diff options
author | Karl Williamson <khw@cpan.org> | 2019-04-27 14:30:02 -0600 |
---|---|---|
committer | Karl Williamson <khw@cpan.org> | 2019-05-03 10:58:50 -0600 |
commit | 2ede6705761661369c948352ae60121492698a7c (patch) | |
tree | 269a35d2c35314f4bdcb64e3ecf14f7b7e097a59 | |
parent | 3fdfceb306b900b57c3ce5ad662aea091cfb53a6 (diff) | |
download | perl-2ede6705761661369c948352ae60121492698a7c.tar.gz |
S_scan_const: Make sure room for NUL in dest
At the end of a constant, we add a trailing NUL. This commit makes sure
there's room for it. But the code earlier was supposed to have already
made enough space, so its a bug if there isn't enough space. So on
DEBUGGING builds, we panic, as we've done before. But otherwise we can
continue on with no actual harm having been done.
-rw-r--r-- | toke.c | 25 |
1 files changed, 22 insertions, 3 deletions
@@ -4109,12 +4109,31 @@ S_scan_const(pTHX_ char *start) } } /* while loop to process each character */ + { + const STRLEN off = d - SvPVX(sv); + + /* See if room for the terminating NUL */ + if (UNLIKELY(off >= SvLEN(sv))) { + +#ifndef DEBUGGING + + if (off > SvLEN(sv)) +#endif + Perl_croak(aTHX_ "panic: constant overflowed allocated space," + " %" UVuf " >= %" UVuf, (UV)off, (UV)SvLEN(sv)); + + /* Whew! Here we don't have room for the terminating NUL, but + * everything else so far has fit. It's not too late to grow + * to fit the NUL and continue on. But it is a bug, as the code + * above was supposed to have made room for this, so under + * DEBUGGING builds, we panic anyway. */ + d = off + SvGROW(sv, off + 1); + } + } + /* terminate the string and set up the sv */ *d = '\0'; SvCUR_set(sv, d - SvPVX_const(sv)); - if (SvCUR(sv) >= SvLEN(sv)) - Perl_croak(aTHX_ "panic: constant overflowed allocated space, %" UVuf - " >= %" UVuf, (UV)SvCUR(sv), (UV)SvLEN(sv)); SvPOK_on(sv); if (d_is_utf8) { |