Fix a stack underflow in readline() if passed an empty array as an argument
This commit is contained in:
parent
a47c957eb2
commit
f41c4accda
|
@ -0,0 +1,47 @@
|
||||||
|
From a8e0c1fd5ade7c30aa0782f1aea274ef89190f6d Mon Sep 17 00:00:00 2001
|
||||||
|
From: Tony Cook <tony@develop-help.com>
|
||||||
|
Date: Wed, 12 Jun 2019 15:21:47 +1000
|
||||||
|
Subject: [PATCH] (perl #133989) scalar() the argument to readline, if any
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
C< readline @foo > would treat @foo as array. If the array was empty
|
||||||
|
this would push zero items and readline() would then pop one item,
|
||||||
|
possibly underflowing the stack.
|
||||||
|
|
||||||
|
Signed-off-by: Petr Písař <ppisar@redhat.com>
|
||||||
|
---
|
||||||
|
op.c | 1 +
|
||||||
|
t/lib/croak/pp_sys | 6 ++++++
|
||||||
|
2 files changed, 7 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/op.c b/op.c
|
||||||
|
index 6ad192307f..7aa002cadd 100644
|
||||||
|
--- a/op.c
|
||||||
|
+++ b/op.c
|
||||||
|
@@ -12142,6 +12142,7 @@ Perl_ck_readline(pTHX_ OP *o)
|
||||||
|
if (o->op_flags & OPf_KIDS) {
|
||||||
|
OP *kid = cLISTOPo->op_first;
|
||||||
|
if (kid->op_type == OP_RV2GV) kid->op_private |= OPpALLOW_FAKE;
|
||||||
|
+ scalar(kid);
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
OP * const newop
|
||||||
|
diff --git a/t/lib/croak/pp_sys b/t/lib/croak/pp_sys
|
||||||
|
index be100da27a..cf9e4ef0ed 100644
|
||||||
|
--- a/t/lib/croak/pp_sys
|
||||||
|
+++ b/t/lib/croak/pp_sys
|
||||||
|
@@ -93,3 +93,9 @@ close $fh;
|
||||||
|
END { unlink $file; }
|
||||||
|
EXPECT
|
||||||
|
syswrite() isn't allowed on :utf8 handles at - line 5.
|
||||||
|
+########
|
||||||
|
+# NAME readline() didn't scalar() its argument
|
||||||
|
+# this would assert rather than failing on the method call
|
||||||
|
+E{0;readline@0}
|
||||||
|
+EXPECT
|
||||||
|
+Can't call method "E" without a package or object reference at - line 2.
|
||||||
|
--
|
||||||
|
2.20.1
|
||||||
|
|
|
@ -197,6 +197,10 @@ Patch30: perl-5.31.0-perl-133936-ensure-TO-is-honoured-for-UDP-sock-send.
|
||||||
Patch31: perl-5.31.0-perl-133936-document-differences-between-IO-Socket-a.patch
|
Patch31: perl-5.31.0-perl-133936-document-differences-between-IO-Socket-a.patch
|
||||||
Patch32: perl-5.31.0-perl-133936-make-send-a-bit-saner.patch
|
Patch32: perl-5.31.0-perl-133936-make-send-a-bit-saner.patch
|
||||||
|
|
||||||
|
# Fix a stack underflow in readline() if passed an empty array as an argument,
|
||||||
|
# RT133989, fixed after 5.31.0
|
||||||
|
Patch33: perl-5.31.0-perl-133989-scalar-the-argument-to-readline-if-any.patch
|
||||||
|
|
||||||
# Link XS modules to libperl.so with EU::CBuilder on Linux, bug #960048
|
# Link XS modules to libperl.so with EU::CBuilder on Linux, bug #960048
|
||||||
Patch200: perl-5.16.3-Link-XS-modules-to-libperl.so-with-EU-CBuilder-on-Li.patch
|
Patch200: perl-5.16.3-Link-XS-modules-to-libperl.so-with-EU-CBuilder-on-Li.patch
|
||||||
|
|
||||||
|
@ -2747,6 +2751,7 @@ Perl extension for Version Objects
|
||||||
%patch30 -p1
|
%patch30 -p1
|
||||||
%patch31 -p1
|
%patch31 -p1
|
||||||
%patch32 -p1
|
%patch32 -p1
|
||||||
|
%patch33 -p1
|
||||||
%patch200 -p1
|
%patch200 -p1
|
||||||
%patch201 -p1
|
%patch201 -p1
|
||||||
|
|
||||||
|
@ -2786,6 +2791,7 @@ perl -x patchlevel.h \
|
||||||
'Fedora Patch30: Fix changing packet destination sent from a UDP IO::Socket object (RT#133936)' \
|
'Fedora Patch30: Fix changing packet destination sent from a UDP IO::Socket object (RT#133936)' \
|
||||||
'Fedora Patch31: Fix changing packet destination sent from a UDP IO::Socket object (RT#133936)' \
|
'Fedora Patch31: Fix changing packet destination sent from a UDP IO::Socket object (RT#133936)' \
|
||||||
'Fedora Patch32: Fix changing packet destination sent from a UDP IO::Socket object (RT#133936)' \
|
'Fedora Patch32: Fix changing packet destination sent from a UDP IO::Socket object (RT#133936)' \
|
||||||
|
'Fedora Patch33: Fix a stack underflow in readline() if passed an empty array as an argument (#RT133989)' \
|
||||||
'Fedora Patch200: Link XS modules to libperl.so with EU::CBuilder on Linux' \
|
'Fedora Patch200: Link XS modules to libperl.so with EU::CBuilder on Linux' \
|
||||||
'Fedora Patch201: Link XS modules to libperl.so with EU::MM on Linux' \
|
'Fedora Patch201: Link XS modules to libperl.so with EU::MM on Linux' \
|
||||||
%{nil}
|
%{nil}
|
||||||
|
@ -5046,6 +5052,8 @@ popd
|
||||||
- Improve retrieving a scalar value of a variable modified in a signal handler
|
- Improve retrieving a scalar value of a variable modified in a signal handler
|
||||||
(RT#134035)
|
(RT#134035)
|
||||||
- Fix changing packet destination sent from a UDP IO::Socket object (RT#133936)
|
- Fix changing packet destination sent from a UDP IO::Socket object (RT#133936)
|
||||||
|
- Fix a stack underflow in readline() if passed an empty array as an argument
|
||||||
|
(#RT133989)
|
||||||
|
|
||||||
* Tue Jun 11 2019 Jitka Plesnikova <jplesnik@redhat.com> - 4:5.30.0-439
|
* Tue Jun 11 2019 Jitka Plesnikova <jplesnik@redhat.com> - 4:5.30.0-439
|
||||||
- Define %%perl_vendor*, %%perl_archlib, %%perl_privlib, because in rpm
|
- Define %%perl_vendor*, %%perl_archlib, %%perl_privlib, because in rpm
|
||||||
|
|
Loading…
Reference in New Issue