develooper Front page | perl.perl5.porters | Postings from July 2016

[perl #67424] perl: missing / incorrect overflow check when indexingarrays

Thread Next
Dan Collins via RT
July 21, 2016 00:14
[perl #67424] perl: missing / incorrect overflow check when indexingarrays
Message ID:
On Fri Jul 10 09:24:52 2009, wrote:
> Perl does this sort of thing, presumably just SvIV(), all over the place.
> It's a general problem, not specific to array indexing.
> -zefram

I tracked down the specific cases where we have this issue, and added a new macro to use when we need an IV but need not to overflow. I called it SvIV_coerce, because I'm bad at naming things, and it looks like this:

+#define SvIV_coerce(sv) (((SvIsUV(sv) && SvUV(sv) > IV_MAX) || \
+                          (SvNOKp(sv) && SvNV(sv) > IV_MAX)) ? \
+                         (IV_MAX) : (SvIV(sv)))

I profiled a few testcases before and after this patch - most of them slow down, but it's the formerly "buggy" testcases that are the worst, and the cases like $a[1] and $ind = 1; $a[$ind] are roughly the same as previously. On the whole, the array indexing that always worked has slowed down by about 0-5%. 

The actual patch is attached. I know that there are a number of other places that might need this treatment, and I'd by happy to respond to other RT tickets as they appear, but I don't have the bandwidth to audit all the usages of SvIV() right now.

Dan Collins

via perlbug:  queue: perl5 status: open

Thread Next Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at | Group listing | About