diff options
author | David Mitchell <davem@iabyn.com> | 2014-12-22 20:23:28 +0000 |
---|---|---|
committer | David Mitchell <davem@iabyn.com> | 2014-12-31 11:28:52 +0000 |
commit | ea11461288d14099c29bf480cfd98479d3613a9c (patch) | |
tree | d574023fc2be5f170b87053f2e46cf9ddcc83fe6 /regcomp.c | |
parent | e68aed92f594456b596d9b3d8c0fba00406fe76d (diff) | |
download | perl-ea11461288d14099c29bf480cfd98479d3613a9c.tar.gz |
fix integer overflow in S_study_chunk().
Don't increment delta if it's "infinity" (SSize_t_MAX)
Found by -fsanitize=undefined:
regcomp.c:4999:11: runtime error: signed integer overflow: 9223372036854775807 + 1 cannot be represented in type 'ssize_t' (aka 'long')
Diffstat (limited to 'regcomp.c')
-rw-r--r-- | regcomp.c | 3 |
1 files changed, 2 insertions, 1 deletions
@@ -5022,7 +5022,8 @@ PerlIO_printf(Perl_debug_log, "LHS=%"UVuf" RHS=%"UVuf"\n", flags &= ~SCF_DO_STCLASS; } min++; - delta++; /* Because of the 2 char string cr-lf */ + if (delta != SSize_t_MAX) + delta++; /* Because of the 2 char string cr-lf */ if (flags & SCF_DO_SUBSTR) { /* Cannot expect anything... */ scan_commit(pRExC_state, data, minlenp, is_inf); |