rpms
/
perl
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Fix a crash in lexical scope warnings

This commit is contained in:
Petr Písař 2016-07-12 12:50:33 +02:00
parent 9906eb1f4e
commit c00f4b6eff
2 changed files with 102 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

93
perl-5.25.2-perl-128597-Crash-from-gp_free-ckWARN_d.patch Normal file
View File

@ -0,0 +1,93 @@
From a2637ca0a3fec01b80d7ea5ba62802354fd5e6f3 Mon Sep 17 00:00:00 2001
From: Father Chrysostomos <sprout@cpan.org>
Date: Mon, 11 Jul 2016 14:49:17 -0700
Subject: [PATCH] [perl #128597] Crash from gp_free/ckWARN_d
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
See the explanation in the test added and in the RT ticket.
The solution is to make the warn macros check that PL_curcop
is non-null.
Signed-off-by: Petr Písař <ppisar@redhat.com>
---
regen/warnings.pl | 6 ++++--
t/op/gv.t | 18 +++++++++++++++++-
warnings.h | 6 ++++--
3 files changed, 25 insertions(+), 5 deletions(-)
diff --git a/regen/warnings.pl b/regen/warnings.pl
index 815c735..94cd7a4 100644
--- a/regen/warnings.pl
+++ b/regen/warnings.pl
@@ -358,8 +358,10 @@ EOM
print $warn <<'EOM';
-#define isLEXWARN_on cBOOL(PL_curcop->cop_warnings != pWARN_STD)
-#define isLEXWARN_off cBOOL(PL_curcop->cop_warnings == pWARN_STD)
+#define isLEXWARN_on \
+ cBOOL(PL_curcop && PL_curcop->cop_warnings != pWARN_STD)
+#define isLEXWARN_off \
+ cBOOL(!PL_curcop || PL_curcop->cop_warnings == pWARN_STD)
#define isWARN_ONCE (PL_dowarn & (G_WARN_ON|G_WARN_ONCE))
#define isWARN_on(c,x) (IsSet((U8 *)(c + 1), 2*(x)))
#define isWARNf_on(c,x) (IsSet((U8 *)(c + 1), 2*(x)+1))
diff --git a/t/op/gv.t b/t/op/gv.t
index d71fd0a..03ae46e 100644
--- a/t/op/gv.t
+++ b/t/op/gv.t
@@ -12,7 +12,7 @@ BEGIN {
use warnings;
-plan(tests => 276 );
+plan(tests => 277 );
# type coercion on assignment
$foo = 'foo';
@@ -1153,6 +1153,22 @@ pass "No crash due to CvGV pointing to glob copy in the stash";
is($c_125840, 1, 'RT #125840: $c=$d');
}
+# [perl #128597] Crash when gp_free calls ckWARN_d
+# I am not sure this test even belongs in this file, as the crash was the
+# result of various features interacting. But a call to ckWARN_d from
+# gv.c:gp_free triggered the crash, so this seems as good a place as any.
+# die (or any abnormal scope exit) can cause the current cop to be freed,
+# if the subroutine containing the die gets freed as a result. That
+# causes PL_curcop to be set to NULL. If a writable handle gets freed
+# while PL_curcop is NULL, then gp_free will call ckWARN_d while that con-
+# dition still holds, so ckWARN_d needs to know about PL_curcop possibly
+# being NULL.
+SKIP: {
+ skip_if_miniperl("No PerlIO::scalar on miniperl", 1);
+ runperl(prog => 'open my $fh, q|>|, \$buf;'
+ .'my $sub = eval q|sub {exit 0}|; $sub->()');
+ is ($? & 127, 0,"[perl #128597] No crash when gp_free calls ckWARN_d");
+}
__END__
Perl
diff --git a/warnings.h b/warnings.h
index 337bef3..4d13732 100644
--- a/warnings.h
+++ b/warnings.h
@@ -115,8 +115,10 @@
#define WARN_ALLstring "\125\125\125\125\125\125\125\125\125\125\125\125\125\125\125\125\125"
#define WARN_NONEstring "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
-#define isLEXWARN_on cBOOL(PL_curcop->cop_warnings != pWARN_STD)
-#define isLEXWARN_off cBOOL(PL_curcop->cop_warnings == pWARN_STD)
+#define isLEXWARN_on \
+ cBOOL(PL_curcop && PL_curcop->cop_warnings != pWARN_STD)
+#define isLEXWARN_off \
+ cBOOL(!PL_curcop || PL_curcop->cop_warnings == pWARN_STD)
#define isWARN_ONCE (PL_dowarn & (G_WARN_ON|G_WARN_ONCE))
#define isWARN_on(c,x) (IsSet((U8 *)(c + 1), 2*(x)))
#define isWARNf_on(c,x) (IsSet((U8 *)(c + 1), 2*(x)+1))
--
2.5.5

10
perl.spec
View File

@ -28,7 +28,7 @@
Name: perl
Version: %{perl_version}
# release number must be even higher, because dual-lived modules will be broken otherwise
Release: 373%{?dist}
Release: 374%{?dist}
Epoch: %{perl_epoch}
Summary: Practical Extraction and Report Language
Group: Development/Languages
@ -154,6 +154,9 @@ Patch40: perl-5.25.2-perl-128532-Crash-vivifying-stub-in-deleted-pkg.patc
# in upstream after 5.25.2
Patch41: perl-5.25.2-SEGV-in-Subroutine-redefined-warning.patch
# Fix a crash in lexical scope warnings, RT#128597, in upstream after 5.25.2
Patch42: perl-5.25.2-perl-128597-Crash-from-gp_free-ckWARN_d.patch
# Link XS modules to libperl.so with EU::CBuilder on Linux, bug #960048
Patch200: perl-5.16.3-Link-XS-modules-to-libperl.so-with-EU-CBuilder-on-Li.patch
@ -2814,6 +2817,7 @@ Perl extension for Version Objects
%patch39 -p1
%patch40 -p1
%patch41 -p1
%patch42 -p1
%patch200 -p1
%patch201 -p1
@ -2846,6 +2850,7 @@ perl -x patchlevel.h \
'Fedora Patch39: Do not let XSLoader load relative paths (CVE-2016-6185)' \
'Fedora Patch40: Fix a crash when vivifying a stub in a deleted package (RT#128532)' \
'Fedora Patch41: Fix a crash in "Subroutine redefined" warning (RT#128257)' \
'Fedora Patch42: Fix a crash in lexical scope warnings (RT#128597)' \
'Fedora Patch200: Link XS modules to libperl.so with EU::CBuilder on Linux' \
'Fedora Patch201: Link XS modules to libperl.so with EU::MM on Linux' \
%{nil}
@ -5112,6 +5117,9 @@ popd
# Old changelog entries are preserved in CVS.
%changelog
* Tue Jul 12 2016 Petr Pisar <ppisar@redhat.com> - 4:5.24.0-374
- Fix a crash in lexical scope warnings (RT#128597)
* Fri Jul 08 2016 Petr Pisar <ppisar@redhat.com> - 4:5.24.0-373
- Fix a crash in "Subroutine redefined" warning (RT#128257)