develooper Front page | perl.perl5.porters | Postings from March 2021

Re: Perl 7: Fix string leaks?

Thread Previous | Thread Next
From:
Felipe Gasper
Date:
March 31, 2021 12:40
Subject:
Re: Perl 7: Fix string leaks?
Message ID:
FF89D9A4-C922-4251-BBD6-E46746585994@felipegasper.com

> On Mar 31, 2021, at 2:44 AM, Salvador Fandiño <sfandino@gmail.com> wrote:
> 
> On 31/3/21 0:30, Dan Book wrote:
>> On Tue, Mar 30, 2021 at 4:48 PM Salvador Fandiño <sfandino@gmail.com <mailto:sfandino@gmail.com>> wrote:
>>     >> No solution is trivial or evident, and would have required
>>    investigation from the developer. So, I would expect most people did
>>    find about 2 and used it.
>>     >
>>     > A lot of XS modules use SvPV without checking SvUTF8. Alas.
>>    Yes, and almost all of them are broken!
>> Technically yes, but practically is a different matter. Such modules (1) accidentally work correctly sometimes, and (2) work correctly always on ascii-only input. Fixing this wholesale, as in most instances of this bug, won't affect (2) but it will cause (1) to go from "sometimes broken" to "always broken".
> 
> Well, some of those "sometimes broken" would also change to "fixed".
> 
> Anyway, if you want a more conservative approach you can also make a version of SvPV (say SvPV_bad) that warns on first use and change the default typemaps to use it.

I would love to take an approach like this, but I think it would create too many warnings in code that currently “happens” to work consistently.

I *do* think that SvPV should be renamed to SvPVinternal, or some such. The name “SvPV”, by virtue of being the shortest of similarly-named interfaces, suggests itself as a sort of “go-to” means of extracting a C string from an SV. SvPV, though, is easier to misuse than to use properly; such tools should not be “go-to” controls, but “advanced” tools that people discover after the “safe” defaults like SvPVbyte and SvPVutf8.

(There is also the fact that perlguts et al. privilege SvPV over others; I have a docs PR that intends to fix that.)

We’d need to retain SvPV as an alias, of course, and given the mass of XS code out there that uses the status-quo name we’d likely never be rid of it, but we could at least “stop the bleeding” by discouraging new code from using SvPV (unless the author knows what they’re doing).

-F
Thread Previous | Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About