> - 4:5.26.0-393
|
||||||
- Stop providing old perl(MODULE_COMPAT_5.24.*)
|
- Stop providing old perl(MODULE_COMPAT_5.24.*)
|
||||||
|
Loading…
Reference in New Issue
Block a user