diff options
| author | Karl Williamson <khw@cpan.org> | 2019-12-07 13:47:05 -0700 |
|---|---|---|
| committer | Karl Williamson <khw@cpan.org> | 2019-12-18 09:33:09 -0700 |
| commit | 4aada8b9eda25f3f024283c0c27c1424b5ba40ff (patch) | |
| tree | 2c0ded2d593e998be054336ebf9648e4e18877fb /pp_pack.c | |
| parent | fcafb10c71dbfc03eacb02eeb0c567facc269a72 (diff) | |
| download | perl-4aada8b9eda25f3f024283c0c27c1424b5ba40ff.tar.gz | |
Add memCHRs() macro and use it
This replaces strchr("list", c) calls throughout the core. They don't
work properly when 'c' is a NUL, returning the position of the
terminating NUL in "list" instead of failure. This could lead to
segfaults or even security issues.
Diffstat (limited to 'pp_pack.c')
| -rw-r--r-- | pp_pack.c | 8 |
1 files changed, 4 insertions, 4 deletions
@@ -1779,9 +1779,9 @@ S_unpack_rec(pTHX_ tempsym_t* symptr, const char *s, const char *strbeg, const c } /* End of switch */ if (checksum) { - if (strchr("fFdD", TYPE_NO_MODIFIERS(datumtype)) || + if (memCHRs("fFdD", TYPE_NO_MODIFIERS(datumtype)) || (checksum > bits_in_uv && - strchr("cCsSiIlLnNUWvVqQjJ", TYPE_NO_MODIFIERS(datumtype))) ) { + memCHRs("cCsSiIlLnNUWvVqQjJ", TYPE_NO_MODIFIERS(datumtype))) ) { NV trouble, anv; anv = (NV) (1 << (checksum & 15)); @@ -2135,7 +2135,7 @@ S_pack_rec(pTHX_ SV *cat, tempsym_t* symptr, SV **beglist, SV **endlist ) switch (howlen) { case e_star: - len = strchr("@Xxu", TYPE_NO_MODIFIERS(datumtype)) ? + len = memCHRs("@Xxu", TYPE_NO_MODIFIERS(datumtype)) ? 0 : items; break; default: @@ -2160,7 +2160,7 @@ S_pack_rec(pTHX_ SV *cat, tempsym_t* symptr, SV **beglist, SV **endlist ) if (symptr->flags & FLAG_SLASH) { IV count; if (!found) Perl_croak(aTHX_ "Code missing after '/' in pack"); - if (strchr("aAZ", lookahead.code)) { + if (memCHRs("aAZ", lookahead.code)) { if (lookahead.howlen == e_number) count = lookahead.length; else { if (items > 0) { |