develooper Front page | perl.perl5.porters | Postings from September 2016

[perl #129267] Possible string overrun with invalid len in gv.c

Thread Previous | Thread Next
From:
Todd Rinaldo via RT
Date:
September 13, 2016 20:00
Subject:
[perl #129267] Possible string overrun with invalid len in gv.c
Message ID:
rt-4.0.24-17527-1473796807-548.129267-15-0@perl.org
On Tue Sep 13 12:14:27 2016, demerphq wrote:
> On 13 September 2016 at 21:06, Todd Rinaldo via RT
> <perlbug-followup@perl.org> wrote:
> > On Tue Sep 13 12:01:23 2016, demerphq wrote:
> >>
> >> We can and should audit for similar patterns, but my gut feeling is
> >> that this code is pretty unusual, as it is trying to extract the
> >> function part of a fully qualified name.
> >>
> >
> > S_parse_gv_stash_name is making a similar look ahead mistake with
> > name_cursor[1]. That looks messier to fix but it should probably be
> > another case or a committer should just go through and make the
> > corrections sans perlbug?
> 
> A quick look didnt reveal to me any issues here. If you look at the
> way it uses name_em1 and name_end it looks fine. Can you point me more
> closely at the code you suspect?
> 

Yep. Apologies. I pulled the trigger too quick on that one.

---
via perlbug:  queue: perl5 status: open
https://rt.perl.org/Ticket/Display.html?id=129267

Thread Previous | Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About