develooper Front page | perl.perl5.porters | Postings from September 2019

[perl #134212] Failed making perl5 at lib/buildcustomize.pl

Thread Previous
From:
Tony Cook via RT
Date:
September 16, 2019 06:53
Subject:
[perl #134212] Failed making perl5 at lib/buildcustomize.pl
Message ID:
rt-4.0.24-11764-1568616784-4.134212-15-0@perl.org
On Sun, 23 Jun 2019 18:19:35 -0700, tonyc wrote:
> Is there any chance you can get valgrind on the VM?

While this would still be useful, I have a suspicion of the cause.

READ of size 2 at 0x6020000006b0 thread T0
    #0 0x45c608 in __interceptor_setlocale
/scratch/llvm/clang-4/xenial/final/llvm.src/projects/compiler-rt/lib/asa
n/../sanitizer_common/sanitizer_common_interceptors.inc:2875:5
    #1 0x887905 in Perl_upg_version /root/Fuzz/perl/./vutil.c:717:17
    #2 0x8853ed in Perl_new_version /root/Fuzz/perl/./vutil.c:551:12
    #3 0xb31ee3 in S_require_version /root/Fuzz/perl/pp_ctl.c:3719:10
    #4 0xb31ee3 in Perl_pp_require /root/Fuzz/perl/pp_ctl.c:4345
    #5 0x863dbc in Perl_runops_debug /root/Fuzz/perl/dump.c:2537:23
    #6 0x5d0f4c in Perl_call_sv /root/Fuzz/perl/perl.c:3043:6
    #7 0x5bbc7d in Perl_call_list /root/Fuzz/perl/perl.c:5077:6
    #8 0x56962e in S_process_special_blocks /root/Fuzz/perl/op.c:10469:6
    #9 0x539626 in Perl_newATTRSUB_x /root/Fuzz/perl/op.c:10395:21
    #10 0x541522 in Perl_utilize /root/Fuzz/perl/op.c:7590:5
    #11 0x6dfaa0 in Perl_yyparse /root/Fuzz/perl/perly.y:336:6
    #12 0x5c88c4 in S_parse_body /root/Fuzz/perl/perl.c:2531:9
    #13 0x5bf965 in perl_parse /root/Fuzz/perl/perl.c:1822:2
    #14 0xde129c in main /root/Fuzz/perl/miniperlmain.c:132:10
    #15 0x7f21e137a82f in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
    #16 0x41c358 in _start (/root/Fuzz/perl/miniperl+0x41c358)

Here's the code in question (minus the irrelevant code):


            const char * locale_name_on_entry;

            LC_NUMERIC_LOCK(0);    /* Start critical section */

            locale_name_on_entry = setlocale(LC_NUMERIC, NULL); <-- get current locale name (possibly malloced())
            if (   strNE(locale_name_on_entry, "C")
                && strNE(locale_name_on_entry, "POSIX"))
            {
                setlocale(LC_NUMERIC, "C"); <-- change locale, possibly freeing locale_name_on_entry
            }
            else {  /* This value indicates to the restore code that we didn't
                       change the locale */
                locale_name_on_entry = NULL;
            }

...


            if (locale_name_on_entry) {
                setlocale(LC_NUMERIC, locale_name_on_entry); <-- use freed value
            }

The lifetime of the string returned by setlocale() isn't well documented, but it is documented that it *may* be return a pointer to static storage, in which case the setlocale(LC_NUMERIC, "C") may overwrite it, making the value useless for restoring the locale.

The attached should fix it.

#134182 (which I found after checking the version.pm PRs) has an incomplete patch for this.

Tony

---
via perlbug:  queue: perl5 status: open
https://rt.perl.org/Ticket/Display.html?id=134212

Thread Previous


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About