develooper Front page | perl.perl5.porters | Postings from July 2014

coverity cherrypick candidates for 5.20.1

Thread Next
Jarkko Hietaniemi
July 19, 2014 21:26
coverity cherrypick candidates for 5.20.1
Message ID:
I went through the Coverity-induced changes and found the following that 
might be suitable for 5.20.1.  One of them was second-order change 
(c3caa5c), and one a fixup (d4825b2), the rest were first-order 
(Coverity-caused). Links, quick descriptions (not always the first line 
of commit message, since I suck at commit messages), and quick 
| si_names access one past the end. | security (off-by-one) 
| Leaked string in failure path. | security (off-by-one) 
| Overrunning array PL_reg_intflags | security (off-by-one) 
| Overrunning array anyofs | security (off-by-one) 
| Passing freed pointer | security (use-after-free) 
| Use the C_ARRAY_LENGTH | security/portability (C_ARRAY_LENGTH) 
| Calling mkstemp() without securely setting umask first. | security (umask) 
| Do not invert a NULL cp_list. | security (potential NULL deref) 
| Uninitialized tmbuf. | security (uninit) 
| Using uninitialized value slen | security (uninit) 
| Variable codeset going out of scope leaks | string leak 
| Handle variable fd | fd leak

(d4825b builds on 3ed3a8) 
| add va_end() calls | portability 
| put va_end() in the right place | portability 
| perlfunc chdir | doc

Thread Next Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at | Group listing | About