develooper Front page | perl.perl5.porters | Postings from December 2016

[perl #68348] Storable null pointer deref on truncated data

From:
James E Keenan via RT
Date:
December 25, 2016 02:51
Subject:
[perl #68348] Storable null pointer deref on truncated data
Message ID:
rt-4.0.24-9670-1482634313-1207.68348-15-0@perl.org
On Mon, 21 Nov 2016 18:27:26 GMT, lightsey@cpan.org wrote:
> On Sun, 09 Aug 2009 06:56:32 -0700, dgl wrote:
> >
> > When deserialising truncated storable data where the truncation is
> > within a
> > coderef there seems to be a null pointer dereference:
> >
> > Program received signal SIGSEGV, Segmentation fault.
> > retrieve_code (my_perl=0x754010, cxt=0x8c3750, cname=0x0) at
> > Storable.xs:5438
> > 5438            sv_catpv(sub, SvPV_nolen(text)); /* XXX no sv_catsv!
> > */
> >
> > text is 0x0.
> 
> The patch attached to
> https://rt.perl.org/Ticket/Display.html?id=130098 fixes this segfault.

Please review the smoke-me/jkeenan/130098-storable branch.  Can we add a regression test to t/store.t in that branch that specifically addresses the problem reported in this ticket?

Thank you very much.

-- 
James E Keenan (jkeenan@cpan.org)

---
via perlbug:  queue: perl5 status: open
https://rt.perl.org/Ticket/Display.html?id=68348



nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About