[perl #111500] Bleadperl v5.15.7-88-g7e4f045 breaks MLEHMANN/common-sense-3.4.tar.gz

On Tue Mar 06 04:41:59 2012, schmorp@schmorp.de wrote:
> It is also not cleaner because perl does not do bounds-checking, so
> assigning a shorter value might cause undefined behaviour. If a common
> sense module survives into a newer version of perl, this might well cause
> memory corruption or worse.

I’ve just had a look at this code in mg.c:

			STRLEN len;
			const char *const p = SvPV_const(sv, len);

			PL_compiling.cop_warnings
			    = Perl_new_warnings_bitfield(aTHX_ PL_compiling.cop_warnings,
							 p, len);

and this code in util.c:

STRLEN *
Perl_new_warnings_bitfield(pTHX_ STRLEN *buffer, const char *const bits,
			   STRLEN size) {
    const MEM_SIZE len_wanted = sizeof(STRLEN) + size;
    PERL_UNUSED_CONTEXT;
    PERL_ARGS_ASSERT_NEW_WARNINGS_BITFIELD;

    buffer = (STRLEN*)
	(specialWARN(buffer) ?
	 PerlMemShared_malloc(len_wanted) :
	 PerlMemShared_realloc(buffer, len_wanted));
    buffer[0] = size;
    Copy(bits, (buffer + 1), size, char);
    return buffer;
}

Ouch!

I didn’t realise it was that bad.

It is storing the size of the buffer, but then that stored size doesn’t
seem to be used anywhere.

This small patch would fix that in the least intrusive way possible:

diff --git a/util.c b/util.c
index 1ff5913..87ca76d 100644
--- a/util.c
+++ b/util.c
@@ -2002,10 +2002,11 @@ S_ckwarn_common(pTHX_ U32 w)
 STRLEN *
 Perl_new_warnings_bitfield(pTHX_ STRLEN *buffer, const char *const bits,
 			   STRLEN size) {
-    const MEM_SIZE len_wanted = sizeof(STRLEN) + size;
+    const MEM_SIZE len_wanted = sizeof(STRLEN) + WARNsize;
     PERL_UNUSED_CONTEXT;
     PERL_ARGS_ASSERT_NEW_WARNINGS_BITFIELD;
 
+    size = WARNsize;
     buffer = (STRLEN*)
 	(specialWARN(buffer) ?
 	 PerlMemShared_malloc(len_wanted) :

Does anyone see anything wrong with applying that now?

(Then, after 5.16, we could refactor it to avoid allocating the extra
sizeof(STRLEN) bytes.)

-- 

Father Chrysostomos


---
via perlbug:  queue: perl5 status: open
https://rt.perl.org:443/rt3/Ticket/Display.html?id=111500

• [perl #111500] Bleadperl v5.15.7-88-g7e4f045 breaks MLEHMANN/common-sense-3.4.tar.gz by andreas.koenig.7os6VVqR
• Re: [perl #111500] Bleadperl v5.15.7-88-g7e4f045 breaksMLEHMANN/common-sense-3.4.tar.gz by Marc Lehmann
• [perl #111500] Bleadperl v5.15.7-88-g7e4f045 breaks MLEHMANN/common-sense-3.4.tar.gz by Father Chrysostomos via RT
• Re: [perl #111500] Bleadperl v5.15.7-88-g7e4f045 breaksMLEHMANN/common-sense-3.4.tar.gz by Marc Lehmann
• Re: [perl #111500] Bleadperl v5.15.7-88-g7e4f045 breaksMLEHMANN/common-sense-3.4.tar.gz by Zefram
• Re: [perl #111500] Bleadperl v5.15.7-88-g7e4f045 breaksMLEHMANN/common-sense-3.4.tar.gz by Marc Lehmann
• Re: [perl #111500] Bleadperl v5.15.7-88-g7e4f045 breaksMLEHMANN/common-sense-3.4.tar.gz by Zefram
• Re: [perl #111500] Bleadperl v5.15.7-88-g7e4f045 breaksMLEHMANN/common-sense-3.4.tar.gz by Marc Lehmann
• [perl #111500] Bleadperl v5.15.7-88-g7e4f045 breaks MLEHMANN/common-sense-3.4.tar.gz by Father Chrysostomos via RT
• Re: [perl #111500] Bleadperl v5.15.7-88-g7e4f045 breaksMLEHMANN/common-sense-3.4.tar.gz by Marc Lehmann
• [perl #111500] Bleadperl v5.15.7-88-g7e4f045 breaks MLEHMANN/common-sense-3.4.tar.gz by Father Chrysostomos via RT
• Re: [perl #111500] Bleadperl v5.15.7-88-g7e4f045 breaksMLEHMANN/common-sense-3.4.tar.gz by Zefram
• [perl #111500] Bleadperl v5.15.7-88-g7e4f045 breaks MLEHMANN/common-sense-3.4.tar.gz by Father Chrysostomos via RT
• [perl #111500] Bleadperl v5.15.7-88-g7e4f045 breaks MLEHMANN/common-sense-3.4.tar.gz by Father Chrysostomos via RT
• Re: [perl #111500] Bleadperl v5.15.7-88-g7e4f045 breaksMLEHMANN/common-sense-3.4.tar.gz by Zefram
• [perl #111500] Bleadperl v5.15.7-88-g7e4f045 breaks MLEHMANN/common-sense-3.4.tar.gz by Father Chrysostomos via RT
• Re: [perl #111500] Bleadperl v5.15.7-88-g7e4f045 breaks MLEHMANN/common-sense-3.4.tar.gz by Leon Timmermans
• Re: [perl #111500] Bleadperl v5.15.7-88-g7e4f045 breaksMLEHMANN/common-sense-3.4.tar.gz by Marc Lehmann
• Re: [perl #111500] Bleadperl v5.15.7-88-g7e4f045 breaks MLEHMANN/common-sense-3.4.tar.gz by Eric Brine
• [perl #111500] Bleadperl v5.15.7-88-g7e4f045 breaks MLEHMANN/common-sense-3.4.tar.gz by Father Chrysostomos via RT
• Re: [perl #111500] Bleadperl v5.15.7-88-g7e4f045 breaksMLEHMANN/common-sense-3.4.tar.gz by Zefram
• Re: [perl #111500] Bleadperl v5.15.7-88-g7e4f045 breaks MLEHMANN/common-sense-3.4.tar.gz by Peter Rabbitson
• Re: [perl #111500] Bleadperl v5.15.7-88-g7e4f045 breaks MLEHMANN/common-sense-3.4.tar.gz by Eric Brine
• [perl #111500] Bleadperl v5.15.7-88-g7e4f045 breaks MLEHMANN/common-sense-3.4.tar.gz by Father Chrysostomos via RT
• [perl #111500] Bleadperl v5.15.7-88-g7e4f045 breaks MLEHMANN/common-sense-3.4.tar.gz by Father Chrysostomos via RT
• Re: [perl #111500] Bleadperl v5.15.7-88-g7e4f045 breaksMLEHMANN/common-sense-3.4.tar.gz by Marc Lehmann
• [perl #111500] Bleadperl v5.15.7-88-g7e4f045 breaks MLEHMANN/common-sense-3.4.tar.gz by Father Chrysostomos via RT
• [perl #111500] Bleadperl v5.15.7-88-g7e4f045 breaks MLEHMANN/common-sense-3.4.tar.gz by perlbug-followup