[PATCH v5.5.660] More UTF8_MAXLEN fixes

Front page | perl.perl5.porters | Postings from February 2000
[PATCH v5.5.660] More UTF8_MAXLEN fixes

From:
Gisle Aas
Date:
February 24, 2000 15:25
Subject:
[PATCH v5.5.660] More UTF8_MAXLEN fixes
Message ID:
m3ema2tc8q.fsf@eik.g.aas.no
I looked at all the uv_to_utf8() calls for potential buffer overflows.
This patch fixes those I found.  There are still quite a few calls to
sv_to_utf8 in doop.c that I was not able to verify was correct with my
limited understanding of the do_trans_* stuff.

Regards,
Gisle


Index: doop.c
===================================================================
RCS file: /local/perl/build/CVSROOT/perl5.6tobe2/doop.c,v
retrieving revision 1.1.1.1
diff -u -p -u -p -r1.1.1.1 doop.c
--- doop.c	2000/02/24 22:06:14	1.1.1.1
+++ doop.c	2000/02/24 23:11:02
@@ -282,7 +282,7 @@ S_do_trans_CU_simple(pTHX_ SV *sv)
     UV extra = none + 1;
     UV final;
     UV uv;
-    U8 tmpbuf[10];
+    U8 tmpbuf[UTF8_MAXLEN];
     I32 bits = 16;
 
     s = (U8*)SvPV(sv, len);
Index: op.c
===================================================================
RCS file: /local/perl/build/CVSROOT/perl5.6tobe2/op.c,v
retrieving revision 1.1.1.1
diff -u -p -u -p -r1.1.1.1 op.c
--- op.c	2000/02/24 22:06:14	1.1.1.1
+++ op.c	2000/02/24 22:56:28
@@ -2607,7 +2607,7 @@ Perl_pmtrans(pTHX_ OP *o, OP *expr, OP *
 	I32 to_utf	= o->op_private & OPpTRANS_TO_UTF;
 
 	if (complement) {
-	    U8 tmpbuf[10];
+	    U8 tmpbuf[UTF8_MAXLEN];
 	    U8** cp;
 	    UV nextmin = 0;
 	    New(1109, cp, tlen, U8*);
Index: perl.c
===================================================================
RCS file: /local/perl/build/CVSROOT/perl5.6tobe2/perl.c,v
retrieving revision 1.1.1.1
diff -u -p -u -p -r1.1.1.1 perl.c
--- perl.c	2000/02/24 22:06:14	1.1.1.1
+++ perl.c	2000/02/24 23:00:14
@@ -220,7 +220,7 @@ perl_construct(pTHXx)
 	PL_patchlevel = NEWSV(0,4);
 	SvUPGRADE(PL_patchlevel, SVt_PVNV);
 	if (PERL_REVISION > 127 || PERL_VERSION > 127 || PERL_SUBVERSION > 127)
-	    SvGROW(PL_patchlevel,24);
+	    SvGROW(PL_patchlevel, UTF8_MAXLEN*3+1);
 	s = (U8*)SvPVX(PL_patchlevel);
 	s = uv_to_utf8(s, (UV)PERL_REVISION);
 	s = uv_to_utf8(s, (UV)PERL_VERSION);
Index: pp.c
===================================================================
RCS file: /local/perl/build/CVSROOT/perl5.6tobe2/pp.c,v
retrieving revision 1.1.1.1
diff -u -p -u -p -r1.1.1.1 pp.c
--- pp.c	2000/02/24 22:06:14	1.1.1.1
+++ pp.c	2000/02/24 23:09:32
@@ -2254,7 +2254,7 @@ PP(pp_ucfirst)
 
     if (DO_UTF8(sv) && (s = (U8*)SvPV(sv, slen)) && slen && (*s & 0xc0) == 0xc0) {
 	I32 ulen;
-	U8 tmpbuf[10];
+	U8 tmpbuf[UTF8_MAXLEN];
 	U8 *tend;
 	UV uv = utf8_to_uv(s, &ulen);
 
@@ -2313,7 +2313,7 @@ PP(pp_lcfirst)
 
     if (DO_UTF8(sv) && (s = (U8*)SvPV(sv, slen)) && slen && (*s & 0xc0) == 0xc0) {
 	I32 ulen;
-	U8 tmpbuf[10];
+	U8 tmpbuf[UTF8_MAXLEN];
 	U8 *tend;
 	UV uv = utf8_to_uv(s, &ulen);
 
@@ -4645,7 +4645,7 @@ PP(pp_pack)
 	    while (len-- > 0) {
 		fromstr = NEXTFROM;
 		auint = SvUV(fromstr);
-		SvGROW(cat, SvCUR(cat) + 10);
+		SvGROW(cat, SvCUR(cat) + UTF8_MAXLEN);
 		SvCUR_set(cat, (char*)uv_to_utf8((U8*)SvEND(cat),auint)
 			       - SvPVX(cat));
 	    }
Index: regcomp.c
===================================================================
RCS file: /local/perl/build/CVSROOT/perl5.6tobe2/regcomp.c,v
retrieving revision 1.1.1.1
diff -u -p -u -p -r1.1.1.1 regcomp.c
--- regcomp.c	2000/02/24 22:06:14	1.1.1.1
+++ regcomp.c	2000/02/24 23:09:30
@@ -3646,7 +3646,7 @@ S_reguni(pTHX_ UV uv, char* s, I32* lenp
 {
     dTHR;
     if (SIZE_ONLY) {
-	U8 tmpbuf[10];
+	U8 tmpbuf[UTF8_MAXLEN];
 	*lenp = uv_to_utf8(tmpbuf, uv) - tmpbuf;
     }
     else
Index: regexec.c
===================================================================
RCS file: /local/perl/build/CVSROOT/perl5.6tobe2/regexec.c,v
retrieving revision 1.1.1.1
diff -u -p -u -p -r1.1.1.1 regexec.c
--- regexec.c	2000/02/24 22:06:14	1.1.1.1
+++ regexec.c	2000/02/24 23:09:28
@@ -3610,7 +3610,7 @@ S_reginclassutf8(pTHX_ regnode *f, U8 *p
 	match = TRUE;
     else if (flags & ANYOF_FOLD) {
 	I32 cf;
-	U8 tmpbuf[10];
+	U8 tmpbuf[UTF8_MAXLEN];
 	if (flags & ANYOF_LOCALE) {
 	    PL_reg_flags |= RF_tainted;
 	    uv_to_utf8(tmpbuf, toLOWER_LC_utf8(p));
Index: sv.c
===================================================================
RCS file: /local/perl/build/CVSROOT/perl5.6tobe2/sv.c,v
retrieving revision 1.1.1.1
diff -u -p -u -p -r1.1.1.1 sv.c
--- sv.c	2000/02/24 22:06:14	1.1.1.1
+++ sv.c	2000/02/24 23:09:22
@@ -5741,7 +5741,7 @@ Perl_sv_vcatpvfn(pTHX_ SV *sv, const cha
 	bool is_utf = FALSE;
 
 	char esignbuf[4];
-	U8 utf8buf[10];
+	U8 utf8buf[UTF8_MAXLEN];
 	STRLEN esignlen = 0;
 
 	char *eptr = Nullch;
[PATCH v5.5.660] More UTF8_MAXLEN fixes by Gisle Aas
nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About