diff options
author | Peter Martini <PeterCMartini@GMail.com> | 2011-12-03 07:01:44 -0500 |
---|---|---|
committer | Father Chrysostomos <sprout@cpan.org> | 2011-12-03 09:26:43 -0800 |
commit | 58b643af94f2fff7b3765a746a475cb8183ccc4b (patch) | |
tree | cf84b536bb110541a31ed9b83636a1e787731f4c /sv.c | |
parent | db12e2d38b3ae9d4035fb95151828de67a1429c1 (diff) | |
download | perl-58b643af94f2fff7b3765a746a475cb8183ccc4b.tar.gz |
Stop calling sv_usepvn_flags from sv_sethek
sv_usepvn_flags assumes that ptr is at the head of a block
of memory allocated by malloc. If perl's malloc is in use,
the data structures malloc uses and the data allocated for
perl are intermixed, and accounting done by malloced_size
in sv_usepvn_flags will overwrite valid memory if its called
on an address that is not the start of a malloced block.
The actual work being accomplished by sv_usepvn_flags, and
not undone immediately after by sv_sethek, is limited to 3 calls
on the SV. Inlining those calls removes the dependency on malloc.
This fixes perl #104034.
Diffstat (limited to 'sv.c')
-rw-r--r-- | sv.c | 8 |
1 files changed, 7 insertions, 1 deletions
@@ -4583,8 +4583,14 @@ Perl_sv_sethek(pTHX_ register SV *const sv, const HEK *const hek) return; } { + /* Emulate what sv_usepvn_flags does; it can't be called + directly, because it assumes that the data for the PV is at the + start of a malloced block */ + SV_CHECK_THINKFIRST_COW_DROP(sv); SvUPGRADE(sv, SVt_PV); - sv_usepvn_flags(sv, (char *)HEK_KEY(share_hek_hek(hek)), HEK_LEN(hek), SV_HAS_TRAILING_NUL); + SvPV_set(sv,(char *)HEK_KEY(share_hek_hek(hek))); + SvTAINT(sv); + SvCUR_set(sv, HEK_LEN(hek)); SvLEN_set(sv, 0); SvREADONLY_on(sv); SvFAKE_on(sv); |