rpms / perl

Clone
Source Code
GIT

Blame SOURCES/perl-5.25.4-perl-129267-Test-for-gv_fetchmethod-buffer-overrun.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8-beta-stream-5.24 c8-beta-stream-5.30 c8-beta-stream-5.32 c8-stream-5.24 c8-stream-5.26 c8-stream-5.3 c8-stream-5.30 c8-stream-5.32 c8s c8s-stream-5.30 c8s-stream-5.32 c9 c9-beta
  1.   dcb3b7e641b0b41efa52504cd710dce325c35325
  2.   SOURCES
  3.   perl-5.25.4-perl-129267-Test-for-gv_fetchmethod-buffer-overrun.patch
Blob History Raw
dcb3b7 
From 1665b718d8fbd58705dbe6376fa51f8c1a02d887 Mon Sep 17 00:00:00 2001
dcb3b7 
From: Father Chrysostomos <sprout@cpan.org>
dcb3b7 
Date: Tue, 13 Sep 2016 22:38:59 -0700
dcb3b7 
Subject: [PATCH 5/5] [perl #129267] Test for gv_fetchmethod buffer overrun
dcb3b7 
MIME-Version: 1.0
dcb3b7 
Content-Type: text/plain; charset=UTF-8
dcb3b7 
Content-Transfer-Encoding: 8bit
dcb3b7
dcb3b7 
Signed-off-by: Petr Písař <ppisar@redhat.com>
dcb3b7 
---
dcb3b7 
 ext/XS-APItest/APItest.xs               | 3 +++
dcb3b7 
 ext/XS-APItest/t/gv_fetchmethod_flags.t | 5 +++++
dcb3b7 
 2 files changed, 8 insertions(+)
dcb3b7
dcb3b7 
diff --git a/ext/XS-APItest/APItest.xs b/ext/XS-APItest/APItest.xs
dcb3b7 
index 992b6a5..4602cee 100644
dcb3b7 
--- a/ext/XS-APItest/APItest.xs
dcb3b7 
+++ b/ext/XS-APItest/APItest.xs
dcb3b7 
@@ -2571,6 +2571,9 @@ gv_fetchmethod_flags_type(stash, methname, type, flags)
dcb3b7 
                gv = gv_fetchmethod_pvn_flags(stash, name, len, flags | SvUTF8(methname));
dcb3b7 
                break;
dcb3b7 
             }
dcb3b7 
+           case 4:
dcb3b7 
+               gv = gv_fetchmethod_pvn_flags(stash, SvPV_nolen(methname),
dcb3b7 
+                                             flags, SvUTF8(methname));
dcb3b7 
         }
dcb3b7 
 	XPUSHs( gv ? (SV*)gv : &PL_sv_undef);
dcb3b7
dcb3b7 
diff --git a/ext/XS-APItest/t/gv_fetchmethod_flags.t b/ext/XS-APItest/t/gv_fetchmethod_flags.t
dcb3b7 
index 15d1c41..2da3b70 100644
dcb3b7 
--- a/ext/XS-APItest/t/gv_fetchmethod_flags.t
dcb3b7 
+++ b/ext/XS-APItest/t/gv_fetchmethod_flags.t
dcb3b7 
@@ -49,3 +49,8 @@ is XS::APItest::gv_fetchmethod_flags_type(\%::, "method\0not quite!", 2, 0), "*m
dcb3b7 
         }
dcb3b7 
     }
dcb3b7 
 }
dcb3b7 
+
dcb3b7 
+# [perl #129267] Buffer overrun when argument name ends with colon and
dcb3b7 
+#                there is a colon past the end.  This used to segv.
dcb3b7 
+XS::APItest::gv_fetchmethod_flags_type(\%::, "method:::::", 4, 7);
dcb3b7 
+                                             # With type 4, 7 is the length
dcb3b7 
--
dcb3b7 
2.7.4
dcb3b7

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation