rpms / perl

Clone
Source Code
GIT

Blame SOURCES/perl-5.24.0-perl-129164-Crash-with-splice.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8-beta-stream-5.24 c8-beta-stream-5.30 c8-beta-stream-5.32 c8-stream-5.24 c8-stream-5.26 c8-stream-5.3 c8-stream-5.30 c8-stream-5.32 c8s c8s-stream-5.30 c8s-stream-5.32 c9 c9-beta
  1.   dcb3b7e641b0b41efa52504cd710dce325c35325
  2.   SOURCES
  3.   perl-5.24.0-perl-129164-Crash-with-splice.patch
Blob History Raw
dcb3b7 
From 54550573a613ad20f00521880f345644a1db85cc Mon Sep 17 00:00:00 2001
dcb3b7 
From: Father Chrysostomos <sprout@cpan.org>
dcb3b7 
Date: Sun, 11 Sep 2016 21:29:56 -0700
dcb3b7 
Subject: [PATCH] Crash with splice
dcb3b7 
MIME-Version: 1.0
dcb3b7 
Content-Type: text/plain; charset=UTF-8
dcb3b7 
Content-Transfer-Encoding: 8bit
dcb3b7
dcb3b7 
Ported to 5.24.0:
dcb3b7
dcb3b7 
commit 92b69f6501b4d7351e09c8b1ddd386aa7e1c9cd1
dcb3b7 
Author: Father Chrysostomos <sprout@cpan.org>
dcb3b7 
Date:   Sun Sep 11 21:29:56 2016 -0700
dcb3b7
dcb3b7 
    [perl #129164] Crash with splice
dcb3b7
dcb3b7 
    This fixes #129166 and #129167 as well.
dcb3b7
dcb3b7 
    splice needs to take into account that arrays can hold NULLs and
dcb3b7 
    return &PL_sv_undef in those cases where it would have returned a
dcb3b7 
    NULL element.
dcb3b7
dcb3b7 
Signed-off-by: Petr Písař <ppisar@redhat.com>
dcb3b7 
---
dcb3b7 
 pp.c         |  4 ++++
dcb3b7 
 t/op/array.t | 17 +++++++++++++++++
dcb3b7 
 2 files changed, 21 insertions(+)
dcb3b7
dcb3b7 
diff --git a/pp.c b/pp.c
dcb3b7 
index 4a2cde0..4153482 100644
dcb3b7 
--- a/pp.c
dcb3b7 
+++ b/pp.c
dcb3b7 
@@ -5488,6 +5488,8 @@ PP(pp_splice)
dcb3b7 
 		for (i = length - 1, dst = &AvARRAY(ary)[offset]; i > 0; i--)
dcb3b7 
 		    SvREFCNT_dec(*dst++);	/* free them now */
dcb3b7 
 	    }
dcb3b7 
+	    if (!*MARK)
dcb3b7 
+		*MARK = &PL_sv_undef;
dcb3b7 
 	}
dcb3b7 
 	AvFILLp(ary) += diff;
dcb3b7
dcb3b7 
@@ -5584,6 +5586,8 @@ PP(pp_splice)
dcb3b7 
 		while (length-- > 0)
dcb3b7 
 		    SvREFCNT_dec(tmparyval[length]);
dcb3b7 
 	    }
dcb3b7 
+	    if (!*MARK)
dcb3b7 
+		*MARK = &PL_sv_undef;
dcb3b7 
 	}
dcb3b7 
 	else
dcb3b7 
 	    *MARK = &PL_sv_undef;
dcb3b7 
diff --git a/t/op/array.t b/t/op/array.t
dcb3b7 
index 4f0a772..fb4e8c6 100644
dcb3b7 
--- a/t/op/array.t
dcb3b7 
+++ b/t/op/array.t
dcb3b7 
@@ -555,4 +555,21 @@ is $#foo, 3, 'assigning to arylen aliased in foreach(scalar $#arylen)';
dcb3b7 
     is "@a", 'a b c', 'assigning to itself';
dcb3b7 
 }
dcb3b7
dcb3b7 
+# [perl #129164], [perl #129166], [perl #129167]
dcb3b7 
+# splice() with null array entries
dcb3b7 
+# These used to crash.
dcb3b7 
+$#a = -1; $#a++;
dcb3b7 
+() = 0-splice @a; # subtract
dcb3b7 
+$#a = -1; $#a++;
dcb3b7 
+() =  -splice @a; # negate
dcb3b7 
+$#a = -1; $#a++;
dcb3b7 
+() = 0+splice @a; # add
dcb3b7 
+# And with array expansion, too
dcb3b7 
+$#a = -1; $#a++;
dcb3b7 
+() = 0-splice @a, 0, 1, 1, 1;
dcb3b7 
+$#a = -1; $#a++;
dcb3b7 
+() =  -splice @a, 0, 1, 1, 1;
dcb3b7 
+$#a = -1; $#a++;
dcb3b7 
+() = 0+splice @a, 0, 1, 1, 1;
dcb3b7 
+
dcb3b7 
 "We're included by lib/Tie/Array/std.t so we need to return something true";
dcb3b7 
--
dcb3b7 
2.7.4
dcb3b7

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation