develooper Front page | perl.perl5.porters | Postings from October 2017

[perl #132245] heap-buffer-overflow (READ of size 1) in S_scan_const(toke.c:3060)

From:
Tony Cook via RT
Date:
October 18, 2017 23:55
Subject:
[perl #132245] heap-buffer-overflow (READ of size 1) in S_scan_const(toke.c:3060)
Message ID:
rt-4.0.24-12374-1508370937-291.132245-15-0@perl.org
On Sun, 08 Oct 2017 03:41:21 -0700, brian.carpenter@gmail.com wrote:
> Triggered in 1195d90. Not a security concern as per Hugo in #129342 which
> was marked resolved for 5.26.0.
> 
> ./perl -e 'y//\N{}-0/'
> 

The first attached patch fixes this for me.

The second fixes a SV leak in the same area of code.

Tony

---
via perlbug:  queue: perl5 status: new
https://rt.perl.org/Ticket/Display.html?id=132245

nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About