|
 |
b8876f |
From a26907949ed561dccd661fc8600889eddc6664ea Mon Sep 17 00:00:00 2001
|
|
|
b8876f |
From: Hugo van der Sanden <hv@crypt.org>
|
|
|
b8876f |
Date: Wed, 5 Oct 2016 14:53:27 +0100
|
|
|
b8876f |
Subject: [PATCH] [perl #129342] ensure range-start is set after error in tr///
|
|
|
b8876f |
MIME-Version: 1.0
|
|
|
b8876f |
Content-Type: text/plain; charset=UTF-8
|
|
|
b8876f |
Content-Transfer-Encoding: 8bit
|
|
|
b8876f |
|
|
|
b8876f |
Ported to 5.24.1:
|
|
|
b8876f |
|
|
|
b8876f |
t 59143e29a717d67a61b869a6c5bb49574f1ef43f
|
|
|
b8876f |
Author: Tony Cook <tony@develop-help.com>
|
|
|
b8876f |
Date: Tue Jan 17 11:52:53 2017 +1100
|
|
|
b8876f |
|
|
|
b8876f |
(perl #129342) test for buffer overflow
|
|
|
b8876f |
|
|
|
b8876f |
commit 3dd4eaeb8ac39e08179145b86aedda36584a3509
|
|
|
b8876f |
Author: Hugo van der Sanden <hv@crypt.org>
|
|
|
b8876f |
Date: Wed Oct 5 14:53:27 2016 +0100
|
|
|
b8876f |
|
|
|
b8876f |
[perl #129342] ensure range-start is set after error in tr///
|
|
|
b8876f |
|
|
|
b8876f |
A parse error due to invalid octal or hex escape in the range of a
|
|
|
b8876f |
transliteration must still ensure some kind of start and end values
|
|
|
b8876f |
are captured, since we don't stop on the first such error. Failure
|
|
|
b8876f |
to do so can cause invalid reads after "Here we have parsed a range".
|
|
|
b8876f |
|
|
|
b8876f |
Signed-off-by: Petr Písař <ppisar@redhat.com>
|
|
|
b8876f |
---
|
|
|
b8876f |
t/lib/croak/toke | 7 +++++++
|
|
|
b8876f |
toke.c | 4 ++--
|
|
|
b8876f |
2 files changed, 9 insertions(+), 2 deletions(-)
|
|
|
b8876f |
|
|
|
b8876f |
diff --git a/t/lib/croak/toke b/t/lib/croak/toke
|
|
|
b8876f |
index 18dfa24..578a6da 100644
|
|
|
b8876f |
--- a/t/lib/croak/toke
|
|
|
b8876f |
+++ b/t/lib/croak/toke
|
|
|
b8876f |
@@ -302,3 +302,10 @@ Execution of - aborted due to compilation errors.
|
|
|
b8876f |
BEGIN <>
|
|
|
b8876f |
EXPECT
|
|
|
b8876f |
Illegal declaration of subroutine BEGIN at - line 1.
|
|
|
b8876f |
+########
|
|
|
b8876f |
+# NAME tr/// handling of mis-formatted \o characters
|
|
|
b8876f |
+# may only fail with ASAN
|
|
|
b8876f |
+tr/\o-0//;
|
|
|
b8876f |
+EXPECT
|
|
|
b8876f |
+Missing braces on \o{} at - line 2, within string
|
|
|
b8876f |
+Execution of - aborted due to compilation errors.
|
|
|
b8876f |
diff --git a/toke.c b/toke.c
|
|
|
b8876f |
index 288f372..576ce72 100644
|
|
|
b8876f |
--- a/toke.c
|
|
|
b8876f |
+++ b/toke.c
|
|
|
b8876f |
@@ -3338,7 +3338,7 @@ S_scan_const(pTHX_ char *start)
|
|
|
b8876f |
UTF);
|
|
|
b8876f |
if (! valid) {
|
|
|
b8876f |
yyerror(error);
|
|
|
b8876f |
- continue;
|
|
|
b8876f |
+ uv = 0; /* drop through to ensure range ends are set */
|
|
|
b8876f |
}
|
|
|
b8876f |
goto NUM_ESCAPE_INSERT;
|
|
|
b8876f |
}
|
|
|
b8876f |
@@ -3356,7 +3356,7 @@ S_scan_const(pTHX_ char *start)
|
|
|
b8876f |
UTF);
|
|
|
b8876f |
if (! valid) {
|
|
|
b8876f |
yyerror(error);
|
|
|
b8876f |
- continue;
|
|
|
b8876f |
+ uv = 0; /* drop through to ensure range ends are set */
|
|
|
b8876f |
}
|
|
|
b8876f |
}
|
|
|
b8876f |
|
|
|
b8876f |
--
|
|
|
b8876f |
2.7.4
|
|
|
b8876f |
|