diff options
| author | Tony Cook <tony@develop-help.com> | 2018-08-20 16:31:45 +1000 |
|---|---|---|
| committer | Tony Cook <tony@develop-help.com> | 2018-09-21 10:23:08 +1000 |
| commit | 12cad9bd99725bba72029e2651b2b7f0cab2e0b0 (patch) | |
| tree | 22ead3858e2707030696a8bb4abda102f8a9f55e /t/op | |
| parent | 30a6480c0da19d85d20a159b9179b5b212c8c768 (diff) | |
| download | perl-12cad9bd99725bba72029e2651b2b7f0cab2e0b0.tar.gz | |
(perl #132655) nul terminate result of unpack "u" of invalid data
In the given test case, Perl_atof2() would run off the end of the PV,
producing an error from ASAN.
Diffstat (limited to 't/op')
| -rw-r--r-- | t/op/pack.t | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/t/op/pack.t b/t/op/pack.t index cf0e286509..bb9f865091 100644 --- a/t/op/pack.t +++ b/t/op/pack.t @@ -12,7 +12,7 @@ my $no_endianness = $] > 5.009 ? '' : my $no_signedness = $] > 5.009 ? '' : "Signed/unsigned pack modifiers not available on this perl"; -plan tests => 14717; +plan tests => 14718; use strict; use warnings qw(FATAL all); @@ -2081,3 +2081,10 @@ SKIP: fresh_perl_like('pack "c10f1073741824"', qr/Out of memory during pack/, { stderr => 1 }, "integer overflow calculating allocation (multiply)"); } + +{ + # [perl #132655] heap-buffer-overflow READ of size 11 + # only expect failure under ASAN (and maybe valgrind) + fresh_perl_is('0.0 + unpack("u", "ab")', "", { stderr => 1 }, + "ensure unpack u of invalid data nul terminates result"); +} |