develooper Front page | perl.perl5.porters | Postings from July 2018

[perl #133365] perl 5.28.0 core: Negative array index read in utf8.cand regexec.c

Thread Previous | Thread Next
From:
James E Keenan via RT
Date:
July 12, 2018 18:32
Subject:
[perl #133365] perl 5.28.0 core: Negative array index read in utf8.cand regexec.c
Message ID:
rt-4.0.24-5928-1531420340-1027.133365-15-0@perl.org
On Thu, 12 Jul 2018 13:45:32 GMT, marc-philip.werner@sap.com wrote:
> To: perlbug@perl.org
> Subject: Negative array index read in utf8.c and regexec.c
> Message-Id: <5.28.0_81188_1531401517@WDFM33972517A>
> From: marc-philip.werner@sap.com
> Reply-To: marc-philip.werner@sap.com
> 
> 
> This is a bug report for perl from marc-philip.werner@sap.com,
> generated with the help of perlbug 1.41 running under perl 5.28.0.
> 
> 
> -----------------------------------------------------------------
> Hi,
> this is about perl 5.28.0. We found this with a coverity scan. Maybe
> it's paranoid, but I'd still like to let you know. The code looks
> different in blead, but it looks as if the problem is still there.
> 
> In utf8.c, line 3672 Perl__invlist_search is called. It can return -1.
> This return value is used as an array index in the next line.
> In regexec.c, line 10387, Perl__invlist_search is also called and the
> return value is used as array index without any check if it's
> negative.
> 
> I'm attaching a patchfile. It's at least good to show what I'm aiming
> at.
> 
> T&R
> Marc-Philip
> 

I have created a branch for smoke-testing this patch:

smoke-me/jkeenan/mpwerner/133365-negative-array-index

(I don't have a position on the correctness of either the diagnosis or the solution.)

Thank you very much.
-- 
James E Keenan (jkeenan@cpan.org)

---
via perlbug:  queue: perl5 status: new
https://rt.perl.org/Ticket/Display.html?id=133365

Thread Previous | Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About