| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
running and using the output of Porting/perlhist_calculate.pl
has not been done regularly, presumably because I had no idea
that it existed!
|
|
|
|
|
|
| |
running and using the output of Porting/perlhist_calculate.pl
has not been done regularly, presumably because I had no idea
that it existed!
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
| |
2e8de60ec6c36c8169bd4264125ac5c519ce6920)
Conflicts:
cpan/Encode/Encode.pm
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Poorly written perl code that allows an attacker to specify the count to
perl's 'x' string repeat operator can already cause a memory exhaustion
denial-of-service attack. A flaw in versions of perl before 5.15.5 can
escalate that into a heap buffer overrun; coupled with versions of glibc
before 2.16, it possibly allows the execution of arbitrary code.
The flaw addressed to this commit has been assigned identifier
CVE-2012-5195.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
| |
This is a regression in 5.10 caused by change 23966/08ca2aa38a29,
which added a bit of faulty logic. It was treating U* in the middle of
a pack template as equivalent to U0, if the input string was empty.
(cherry picked from commit c5333953a555847ef4f1457905bf0f111a79eb72)
|
| |
|
|
|
|
| |
3c97495f56fb647c used bzero(), which isn't available on some platforms.
|
| |
|
|
|
|
|
|
|
|
|
| |
First, disable all the unsupported flags just to make sure they aren't
triggering something they shouldn't be. Also, zero the pglob struct
before passing to bsd_glob(); it contains function pointers, and it's
safest if they are null rather than containing random stack data.
Bug reported by Clément Lecigne <clemun@gmail.com>.
|
|
|
|
|
|
| |
It overflows at compile time on 32-bit architectures, so the skip
isn't enough.
(cherry picked from commit dfae30232f1b277231b0dee813acbeca0b958afd)
|
| |
|
| |
|
|
|
|
|
|
| |
Some time between 5.8.3 and 5.8.4, the -tree output
format started getting extra line breaks.
(cherry picked from commit efef081eeab2e6a1f5882c447d1aa3cfb2201e46)
|
| |
|
|
|
|
|
|
| |
What we now have here on the maint-5.12 branch is identical to what
came with 5.13.3, so there is no need for an in-between version
number.
|
|
|
|
|
|
|
|
| |
Thank you for your bug report. Change <lower> to <upper> as the report
showed.
Signed-off-by: David Golden <dagolden@cpan.org>
(cherry picked from commit d2da20e3713b4c9367aaa821e5bb5b67f33611cd)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Ticket is entitled:
"panic: top_env when localizing a lexical variable in qr{(?{...})}"
but a better description would be:
"(?{...}) does not catch yyparse() exceptions in regex compilation"
Changes Perl_sv_compile_2op() to tell doeval() that it must use
S_try_yyparse() to catch any exception that yyparse() may throw.
(cherry picked from commit 634d6919699655c843f8d8c3ea64922d0403c499)
|
| |
|
|
|
|
|
|
|
| |
Change S_sv_pos_u2b_forwards() to take a point to the (requested) UTF-8 offset,
and return the actual UTF-8 offset for the byte position returned. This ensures
that the cache is consistent with reality.
(cherry picked from commit 3e2d3818e517e0037c1ab6a482f31d50271f9e27)
|
|
|
|
|
|
|
| |
0 Unicode characters are always 0 octets long. Returning early ensures that
any offsets we calculate later will always be non-zero.
(cherry picked from commit 48f9cf718354a5326f9e9d40d02a063952160024,
as this is a prerequisite for 3e2d381)
|
|
|
|
|
| |
(cherry picked from commit 503752a16bf16b90ff6c073c4bd5d818e68a2e2a,
as this is a prerequisite for 3e2d381)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commit eff7e72c3 (Detect incomplete caller overrides in Carp) used
this little trick for detecting a @DB::args that an overridden
caller() failed to set:
+ @args = \$i; # A sentinal, which no-one else has the address of
But there is a bug in caller(). The first time caller tries to write
to @DB::args, it calls Perl_init_dbargs first. That function checks
whether @DB::args is AvREAL, in case someone has assigned to it, and
takes appropriate measures. But caller doesn’t bother calling
Perl_init_dbargs more than once. So manually-assigned items in
@DB::args would leak, starting with the *second* call to caller.
Commit eff7e72c3 triggered that bug, resulting in a regression in
Carp, in that it started leaking. eff7e72c3 was backported to 5.12.2
with commit 97705941a4, so in both 5.12 and 5.14 Carp is affected.
This bug (the caller bug, not Carp’s triggering thereof) also affects
any caller overrides that set @DB::args themselves, if there are
alternate calls to the overridden caller and CORE::caller.
This commit fixes that by changing the if (!PL_dbargs) condition
in pp_caller to if (!PL_dbargs || AvREAL(PL_dbargs)). I.e., if
@args is either uninitialised or AvREAL then call Perl_init_dbargs.
Perl_init_dbargs also has a bug in it, that this fixes: The array not
only needs AvREAL turned off, but also AvREIFY turned on, so that
assignments to it that occur after its initialisation turn AvREAL back
on again. (In fact, Larry Wall added a comment suggesting this back
in perl 5.000.)
(cherry-picked from af80dd863acea8450a9f41ae03645f4d69dad091)
|
| |
|
|
|
|
|
| |
Tested before/after with valgrind.
(cherry picked from commit c4bc4aaaeaf5ebf3d6c5758fe61c1f0dd3864b9a)
|
| |
|
|
|
|
| |
(cherry picked from commit e3a22e3fde4a0485bb3fee606a63025eb3214eb9)
|
| |
|
|
|
|
| |
This is from perl5140delta.
|