On Fri, Sep 02, 2016 at 10:31:37PM -0700, Father Chrysostomos via RT wrote: > On Fri Sep 02 13:38:21 2016, dcollinsn@gmail.com wrote: > > $ perl -e 'print "<<`\\"' | valgrind ../bin/perl > ... > > Can't find string terminator "\" anywhere before EOF at - line 1. > > Wrong error message. > > delimcpy (used to find the end of the `\... after <<) is going one byte past the end of the buffer passed to it, because the trailing null is ‘escaped’ with a backslash. delimcpy needs fixing. > > scan_heredoc perfectly reasonably croaks only if s==PL_bufend, since if s<PL_bufend the terminating ` was found. In this case s>PL_bufend, which would not happen with a properly functioning delimcpy. Note that I already have a fix worked up for this; I can't apply it yet since it applies on top of another fix by Tony which hasn't been applied yet (which was also an issue initially reported to the security queue but which was provisionally agreed not to be a security issue). -- You live and learn (although usually you just live).Thread Previous | Thread Next