develooper Front page | perl.perl5.porters | Postings from January 2017

[perl #130648] regcomp.c:6195: voidS_pat_upgrade_to_utf8(RExC_state_t *const, char **, STRLEN *, int): Assertion`*(d - 1) == ')'' failed

Thread Next
From:
Hugo van der Sanden via RT
Date:
January 29, 2017 16:17
Subject:
[perl #130648] regcomp.c:6195: voidS_pat_upgrade_to_utf8(RExC_state_t *const, char **, STRLEN *, int): Assertion`*(d - 1) == ')'' failed
Message ID:
rt-4.0.24-21434-1485706653-529.130648-15-0@perl.org
On Thu, 26 Jan 2017 02:19:19 -0800, randir wrote:
> While fuzzing perl v5.25.9-35-g32207c637b built with afl and run
> under libdislocator, I found the following 16-bytes program
> 
> hexdump -C 0042
> 00000000  6d 27 5c 34 30 30 28 3f  7b 3c 3c 7d 29 0a 0a 27
> |m'\400(?{<<})..'|
> 00000010
> 
> to cause an assertion failure.

We're hitting S_pat_upgrade_to_utf8() with a code block of "(?{<<})\n\n". My initial suspicion is that that's fine, and the assumption that the last char of such a code block must be ')' is wrong, but I don't know.

There's also a similar assertion in S_compile_runtime_code() line 6670:
  assert(pat[src->end]   == ')');
.. so if this one is wrong, that probably is too.

Hugo

---
via perlbug:  queue: perl5 status: new
https://rt.perl.org/Ticket/Display.html?id=130648

Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About