develooper Front page | perl.perl5.porters | Postings from September 2019

RE: [perl #134409] Perl intepreter exception on expressionsubstitution

Thread Previous | Thread Next
From:
Chris Crook
Date:
September 11, 2019 05:24
Subject:
RE: [perl #134409] Perl intepreter exception on expressionsubstitution
Message ID:
A87E66F06E86F14B857F2EB047CDF9323139DDE6@prdassexch01.ad.linz.govt.nz
Thanks Dave

First - apologies again for this very painful process of tracking the problem.

Good news - the loop is only hit once or twice before it errors (depending on the order of retrieval from hash).  I put a bit more code in ... results below.


sub SubstituteSql
{
   my ($sql,$lookup)=@_;
   my $updated_sql={};
   while( my($k,$v)=each(%$sql))
   {
       printf STDERR "=================================\nHERE WE GO\n";
       use Devel::Peek;
       use Data::Dumper;
       #printf STDERR Dumper($lookup);
       Dump($k);
       Dump($v);
       eval {$v =~ s/\{(\w+)\}/$lookup->{$1}/eg;};
       if( $@ )
       {
           my $msg=$@;
        Dump($v);
        Dump($1);
        Dump($lookup->{$1});
        printf STDERR "Error: %s\n",$msg;
        die "Bang!";
       }
       $updated_sql->{$k}=$v;
   }
   return $updated_sql;
}


However the possibly the most useful thing is that when I included the Dumper($lookup) it died due to the taint checking.  $lookup is

$VAR1 = {
          'word' => 'ANYTHING',
          'wordop' => '=',
          'nword' => 0
        };

and $lookup->{word} is tainted.

I did try a simple test script (attached), which puts a bit more context around this error.  I had hoped that perl -T test.pl ANYTHING would trigger the error - but it didn't :-(

Output from dump is below (followed by output without -T).

=================================
HERE WE GO
SV = PV(0x1dc8bd0) at 0x1dc7c40
  REFCNT = 1
  FLAGS = (POK,IsCOW,pPOK)
  PV = 0x1ef6780 "where"
  CUR = 5
  LEN = 0
SV = PV(0x1dc8be0) at 0x1dc7c58
  REFCNT = 1
  FLAGS = (POK,IsCOW,pPOK)
  PV = 0x1cfd770 "gwdi{nword}.word {wordop} '{word}'"\0
  CUR = 34
  LEN = 36
  COW_REFCNT = 1
Error: panic: sv_pos_b2u: bad byte offset, blen=23, byte=27 at /usr/share/linz/geodetic/gdbweb/app/lib/GDSearchSQLite.pm line 85.

SV = PVMG(0x1bf9f60) at 0x1dc7c58
  REFCNT = 1
  FLAGS = (SMG,POK,pPOK,UTF8)
  IV = 0
  NV = 0
  PV = 0x1f072a0 "gwdi0.word = 'ANYTHING'"\0 [UTF8 "gwdi0.word = 'ANYTHING'"]
  CUR = 23
  LEN = 32
  MAGIC = 0x1f06670
    MG_VIRTUAL = &PL_vtbl_mglob
    MG_TYPE = PERL_MAGIC_regex_global(g)
    MG_FLAGS = 0x40
      BYTES
    MG_LEN = 27
SV = PVMG(0x120d690) at 0x122bc20
  REFCNT = 1
  FLAGS = (GMG,SMG,POK,pPOK)
  IV = 0
  NV = 0
  PV = 0x1e74d50 "word"\0
  CUR = 4
  LEN = 10
  MAGIC = 0x126f300
    MG_VIRTUAL = &PL_vtbl_sv
    MG_TYPE = PERL_MAGIC_sv(\0)
    MG_OBJ = 0x122bc98
    MG_LEN = 1
SV = NULL(0x0) at 0x11ca140
  REFCNT = 2147483582
  FLAGS = (READONLY,PROTECT)
=================================
HERE WE GO
SV = PV(0x1dc8bd0) at 0x1dc7c40
  REFCNT = 1
  FLAGS = (POK,IsCOW,pPOK)
  PV = 0x182b720 "table"
  CUR = 5
  LEN = 0
SV = PVMG(0x1bf9f60) at 0x1dc7c58
  REFCNT = 1
  FLAGS = (POK,IsCOW,pPOK)
  IV = 0
  NV = 0
  PV = 0x14e6080 "JOIN word_index gwdi{nword} ON gwdi{nword}.geodetic_code=ati.geodetic_code"\0
  CUR = 74
  LEN = 76
  COW_REFCNT = 1
SV = PVMG(0x1bf9f60) at 0x1dc7c58
  REFCNT = 1
  FLAGS = (SMG,POK,pPOK)
  IV = 0
  NV = 0
  PV = 0x1f044a0 "JOIN word_index gwdi0 ON gwdi0.geodetic_code=ati.geodetic_code"\0
  CUR = 62
  LEN = 64
  MAGIC = 0x1f06050
    MG_VIRTUAL = &PL_vtbl_mglob
    MG_TYPE = PERL_MAGIC_regex_global(g)
    MG_FLAGS = 0x40
      BYTES
    MG_LEN = -1
SV = PVMG(0x120d690) at 0x122bc20
  REFCNT = 1
  FLAGS = (GMG,SMG,POK,pPOK)
  IV = 0
  NV = 0
  PV = 0x1e74d50 "nword"\0
  CUR = 5
  LEN = 10
  MAGIC = 0x126f300
    MG_VIRTUAL = &PL_vtbl_sv
    MG_TYPE = PERL_MAGIC_sv(\0)
    MG_OBJ = 0x122bc98
    MG_LEN = 1
SV = NULL(0x0) at 0x11ca140
  REFCNT = 2147483582
  FLAGS = (READONLY,PROTECT)


Also here is the output without -T:

=================================
HERE WE GO
SV = PV(0x3142520) at 0x3142988
  REFCNT = 1
  FLAGS = (POK,IsCOW,pPOK)
  PV = 0x2bb8630 "table"
  CUR = 5
  LEN = 0
SV = PV(0x3142530) at 0x31429a0
  REFCNT = 1
  FLAGS = (POK,IsCOW,pPOK)
  PV = 0x315ab60 "JOIN word_index gwdi{nword} ON gwdi{nword}.geodetic_code=ati.geodetic_code"\0
  CUR = 74
  LEN = 76
  COW_REFCNT = 1
SV = PVMG(0x32864f0) at 0x31429a0
  REFCNT = 1
  FLAGS = (SMG,POK,pPOK)
  IV = 0
  NV = 0
  PV = 0x327e010 "JOIN word_index gwdi0 ON gwdi0.geodetic_code=ati.geodetic_code"\0
  CUR = 62
  LEN = 64
  MAGIC = 0x327dda0
    MG_VIRTUAL = &PL_vtbl_mglob
    MG_TYPE = PERL_MAGIC_regex_global(g)
    MG_FLAGS = 0x40
      BYTES
    MG_LEN = -1
SV = PVMG(0x25c9430) at 0x25c2788
  REFCNT = 1
  FLAGS = (GMG,SMG,POK,pPOK)
  IV = 0
  NV = 0
  PV = 0x31f2230 "nword"\0
  CUR = 5
  LEN = 10
  MAGIC = 0x2607130
    MG_VIRTUAL = &PL_vtbl_sv
    MG_TYPE = PERL_MAGIC_sv(\0)
    MG_OBJ = 0x25c2800
    MG_LEN = 1
SV = NULL(0x0) at 0x2563140
  REFCNT = 2147483582
  FLAGS = (READONLY,PROTECT)
=================================
HERE WE GO
SV = PV(0x3142520) at 0x3142988
  REFCNT = 1
  FLAGS = (POK,IsCOW,pPOK)
  PV = 0x3273c70 "where"
  CUR = 5
  LEN = 0
SV = PVMG(0x32864f0) at 0x31429a0
  REFCNT = 1
  FLAGS = (POK,IsCOW,pPOK)
  IV = 0
  NV = 0
  PV = 0x315abf0 "gwdi{nword}.word {wordop} '{word}'"\0
  CUR = 34
  LEN = 36
  COW_REFCNT = 1
SV = PVMG(0x32864f0) at 0x31429a0
  REFCNT = 1
  FLAGS = (SMG,POK,pPOK,UTF8)
  IV = 0
  NV = 0
  PV = 0x3281790 "gwdi0.word = 'ANYTHING'"\0 [UTF8 "gwdi0.word = 'ANYTHING'"]
  CUR = 23
  LEN = 32
  MAGIC = 0x327dda0
    MG_VIRTUAL = &PL_vtbl_mglob
    MG_TYPE = PERL_MAGIC_regex_global(g)
    MG_FLAGS = 0x40
      BYTES
    MG_LEN = -1
SV = PVMG(0x25c9430) at 0x25c2788
  REFCNT = 1
  FLAGS = (GMG,SMG,POK,pPOK)
  IV = 0
  NV = 0
  PV = 0x31f2230 "word"\0
  CUR = 4
  LEN = 10
  MAGIC = 0x2607130
    MG_VIRTUAL = &PL_vtbl_sv
    MG_TYPE = PERL_MAGIC_sv(\0)
    MG_OBJ = 0x25c2800
    MG_LEN = 1
SV = NULL(0x0) at 0x2563140
  REFCNT = 2147483582
  FLAGS = (READONLY,PROTECT)


Hope this helps a bit

Cheers
Chris



________________________________________
From: Dave Mitchell via RT [perlbug-followup@perl.org]
Sent: Monday, 9 September 2019 11:39 p.m.
To: Chris Crook
Subject: Re: [perl #134409] Perl intepreter exception on expression substitution

On Sat, Sep 07, 2019 at 07:14:51PM +0000, Chris Crook wrote:
> Hi
>
> Here is the log resulting from adding the logging and exception handler.  This is still on perl 5.22.1. Also with this exception handler in place the program continued to run after hitting the panic condition and appeared to complete correctly.

Can you give me the output with he following updated instrumentation:


    use Devel::Peek;
    my $orig_v = $v;
    eval {$v =~ s/\{(\w+)\}/$lookup->{$1}/eg; };

    if ($@) {
        Dump($orig_v);
        Dump($v);
        Dump($1);
        Dump($lookup);
    }

or even better, if the loop isn't hit too many times:


    use Devel::Peek;
    Dump($v);
    eval {$v =~ s/\{(\w+)\}/$lookup->{$1}/eg; };

    if ($@) {
        Dump($v);
        Dump($1);
        Dump($lookup);
    }

So I can get an accurate picture of the contents of $v *before* the
substitution.

Thanks.


--
Monto Blanco... scorchio!


________________________________

This message contains information, which may be in confidence and may be subject to legal privilege. If you are not the intended recipient, you must not peruse, use, disseminate, distribute or copy this message. If you have received this message in error, please notify us immediately (Phone 0800 665 463 or info@linz.govt.nz) and destroy the original message. LINZ accepts no responsibility for changes to this email, or for any attachments, after its transmission from LINZ. Thank You.

Thread Previous | Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About