develooper Front page | perl.perl5.porters | Postings from September 2016

Re: [perl.git] branch blead, updated. v5.25.4-120-g1665b71

Thread Previous
From:
demerphq
Date:
September 14, 2016 11:12
Subject:
Re: [perl.git] branch blead, updated. v5.25.4-120-g1665b71
Message ID:
CANgJU+UktY1y4ASgA9vMsRT1940+-GQxLofeh67MvSmVgGfMuA@mail.gmail.com
Doh.  So simple to test yet I didn't see it at the time.  I was trying
stuff with substr to chop stuff off the end and blah. Never occurred to me
to just lie about the length entirely. Sigh.

Nice one FC thanks!

On 14 Sep 2016 01:43, "Father Chrysostomos" <sprout@cpan.org> wrote:

> In perl.git, the branch blead has been updated
>
> <http://perl5.git.perl.org/perl.git/commitdiff/
> 1665b718d8fbd58705dbe6376fa51f8c1a02d887?hp=cfb736762c1becf344ce6beaa701ff
> 2e1abd5f9c>
>
> - Log -----------------------------------------------------------------
> commit 1665b718d8fbd58705dbe6376fa51f8c1a02d887
> Author: Father Chrysostomos <sprout@cpan.org>
> Date:   Tue Sep 13 22:38:59 2016 -0700
>
>     [perl #129267] Test for gv_fetchmethod buffer overrun
> -----------------------------------------------------------------------
>
> Summary of changes:
>  ext/XS-APItest/APItest.xs               | 3 +++
>  ext/XS-APItest/t/gv_fetchmethod_flags.t | 5 +++++
>  2 files changed, 8 insertions(+)
>
> diff --git a/ext/XS-APItest/APItest.xs b/ext/XS-APItest/APItest.xs
> index 992b6a5..4602cee 100644
> --- a/ext/XS-APItest/APItest.xs
> +++ b/ext/XS-APItest/APItest.xs
> @@ -2571,6 +2571,9 @@ gv_fetchmethod_flags_type(stash, methname, type,
> flags)
>                 gv = gv_fetchmethod_pvn_flags(stash, name, len, flags |
> SvUTF8(methname));
>                 break;
>              }
> +           case 4:
> +               gv = gv_fetchmethod_pvn_flags(stash, SvPV_nolen(methname),
> +                                             flags, SvUTF8(methname));
>          }
>         XPUSHs( gv ? (SV*)gv : &PL_sv_undef);
>
> diff --git a/ext/XS-APItest/t/gv_fetchmethod_flags.t
> b/ext/XS-APItest/t/gv_fetchmethod_flags.t
> index 15d1c41..2da3b70 100644
> --- a/ext/XS-APItest/t/gv_fetchmethod_flags.t
> +++ b/ext/XS-APItest/t/gv_fetchmethod_flags.t
> @@ -49,3 +49,8 @@ is XS::APItest::gv_fetchmethod_flags_type(\%::,
> "method\0not quite!", 2, 0), "*m
>          }
>      }
>  }
> +
> +# [perl #129267] Buffer overrun when argument name ends with colon and
> +#                there is a colon past the end.  This used to segv.
> +XS::APItest::gv_fetchmethod_flags_type(\%::, "method:::::", 4, 7);
> +                                             # With type 4, 7 is the
> length
>
> --
> Perl5 Master Repository
>

Thread Previous


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About