Fix a possibly unitialized memory read in the Perl parser
This commit is contained in:
parent
7d51eee368
commit
b09154addd
@ -0,0 +1,71 @@
|
|||||||
|
From 62e6b70574842d7f2c547d33c85c50228522f685 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Marc-Philip <marc-philip.werner@sap.com>
|
||||||
|
Date: Sun, 8 Apr 2018 12:15:29 -0600
|
||||||
|
Subject: [PATCH] PATCH: [perl #133074] 5.26.1: some coverity fixes
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
we have some coverity code scans here. They have found this
|
||||||
|
uninilialized variable in pp.c and the integer overrun in toke.c.
|
||||||
|
Though it might be possible that these are false positives (no
|
||||||
|
reasonable control path gets there), it's good to mute the scan here to
|
||||||
|
see the real problems easier.
|
||||||
|
|
||||||
|
Signed-off-by: Petr Písař <ppisar@redhat.com>
|
||||||
|
---
|
||||||
|
pp.c | 1 +
|
||||||
|
toke.c | 8 ++++----
|
||||||
|
2 files changed, 5 insertions(+), 4 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/pp.c b/pp.c
|
||||||
|
index 5524131658..d777ae4309 100644
|
||||||
|
--- a/pp.c
|
||||||
|
+++ b/pp.c
|
||||||
|
@@ -3727,6 +3727,7 @@ PP(pp_ucfirst)
|
||||||
|
if (! slen) { /* If empty */
|
||||||
|
need = 1; /* still need a trailing NUL */
|
||||||
|
ulen = 0;
|
||||||
|
+ *tmpbuf = '\0';
|
||||||
|
}
|
||||||
|
else if (DO_UTF8(source)) { /* Is the source utf8? */
|
||||||
|
doing_utf8 = TRUE;
|
||||||
|
diff --git a/toke.c b/toke.c
|
||||||
|
index 3405dc6c89..fc87252bb1 100644
|
||||||
|
--- a/toke.c
|
||||||
|
+++ b/toke.c
|
||||||
|
@@ -9052,7 +9052,7 @@ S_pending_ident(pTHX)
|
||||||
|
HEK * const stashname = HvNAME_HEK(stash);
|
||||||
|
SV * const sym = newSVhek(stashname);
|
||||||
|
sv_catpvs(sym, "::");
|
||||||
|
- sv_catpvn_flags(sym, PL_tokenbuf+1, tokenbuf_len - 1, (UTF ? SV_CATUTF8 : SV_CATBYTES ));
|
||||||
|
+ sv_catpvn_flags(sym, PL_tokenbuf+1, tokenbuf_len > 0 ? tokenbuf_len - 1 : 0, (UTF ? SV_CATUTF8 : SV_CATBYTES ));
|
||||||
|
pl_yylval.opval = newSVOP(OP_CONST, 0, sym);
|
||||||
|
pl_yylval.opval->op_private = OPpCONST_ENTERED;
|
||||||
|
if (pit != '&')
|
||||||
|
@@ -9080,7 +9080,7 @@ S_pending_ident(pTHX)
|
||||||
|
&& PL_lex_state != LEX_NORMAL
|
||||||
|
&& !PL_lex_brackets)
|
||||||
|
{
|
||||||
|
- GV *const gv = gv_fetchpvn_flags(PL_tokenbuf + 1, tokenbuf_len - 1,
|
||||||
|
+ GV *const gv = gv_fetchpvn_flags(PL_tokenbuf + 1, tokenbuf_len > 0 ? tokenbuf_len - 1 : 0,
|
||||||
|
( UTF ? SVf_UTF8 : 0 ) | GV_ADDMG,
|
||||||
|
SVt_PVAV);
|
||||||
|
if ((!gv || ((PL_tokenbuf[0] == '@') ? !GvAV(gv) : !GvHV(gv)))
|
||||||
|
@@ -9097,11 +9097,11 @@ S_pending_ident(pTHX)
|
||||||
|
/* build ops for a bareword */
|
||||||
|
pl_yylval.opval = newSVOP(OP_CONST, 0,
|
||||||
|
newSVpvn_flags(PL_tokenbuf + 1,
|
||||||
|
- tokenbuf_len - 1,
|
||||||
|
+ tokenbuf_len > 0 ? tokenbuf_len - 1 : 0,
|
||||||
|
UTF ? SVf_UTF8 : 0 ));
|
||||||
|
pl_yylval.opval->op_private = OPpCONST_ENTERED;
|
||||||
|
if (pit != '&')
|
||||||
|
- gv_fetchpvn_flags(PL_tokenbuf+1, tokenbuf_len - 1,
|
||||||
|
+ gv_fetchpvn_flags(PL_tokenbuf+1, tokenbuf_len > 0 ? tokenbuf_len - 1 : 0,
|
||||||
|
(PL_in_eval ? GV_ADDMULTI : GV_ADD)
|
||||||
|
| ( UTF ? SVf_UTF8 : 0 ),
|
||||||
|
((PL_tokenbuf[0] == '$') ? SVt_PV
|
||||||
|
--
|
||||||
|
2.14.3
|
||||||
|
|
@ -267,6 +267,10 @@ Patch82: perl-5.27.9-fix-line-numbers-in-multi-line-s.patch
|
|||||||
# in upstream after 5.27.10
|
# in upstream after 5.27.10
|
||||||
Patch83: perl-5.27.10-PATCH-perl-132167-Parse-error-in-regex_sets.patch
|
Patch83: perl-5.27.10-PATCH-perl-132167-Parse-error-in-regex_sets.patch
|
||||||
|
|
||||||
|
# Fix a possibly unitialized memory read in the Perl parser, RT#133074,
|
||||||
|
# in upstream after 5.27.10
|
||||||
|
Patch84: perl-5.27.10-PATCH-perl-133074-5.26.1-some-coverity-fixes.patch
|
||||||
|
|
||||||
# Link XS modules to libperl.so with EU::CBuilder on Linux, bug #960048
|
# Link XS modules to libperl.so with EU::CBuilder on Linux, bug #960048
|
||||||
Patch200: perl-5.16.3-Link-XS-modules-to-libperl.so-with-EU-CBuilder-on-Li.patch
|
Patch200: perl-5.16.3-Link-XS-modules-to-libperl.so-with-EU-CBuilder-on-Li.patch
|
||||||
|
|
||||||
@ -2871,6 +2875,7 @@ Perl extension for Version Objects
|
|||||||
%patch81 -p1
|
%patch81 -p1
|
||||||
%patch82 -p1
|
%patch82 -p1
|
||||||
%patch83 -p1
|
%patch83 -p1
|
||||||
|
%patch84 -p1
|
||||||
%patch200 -p1
|
%patch200 -p1
|
||||||
%patch201 -p1
|
%patch201 -p1
|
||||||
|
|
||||||
@ -2922,6 +2927,7 @@ perl -x patchlevel.h \
|
|||||||
'Fedora Patch81: Do not clobber file bytes in :encoding layer (RT#132833)' \
|
'Fedora Patch81: Do not clobber file bytes in :encoding layer (RT#132833)' \
|
||||||
'Fedora Patch82: Fix line numbers in multi-line s/// (RT#131930)' \
|
'Fedora Patch82: Fix line numbers in multi-line s/// (RT#131930)' \
|
||||||
'Fedora Patch83: Fix parsing extended bracketed character classes (RT#132167)' \
|
'Fedora Patch83: Fix parsing extended bracketed character classes (RT#132167)' \
|
||||||
|
'Fedora Patch84: Fix a possibly unitialized memory read in the Perl parser (RT#133074)' \
|
||||||
'Fedora Patch200: Link XS modules to libperl.so with EU::CBuilder on Linux' \
|
'Fedora Patch200: Link XS modules to libperl.so with EU::CBuilder on Linux' \
|
||||||
'Fedora Patch201: Link XS modules to libperl.so with EU::MM on Linux' \
|
'Fedora Patch201: Link XS modules to libperl.so with EU::MM on Linux' \
|
||||||
%{nil}
|
%{nil}
|
||||||
@ -5215,6 +5221,7 @@ popd
|
|||||||
- Do not clobber file bytes in :encoding layer (RT#132833)
|
- Do not clobber file bytes in :encoding layer (RT#132833)
|
||||||
- Fix line numbers in multi-line s/// (RT#131930)
|
- Fix line numbers in multi-line s/// (RT#131930)
|
||||||
- Fix parsing extended bracketed character classes (RT#132167)
|
- Fix parsing extended bracketed character classes (RT#132167)
|
||||||
|
- Fix a possibly unitialized memory read in the Perl parser (RT#133074)
|
||||||
|
|
||||||
* Mon Apr 16 2018 Petr Pisar <ppisar@redhat.com> - 4:5.26.2-411
|
* Mon Apr 16 2018 Petr Pisar <ppisar@redhat.com> - 4:5.26.2-411
|
||||||
- 5.26.2 bump
|
- 5.26.2 bump
|
||||||
|
Loading…
Reference in New Issue
Block a user