develooper Front page | perl.perl5.porters | Postings from November 2018

[perl #133640] segfault triggered by invalid read inS_mg_findext_flags

Thread Next
From:
Tony Cook via RT
Date:
November 6, 2018 22:29
Subject:
[perl #133640] segfault triggered by invalid read inS_mg_findext_flags
Message ID:
rt-4.0.24-23546-1541543359-1193.133640-15-0@perl.org
On Mon, 05 Nov 2018 06:41:32 -0800, geeknik@protonmail.ch wrote:
> While testing Perl v5.29.4-32-gf196658042, I discovered that ./perl -e
> '\grep% N&ep%\&hN,@N=hhN,*N=hNN&ep%\&hN,@N=hhN,,K' causes a segfault
> triggered by an invalid read as seen by the following stack trace:

Going by the code I suspect it's a stack-not-refcounted bug.

@N is pushed, *N is modified (freeing the old @N), access to now invalid SV formerly known as @N.

Tony

---
via perlbug:  queue: perl5 status: open
https://rt.perl.org/Ticket/Display.html?id=133640

Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About