From 9457f9ae7d5746fb54c0a808b5ca56a4bf8fd6cc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= Date: Wed, 11 Sep 2019 11:59:33 +0200 Subject: [PATCH] Fix a memory leak when matching a UTF-8 regular expression --- ...t-leak-the-SV-we-just-created-on-an-.patch | 29 +++++++++++++++++++ perl.spec | 11 ++++++- 2 files changed, 39 insertions(+), 1 deletion(-) create mode 100644 perl-5.31.3-perl-134390-don-t-leak-the-SV-we-just-created-on-an-.patch diff --git a/perl-5.31.3-perl-134390-don-t-leak-the-SV-we-just-created-on-an-.patch b/perl-5.31.3-perl-134390-don-t-leak-the-SV-we-just-created-on-an-.patch new file mode 100644 index 0000000..2790944 --- /dev/null +++ b/perl-5.31.3-perl-134390-don-t-leak-the-SV-we-just-created-on-an-.patch @@ -0,0 +1,29 @@ +From 05a03c0da6f3694904885fa1629a6e35e75d2875 Mon Sep 17 00:00:00 2001 +From: Tony Cook +Date: Mon, 2 Sep 2019 15:35:36 +1000 +Subject: [PATCH] (perl #134390) don't leak the SV we just created on an early + return +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Signed-off-by: Petr Písař +--- + regexec.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/regexec.c b/regexec.c +index c390bff72e..97ea458a20 100644 +--- a/regexec.c ++++ b/regexec.c +@@ -10405,6 +10405,7 @@ S_to_byte_substr(pTHX_ regexp *prog) + && !prog->substrs->data[i].substr) { + SV* sv = newSVsv(prog->substrs->data[i].utf8_substr); + if (! sv_utf8_downgrade(sv, TRUE)) { ++ SvREFCNT_dec_NN(sv); + return FALSE; + } + if (SvVALID(prog->substrs->data[i].utf8_substr)) { +-- +2.21.0 + diff --git a/perl.spec b/perl.spec index 733eac2..3ec91fa 100644 --- a/perl.spec +++ b/perl.spec @@ -85,7 +85,7 @@ License: GPL+ or Artistic Epoch: %{perl_epoch} Version: %{perl_version} # release number must be even higher, because dual-lived modules will be broken otherwise -Release: 445%{?dist} +Release: 446%{?dist} Summary: Practical Extraction and Report Language Url: https://www.perl.org/ Source0: https://www.cpan.org/src/5.0/perl-%{perl_version}.tar.xz @@ -288,6 +288,10 @@ Patch58: perl-5.30.0-PATCH-perl-134329-Use-after-free-in-regcomp.c.patch # fixed after 5.31.3 Patch59: perl-5.31.3-Supply-missing-right-brace-in-regex-example.patch +# Fix a memory leak when matching a UTF-8 regular expression, RT#134329, +# fixed after 5.31.3 +Patch60: perl-5.31.3-perl-134390-don-t-leak-the-SV-we-just-created-on-an-.patch + # Link XS modules to libperl.so with EU::CBuilder on Linux, bug #960048 Patch200: perl-5.16.3-Link-XS-modules-to-libperl.so-with-EU-CBuilder-on-Li.patch @@ -2879,6 +2883,7 @@ git commit --message 'Import' git am < %{PATCH58} rm -rf .git # Perl tests examine a git repository %patch59 -p1 +%patch60 -p1 %patch200 -p1 %patch201 -p1 @@ -2945,6 +2950,7 @@ perl -x patchlevel.h \ 'Fedora Patch57: Fix a buffer overread when compiling a regular expression with many escapes (RT#134325)' \ 'Fedora Patch58: Fix a buffer overflow when compiling a regular expression with many branches (RT#134329)' \ 'Fedora Patch59: Correct a misspelling in perlrebackslash documentation (RT#134395)' \ + 'Fedora Patch60: Fix a memory leak when matching a UTF-8 regular expression (RT#134329)' \ 'Fedora Patch200: Link XS modules to libperl.so with EU::CBuilder on Linux' \ 'Fedora Patch201: Link XS modules to libperl.so with EU::MM on Linux' \ %{nil} @@ -5190,6 +5196,9 @@ popd # Old changelog entries are preserved in CVS. %changelog +* Wed Sep 11 2019 Petr Pisar - 4:5.30.0-446 +- Fix a memory leak when matching a UTF-8 regular expression (RT#134329) + * Mon Sep 02 2019 Petr Pisar - 4:5.30.0-445 - Adjust spec file to rpm-build-4.15.0-0.rc1.1 - Fix parsing a Unicode property name when compiling a regular expression