develooper Front page | perl.dbi.dev | Postings from August 2019

[perl5-dbi/dbi] ea99b6: Fix memory corruption in XS functions whenPerl st...

From:
Tim Bunce
Date:
August 25, 2019 06:05
Subject:
[perl5-dbi/dbi] ea99b6: Fix memory corruption in XS functions whenPerl st...
Message ID:
perl5-dbi/dbi/push/refs/heads/master/eaf547-2c335f@github.com
  Branch: refs/heads/master
  Home:   https://github.com/perl5-dbi/dbi
  Commit: ea99b6aafb437db53c28fd40d5eafbe119cd66e1
      https://github.com/perl5-dbi/dbi/commit/ea99b6aafb437db53c28fd40d5eafbe119cd66e1
  Author: Pali <pali@cpan.org>
  Date:   2019-07-31 (Wed, 31 Jul 2019)

  Changed paths:
    M DBI.xs
    M Driver.xst

  Log Message:
  -----------
  Fix memory corruption in XS functions when Perl stack is reallocated

Macro ST(*) returns pointer to Perl stack. Other Perl functions which use
Perl stack (e.g. eval) may reallocate Perl stack and therefore pointer
returned by ST(*) macro is invalid.

Construction like this:

ST(0) = dbd_db_login6_sv(dbh, imp_dbh, dbname, username, password, attribs) ? &PL_sv_yes : &PL_sv_no;

where dbd_db_login6_sv() driver function calls eval may lead to
reallocating Perl stack and therefore invalidating ST(0) pointer.
So that construction would cause memory corruption as left part of
assignment is resolved prior executing dbd_db_login6_sv() function.

Correct way how to handle this problem: First call dbd_db_login6_sv()
function and then call ST(0) to retrieve stack pointer.

In this patch are fixes all occurrences of such constructions.

When running perl under valgrind I got memory corruption in DBD::ODBC
driver in that dbd_db_login6_sv() function due to above problem.

Exactly same problem was present in Encode module which was fixed in pull
request: https://github.com/dankogai/p5-encode/pull/72


  Commit: 2c335f308ee25ee811d386f04929c614302de4c9
      https://github.com/perl5-dbi/dbi/commit/2c335f308ee25ee811d386f04929c614302de4c9
  Author: Tim Bunce <Tim.Bunce@pobox.com>
  Date:   2019-08-22 (Thu, 22 Aug 2019)

  Changed paths:
    M DBI.xs
    M Driver.xst

  Log Message:
  -----------
  Merge pull request #85 from pali/master

Fix memory corruption in XS functions when Perl stack is reallocated


Compare: https://github.com/perl5-dbi/dbi/compare/eaf547a5696b...2c335f308ee2



nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About