develooper Front page | perl.perl5.porters | Postings from August 2017

[perl #131793] heap-buffer-overflow in Perl_sv_vcatpvfn_flags

From:
Tony Cook via RT
Date:
August 25, 2017 04:47
Subject:
[perl #131793] heap-buffer-overflow in Perl_sv_vcatpvfn_flags
Message ID:
rt-4.0.24-32285-1503636428-311.131793-15-0@perl.org
On Tue, 22 Aug 2017 05:42:52 -0700, perl@profvince.com wrote:
> 
> >
> > toke.c:5161:9:
> >
> > len = UTF ? Perl_utf8_length(aTHX_ (U8 *) PL_linestart, (U8 *) s) :
> > (STRLEN) (s - PL_linestart);
> > if (len > UNRECOGNIZED_PRECEDE_COUNT) {
> >     d = UTF ? (char *) utf8_hop_back((U8 *) s,
> > -UNRECOGNIZED_PRECEDE_COUNT, (U8 *)PL_linestart) : s -
> > UNRECOGNIZED_PRECEDE_COUNT;
> > } else {
> >     d = PL_linestart;
> > }
> >
> 
> This has probably been fixed by commit 36000cd1c, which was included
> in
> yesterday's release of perl 5.27.3.

Yes, I forgot to close it.

Tony

---
via perlbug:  queue: perl5 status: open
https://rt.perl.org/Ticket/Display.html?id=131793



nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About