coverity cherrypick candidates for 5.20.1

Front page | perl.perl5.porters | Postings from July 2014

coverity cherrypick candidates for 5.20.1

Thread Next

From:

Jarkko Hietaniemi

Date:

July 19, 2014 21:26

Subject:

coverity cherrypick candidates for 5.20.1

Message ID:

53CAE149.50606@iki.fi

I went through the Coverity-induced changes and found the following that 
might be suitable for 5.20.1.  One of them was second-order change 
(c3caa5c), and one a fixup (d4825b2), the rest were first-order 
(Coverity-caused). Links, quick descriptions (not always the first line 
of commit message, since I suck at commit messages), and quick 
categorization.

http://perl5.git.perl.org/perl.git/commitdiff/00b25eff1415ab27d5829f30fea1fecd57a7934e 
| si_names access one past the end. | security (off-by-one)
 

http://perl5.git.perl.org/perl.git/commitdiff/0ac78434bf60027f078daa1108d6c7bcec1ad6e4 
| Leaked string in failure path. | security (off-by-one)

http://perl5.git.perl.org/perl.git/commitdiff/adc2d0c9de764f1cb892860df8ecc93dc8909b39 
| Overrunning array PL_reg_intflags | security (off-by-one)

http://perl5.git.perl.org/perl.git/commitdiff/53673d98756218ddd125311548c0f73c714722f7 
| Overrunning array anyofs | security (off-by-one)

http://perl5.git.perl.org/perl.git/commitdiff/d37662c0fabaaa893c0d695034fa83b9235c6872 
| Passing freed pointer | security (use-after-free)

http://perl5.git.perl.org/perl.git/commitdiff/c3caa5c3bdbd0ad0bc7ce5e7cd1a8eb5b7ca6a69 
| Use the C_ARRAY_LENGTH | security/portability (C_ARRAY_LENGTH)

http://perl5.git.perl.org/perl.git/commitdiff/60f7fc1ea42054e92f34b4ce9d608efd14357392 
| Calling mkstemp() without securely setting umask first. | security (umask)

http://perl5.git.perl.org/perl.git/commitdiff/e76fdebf5815ffaf53ebcfd2c7b78b0e9eacbfd2 
| Do not invert a NULL cp_list. | security (potential NULL deref)

http://perl5.git.perl.org/perl.git/commitdiff/b35b96b6f8e35207d18b15dfcdbd0d08a7c6437c 
| Uninitialized tmbuf. | security (uninit)

http://perl5.git.perl.org/perl.git/commitdiff/9b56a01971980348bbaf5753e47fcb59dee1ef49 
| Using uninitialized value slen | security (uninit)

http://perl5.git.perl.org/perl.git/commitdiff/0ac78434bf60027f078daa1108d6c7bcec1ad6e4 
| Variable codeset going out of scope leaks | string leak

http://perl5.git.perl.org/perl.git/commitdiff/0a20f69bae04ff02616da2f0128de4e842151093 
| Handle variable fd | fd leak

(d4825b builds on 3ed3a8)

http://perl5.git.perl.org/perl.git/commitdiff/3ed3a8afebd64616aef147205403b96b30a4b4ee 
| add va_end() calls | portability

http://perl5.git.perl.org/perl.git/commitdiff/d4825b278e28006bdc9c3f36ab174eade62d6c4c 
| put va_end() in the right place | portability

http://perl5.git.perl.org/perl.git/commitdiff/b00d10dc3d9b54e2ef58f2627b02bfe99daeae47 
| perlfunc chdir | doc

Thread Next

coverity cherrypick candidates for 5.20.1 by Jarkko Hietaniemi

Re: coverity cherrypick candidates for 5.20.1 by Steve Hay

Re: coverity cherrypick candidates for 5.20.1 by Tony Cook

Re: coverity cherrypick candidates for 5.20.1 by Steve Hay
Re: coverity cherrypick candidates for 5.20.1 by Jarkko Hietaniemi

nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About