diff options
| author | Father Chrysostomos <sprout@cpan.org> | 2011-12-26 23:46:35 -0800 |
|---|---|---|
| committer | Father Chrysostomos <sprout@cpan.org> | 2011-12-27 00:43:05 -0800 |
| commit | f8c105437c52640c37fa90070a272985d8ecc321 (patch) | |
| tree | c8b02254913cb8cf226f2104c7dc716dbe6c0acd /perl.c | |
| parent | eaa72df2d2db0f36266df132ec31299fb758bc2c (diff) | |
| download | perl-f8c105437c52640c37fa90070a272985d8ecc321.tar.gz | |
Fix crash when tying @DB::args
I was looking at diag.t to see what messages I could document.
‘av_reify called on tied array’ looked interesting, so I decided to
see whether I could trigger it. I got something else:
./perl -Ilib -lwe '
sub TIEARRAY{bless[]}
sub CLEAR{}
sub EXTEND{}
tie @DB::args, "";
package DB; sub {() = caller 0;}->(1,2,3);
'
Name "DB::args" used only once: possible typo at -e line 5.
Bus error
How exciting!
What’s happening is that Perl_init_dbargs turns off AvREAL after
clearing a real array. Then pp_caller does av_extend and merrily
tries to copy into AvARRAY(PL_dbargs). But AvARRAY has not been allo-
cated, because av_extend called EXTEND instead.
I fixed this by untying the array before turning off AvREAL. I don’t
know whether that is the best fix. Alternatives would be to croak
or to do the assignment in pp_caller differently for tied arrays (in
which case tying @DB::args would cause objects to leak unexpectedly,
until the next caller() call in the DB package).
Diffstat (limited to 'perl.c')
| -rw-r--r-- | perl.c | 2 |
1 files changed, 2 insertions, 0 deletions
@@ -3890,6 +3890,8 @@ Perl_init_dbargs(pTHX) "leak" until global destruction. */ av_clear(args); } + if (SvTIED_mg((const SV *)args, PERL_MAGIC_tied)) + sv_unmagic((const SV *)args, PERL_MAGIC_tied); AvREIFY_only(PL_dbargs); } |