On 13 September 2016 at 21:29, Father Chrysostomos via RT <perlbug-followup@perl.org> wrote: > On Tue Sep 13 11:54:55 2016, demerphq wrote: >> On 13 September 2016 at 20:28, Andy Lester <andy@petdance.com> wrote: >> >> > >> > On Sep 13, 2016, at 1:25 PM, demerphq <demerphq@gmail.com> wrote: >> > >> > > I did not search for other examples. I thought it might be best to >> > > open a discussion before proceeding on any work. >> > >> > Not sure what there is to discuss really. Wrong is wrong. ☺️ >> > >> > >> > I took the comment to mean “For all I know, there may be other examples >> > elsewhere in the codebase, and it might even be a security hole, but I >> > haven’t investigated further, but someone probably should before we just >> > patch this and call it done." >> > >> >> Ah, good catch. Well, maybe there is a security hole here, I don't know. >> >> But there are a lot of issues with the code as written. In several places >> it accesses memory it can't know that we own. >> >> It looks to me like if you called this function with a string which ended >> in exactly one colon that we would continue reading until we hit a null or >> segfaulted. >> >> What would /then/ happen is not clear. > > This is an API, function, right? So we can add a test to XS::APItest? I think so yes. FWIW, I accidentally pushed my patches before tests completed, and the tests failed, so i have reverted to see why. Sorry for the commit noise. Yves -- perl -Mre=debug -e "/just|another|perl|hacker/"Thread Previous | Thread Next