Front page | perl.perl5.porters |
Postings from January 2017
On Wed, 07 Sep 2016 17:44:54 -0700, tonyc wrote: > On Sat Sep 03 07:47:23 2016, dcollinsn@gmail.com wrote: > > Apologies if this is a dupe. This appears to be a legitimate bug in > > pack, > > which may be security-related. It doesn't use the 'p' or 'P' types - > > it's > > stuffing 0xFFFFFFFFFFFFFFFF into a char type, and in the process, it > > gets a > > libc panic. > > > > perl -e 'pack SWFW, 0,0,0,-1' > ... > > ==20524== Invalid write of size 1 > > ==20524== at 0x786A1E: S_pack_rec (pp_pack.c:3108) > > ==20524== by 0x7871EE: Perl_packlist (pp_pack.c:1971) > > ==20524== by 0x7871EE: Perl_pp_pack (pp_pack.c:3131) > > ==20524== by 0x5C9E42: Perl_runops_standard (run.c:41) > > ==20524== by 0x47BFFE: S_run_body (perl.c:2525) > > ==20524== by 0x47BFFE: perl_run (perl.c:2448) > > ==20524== by 0x41FCDE: main (perlmain.c:123) > > This looks like the same bug as security ticket 129149, which I posted > the attached patch for. Which has been fixed and your case no longer fails. Merged your 129187 into 129149 (which is public.) Tony --- via perlbug: queue: perl5 status: pending release https://rt.perl.org/Ticket/Display.html?id=129149