develooper Front page | perl.perl5.porters | Postings from July 2016

[perl #67424] perl: missing / incorrect overflow check when indexingarrays

Thread Next
From:
Dan Collins via RT
Date:
July 21, 2016 00:14
Subject:
[perl #67424] perl: missing / incorrect overflow check when indexingarrays
Message ID:
rt-4.0.18-14007-1469060081-1804.67424-15-0@perl.org
On Fri Jul 10 09:24:52 2009, zefram@fysh.org wrote:
> Perl does this sort of thing, presumably just SvIV(), all over the place.
> It's a general problem, not specific to array indexing.
> 
> -zefram

I tracked down the specific cases where we have this issue, and added a new macro to use when we need an IV but need not to overflow. I called it SvIV_coerce, because I'm bad at naming things, and it looks like this:

+#define SvIV_coerce(sv) (((SvIsUV(sv) && SvUV(sv) > IV_MAX) || \
+                          (SvNOKp(sv) && SvNV(sv) > IV_MAX)) ? \
+                         (IV_MAX) : (SvIV(sv)))

I profiled a few testcases before and after this patch - most of them slow down, but it's the formerly "buggy" testcases that are the worst, and the cases like $a[1] and $ind = 1; $a[$ind] are roughly the same as previously. On the whole, the array indexing that always worked has slowed down by about 0-5%. 

The actual patch is attached. I know that there are a number of other places that might need this treatment, and I'd by happy to respond to other RT tickets as they appear, but I don't have the bandwidth to audit all the usages of SvIV() right now.

-- 
Respectfully,
Dan Collins

---
via perlbug:  queue: perl5 status: open
https://rt.perl.org/Ticket/Display.html?id=67424

Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About