diff options
author | Father Chrysostomos <sprout@cpan.org> | 2013-09-09 00:35:38 -0700 |
---|---|---|
committer | Ricardo Signes <rjbs@cpan.org> | 2013-12-21 15:48:42 -0500 |
commit | 4c4a7f8fbcb603c3f62d98ef89f48c87875c27e7 (patch) | |
tree | 2a1ab7d39c911d2bbc33809486516e0b0ce3eb69 | |
parent | b9f50262f24f56492aaafa370c2666cab3aab8de (diff) | |
download | perl-4c4a7f8fbcb603c3f62d98ef89f48c87875c27e7.tar.gz |
Fix buffer overflow with overlong identifiers
This was introduced by commit 32833930e32dc in 5.17.10.
$ ./perl -Ilib -e Foooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
Identifier too long at -e line 1.
Segmentation fault: 11
(That was an amusing use of macro parentheses for the while condition,
at least while it lasted.)
(cherry picked from commit eaaaaa32882752f15fc0db1c73a1adbe34b49642)
Conflicts:
t/comp/parser.t
-rw-r--r-- | t/comp/parser.t | 10 | ||||
-rw-r--r-- | toke.c | 2 |
2 files changed, 10 insertions, 2 deletions
diff --git a/t/comp/parser.t b/t/comp/parser.t index 7c0db7fa37..4f2da90f50 100644 --- a/t/comp/parser.t +++ b/t/comp/parser.t @@ -3,7 +3,7 @@ # Checks if the parser behaves correctly in edge cases # (including weird syntax errors) -print "1..154\n"; +print "1..155\n"; sub failed { my ($got, $expected, $name) = @_; @@ -450,6 +450,14 @@ for my $pkg(()){} $pkg = 3; is $pkg, 3, '[perl #114942] for my $foo()){} $foo'; +eval 'Fooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo' + .'oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo' + .'oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo' + .'oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo' + .'oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo' + .'ooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo'; +like $@, "^Identifier too long at ", 'ident buffer overflow'; + # Add new tests HERE (above this line) # bug #74022: Loop on characters in \p{OtherIDContinue} @@ -9244,7 +9244,7 @@ S_parse_ident(pTHX_ char **s, char **d, char * const e, int allow_package, bool else if ( isWORDCHAR_A(**s) ) { do { *(*d)++ = *(*s)++; - } while isWORDCHAR_A(**s); + } while (isWORDCHAR_A(**s) && *d < e); } else if (allow_package && **s == '\'' && isIDFIRST_lazy_if(*s+1,is_utf8)) { *(*d)++ = ':'; |