Earlier safety check for @INC entry in pp_require.

In order to make sure we find embedded NULs early enough, before the directories in @INC have been through library calls that use C strings, check each directory in pp_require before concatenating a filename onto it.
author: Craig A. Berry <craigberry@mac.com> 2013-09-14 18:25:58 -0500
committer: Craig A. Berry <craigberry@mac.com> 2013-09-16 21:06:53 -0500
commit: ddc65b67716e249b363fe390e4bc08a259b2fed1 (patch)
tree: 6321dd17dd47c29e94999918d895ddcafd151506 /pp_ctl.c
parent: 21869cac5ad982d653d92969f57df591682e8998 (diff)
download: perl-ddc65b67716e249b363fe390e4bc08a259b2fed1.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/pp_ctl.c b/pp_ctl.c
index 5eebe24ada..c4123d20f9 100644
--- a/pp_ctl.c
+++ b/pp_ctl.c
@@ -3969,6 +3969,8 @@ PP(pp_require)
 			dirlen = 0;
 		    }
 
+		    if (!IS_SAFE_SYSCALL(dir, dirlen, "@INC entry", "require"))
+			continue;
 #ifdef VMS
 		    if (((unixdirbuf = SvPVX(sv_2mortal(newSVpv("", VMS_MAXRSS-1)))) == NULL)
 			|| ((unixdir = tounixpath(dir, unixdirbuf)) == NULL))
author	Craig A. Berry <craigberry@mac.com>	2013-09-14 18:25:58 -0500
committer	Craig A. Berry <craigberry@mac.com>	2013-09-16 21:06:53 -0500
commit	ddc65b67716e249b363fe390e4bc08a259b2fed1 (patch)
tree	6321dd17dd47c29e94999918d895ddcafd151506 /pp_ctl.c
parent	21869cac5ad982d653d92969f57df591682e8998 (diff)
download	perl-ddc65b67716e249b363fe390e4bc08a259b2fed1.tar.gz