diff options
| author | Gisle Aas <gisle@activestate.com> | 2006-01-10 08:58:21 +0000 |
|---|---|---|
| committer | Gisle Aas <gisle@activestate.com> | 2006-01-10 08:58:21 +0000 |
| commit | 2d2af554da24863760d055834f4984fbca7ec85b (patch) | |
| tree | 99ca4a308dba0bbab27f7e2b008e3a91dcbe8fc1 /mg.c | |
| parent | 11e2783cff6b99a1463ba0eb8e30a005fc688aaf (diff) | |
| download | perl-2d2af554da24863760d055834f4984fbca7ec85b.tar.gz | |
Avoid possible dereference of NULL in the initialization of PL_origalen.
This can only happen when perlparse is called with no argv.
Don't try to update PL_origargv unless PL_origalen is at least 2.
p4raw-id: //depot/perl@26760
Diffstat (limited to 'mg.c')
| -rw-r--r-- | mg.c | 44 |
1 files changed, 23 insertions, 21 deletions
@@ -2568,28 +2568,30 @@ Perl_magic_set(pTHX_ SV *sv, MAGIC *mg) pstat(PSTAT_SETCMD, un, len, 0, 0); } #endif - /* PL_origalen is set in perl_parse(). */ - s = SvPV_force(sv,len); - if (len >= (STRLEN)PL_origalen-1) { - /* Longer than original, will be truncated. We assume that - * PL_origalen bytes are available. */ - Copy(s, PL_origargv[0], PL_origalen-1, char); + if (PL_origalen > 1) { + /* PL_origalen is set in perl_parse(). */ + s = SvPV_force(sv,len); + if (len >= (STRLEN)PL_origalen-1) { + /* Longer than original, will be truncated. We assume that + * PL_origalen bytes are available. */ + Copy(s, PL_origargv[0], PL_origalen-1, char); + } + else { + /* Shorter than original, will be padded. */ + Copy(s, PL_origargv[0], len, char); + PL_origargv[0][len] = 0; + memset(PL_origargv[0] + len + 1, + /* Is the space counterintuitive? Yes. + * (You were expecting \0?) + * Does it work? Seems to. (In Linux 2.4.20 at least.) + * --jhi */ + (int)' ', + PL_origalen - len - 1); + } + PL_origargv[0][PL_origalen-1] = 0; + for (i = 1; i < PL_origargc; i++) + PL_origargv[i] = 0; } - else { - /* Shorter than original, will be padded. */ - Copy(s, PL_origargv[0], len, char); - PL_origargv[0][len] = 0; - memset(PL_origargv[0] + len + 1, - /* Is the space counterintuitive? Yes. - * (You were expecting \0?) - * Does it work? Seems to. (In Linux 2.4.20 at least.) - * --jhi */ - (int)' ', - PL_origalen - len - 1); - } - PL_origargv[0][PL_origalen-1] = 0; - for (i = 1; i < PL_origargc; i++) - PL_origargv[i] = 0; UNLOCK_DOLLARZERO_MUTEX; break; #endif |