| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
• The code previously assumed that any filename basename besides
`strict.pm` meant that the user mistyped `use strict` (e.g. as
`use Strict`). But that could just mean the file was not loaded
from the filesystem, e.g. due to naïve fatpacking.
This is fixed by adding a guard to check that an unexpected value
really is a mis-capitalised variant of `strict.pm`.
• The code previously insisted on either slash or backslash as the
directory separator, which is not strictly portable (though nobody
noticed in years; apparently nobody has tried to run a recent-ish
on a MacOS Classic or RiscOS system).
This is fixed by switching to \b as a best effort, to avoid going
down the rabbit hole of platform-specific separators.
• The code previously used an `unless` statement, declared lexical
variables inside its block, and used ${\EXPR} to interpolate the
__PACKAGE__ constant into the regexp. Each of these increases the
size of the optree, which is only ever executed once, then sticks
around wasting some hundred(s) bytes in almost every single Perl
program in the world.
This is fixed for warnings.pm by rewriting the code with no use of
any temporary variables and single-quoted strings instead of regexp
literals. In strict.pm, we can do even better by moving the code to
the BEGIN block, since BEGIN CVs are freed after running. (We do not
add one to warnings.pm since BEGIN blocks have a creation cost.)
|
| | |
|
| |
|
|
|
| |
Outdent and reflow comments because the previous commit removed a
surrounding block.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This fixes the issue by severely restricting what we recognize as the
interior of the [. .] and [= =] constructs, as suggested by Tony Cook.
I find the POSIX documentation very unclear, but it appears to me that
just about anything can be in the interior, and that is how I originally
wrote the code, and which led to this bug. But weird interiors would
only arise with really weird locales and only when the pattern is being
compiled under locale qr//l rules. A portable pattern would use the
restricted interior characters that this commit adopts.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This bug has shown up only under EBCDIC so far, but could affect other
code.
Commit dcf88e3433dcd5bc25811f9769e82d04c61a1d5a fixed a bug in which a
macro parameter needed to be dereferenced. Until then, the failure to
dereference meant some code that turned out to be faulty, was
effectively always skipped. So that commit, while correct in and of
itself, exposed a pre-existing bug.
It was hard for me to believe at first that a change of simply adding a
missing '*' could have broken things this way. But the clue was that
the only characters that were affected were the set of C1 controls, and
only when the target matched string was in UTF-8, and only on EBCDIC
systems. The difference between EBCDIC and ASCII platforms in this
regard is that the C1 controls under UTF-8 are represented by a single
byte on EBCDIC systems, and two bytes on ASCII. The test that adding
the dereference to is looking for characters that are single bytes under
both UTF-8 and not, and hence would give different results on EBCDIC and
ASCII platforms for exactly the set of C1 controls.
The code in question looks up an input code point to see if it is
matched by an ANYOF node, the kind generated for bracketed character
classes. The first N code points are stored in a bit vector. (N is
generally 256, but perl can be compiled to make that larger.) If there
are no complications, the answer can be found directly by just looking
up the code point in the vector. But if there are complications, a
function is called to sort them all out. The macro looks for
complications, and calls the function if needed, but does the lookup
directly if not. One of those complications is that the input needs to
be decoded to its actual code point value if the target is UTF-8 and the
code point isn't a single byte then. After the dereference fix, the
caller of the macro knew correctly that this was a single byte, and so
was calling the macro, But it turns out that the macro, as commented,
was expecting to be called only if the target was not-UTF-8, and so
unconditionally said to the function that it wasn't UTF-8, and so the
function didn't work properly.
The solution is to simply call the function in the macros with the
correct value of whether the target string is UTF-8 or not.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Currently it spits out about 80 lines like the following to stderr:
no documentation in lib/Archive/Tar/Constant.pm
no documentation in lib/CPAN/Author.pm
no documentation in lib/CPAN/Bundle.pm
Since this is not actually an error condition, spit to stdout instead,
and only under --verbose.
See http://nntp.perl.org/group/perl.perl5.porters/234436.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If we see duplicate environment variables while iterating over
environ[]:
a) make sure we use the same value in %ENV that getenv() returns.
Previously on a duplicate, %ENV would have the last entry for the name
from environ[], but a typical getenv() would return the first entry.
Rather than assuming all getenv() implementations return the first entry
explicitly call getenv() to ensure they agree.
b) remove duplicate entries from environ
Previously if there was a duplicate definition for a name in environ[]
setting that name in %ENV could result in an unsafe value being passed
to a child process, so ensure environ[] has no duplicates.
CVE-2016-2381
|
| |
|
|
| |
Spotted by Andrew Rodland
|
| |
|
|
|
| |
This was doing an extra shift, which doesn't matter currently because
there's only one element in the array, but could cause future problems.
|
| | |
|
| |
|
|
|
|
| |
Prior to this commit, the parsing code got confused if a user-defined
property whose definition was not known at pattern compilation time, was
specified with an explicit package name, under /i.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
based on work done by bulk88, per his notes below:
I found pp_subst with a -DPERL_NO_COW build on an experimental perl branch
would die in ../dist/SelfLoader/t/03taint.t in this line
"my $file = __FILE__ =~ s/[\w.]+\z/01SelfLoader.t/r;" with a attempt to
modify since sv_force_normal_flags checks for readonlyness. The
-DPERL_NO_COW exclusive logic seems faulty, since the COW branch right
above stores the cow status and doesn't call sv_force_normal_flags until
it actually wants to modify the source SV, and pp_subst wont modify the
source SV if PMf_NONDESTRUCT is on.
So fix the die by only de-COWing if !PMf_NONDESTRUCT. Do not deCOW the
source SV if PMf_NONDESTRUCT. The
"my $file = __FILE__ =~ s/[\w.]+\z/01SelfLoader.t/r;" fatal die can not be
reproduced in blead perl with -DPERL_NO_COW, only in my experimental branch
so I rewrote the test to use a const sub that is folded to a
HEK COW RO SV * instead of the __FILE__ token which is not a HEK COW on
blead perl. The subst.t test only fails if perl is compiled with
-DPERL_NO_COW. To avoid an extra !(rpm->op_pmflags & PMf_NONDESTRUCT) check
on a NO_COW build, restructure the logic so
!(rpm->op_pmflags & PMf_NONDESTRUCT) is tested only once. Filed as
[perl #127635].
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
| |
CID 104785: Division or modulo by zero (DIVIDE_BY_ZERO)
238. divide_by_zero: In expression 9223372036854775807L / retiv, division by expression retiv which may be zero has undefined behavior.
215 if(!SvNOK(sv) && SvIOK(sv) && (SvIV(sv) < IV_MAX / retiv)) {
Cherry-pick of the changes in
https://rt.cpan.org/Public/Bug/Display.html?id=105415
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Coverity CID 135025 (#1 of 1): Out-of-bounds read (OVERRUN)
29. overrun-local: Overrunning array addr.sun_path of 108 bytes at byte offset 108 using index addr_len (which evaluates to 108).
864 for (addr_len = 0; addr.sun_path[addr_len]
28. incr: Incrementing addr_len. The value of addr_len may now be up to 108.
865 && addr_len < maxlen; addr_len++);
Reported upstream as
https://rt.cpan.org/Ticket/Display.html?id=111707
|
| |
|
|
|
| |
otherwise a -DPERL_NO_COW perl win32 build fails during linking perl523.dll
with missing Perl_sv_setsv_cow
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
Assuming UTF-8 semantics and advancing character-by-character when 'use
utf8' is not enabled is not as problematic as the inverse. However,
properly UTF8SKIP should only be used when UTF8 semantics are explicitly
asked for.
Change the three occurrences of UTF8SKIP that are not protected by UTF
checks.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
Using a 32 bit Win32 gmake, with a GCC that produces 64 bit binaries, made
a perl with PTRSIZE 64 bits, and 64 bit machine code, but archname IDed
that build as "x86" not "x64", which is very wrong. Perl's
win32/GNUMakefile autodetects the bitness of the GCC and sets things up
accordingly. Fixes [perl #127584]. This bug might be a regression
introduced in commit 745dedb9b5 or the GNUMakefile parallel build branch.
|
| |
|
|
| |
Fixing an oopsie of yours truly from 2.05.
|
| |
|
|
| |
Less indirection on ELF.
|
| |
|
|
|
|
|
|
| |
A bit of sleuthing showed that it was actually version bumped for
the v5.18.3 release.
Also noticed that Config hadn't been updated as well, sorted that
out too.
|
| |
|
|
|
|
|
|
|
| |
This continues the process started in
accb4364d92e26c20e6a538fc04d1af52a8b94e2 of lowering memory use by not
creating unnecessary mortal SVs.
This changes the inversion union and intersection functions to avoid
entirely the creation of new mortals.
|
| |
|
|
| |
This newly-added assert could fail, but hasn't so far. Fix it.
|
| |
|
|
| |
In some paths, an SV was created mortal, and immediately thrown away.
|
| |
|
|
|
| |
The invlist_trim() function wasn't freeing up space if the new space
needed was small. This now frees up all but the required minimum.
|
| | |
|
| |
|
|
|
| |
A future commit will make more sense if these names are changed. This
reindents some code so that it doesn't overflow 79 columns
|
| |
|
|
|
| |
I found myself using this function, forgetting that it zapped one of the
parameters, so change the name so that can't be forgotten.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- remove trailing whitespace
- consistently refer to builtins as C<foo>, not foo() or C<foo()>
- hyperlink each C<foo> builtin to its section in perlfunc
- replace some occurrences of -w with a reference to the warnings pragma
- refer to listy comma as "list concatenation" because that's what it
does
- consistently hyperlink references to external programs (L<touch(1)>),
system calls (L<fork(2)>), and library functions (L<fdopen(3)>)
- hyperlink variables to their section in perlvar
- hyperlink the names of modules/pragmas
- hyperlink names of functions provided by modules (where possible)
- consistently use "pragmas", not "pragmata" (there were only two of
those)
- use the same wording for all conditional builtins / features
- -T and -B are file tests, not switches
- remove "see L</open>" (regarding the ':encoding' layer) from
description of binmode because I don't see why it was there
- refer to variables as C<$foo>, not $foo
- hyperlink some error messages to perldiag
- remove & from subroutine calls
- grammar: write "if X, Y" with a comma and "Y if X" without
- use 'my' in examples when introducing new variables
- 'while (', not 'while('
- don't capitalize the next word after a semicolon
- consistently start error messages (die/warn) with "Can't" (not
"can't", "Cannot", or "cannot")
- replace bareword filehandles by normal variables in examples
- add missing ')'
- fix module names: IPC::SysV::Msg -> IPC::Msg, IPC::SysV::Semaphore ->
IPC::Semaphore
- 'open': replace note about binmode with equivalent paragraph from
'binmode' (the one in 'open' claimed unix systems don't need binmode,
which is not true with encodings)
- 'open': delete overly clever example of generating filehandle names in
a recursive function (this is a non-issue with lexical filehandles)
- 'open': instead of running 'perl -V' and looking for the useperlio
line, you can just run 'perl -V:useperlio'
- 'open': mention shell feature of 'yourscript.pl <( other command )',
which makes the only remaining use of 2-arg open redundant
- 'open': sysopen uses different modes than open; they're not "subtly
different" and there's no "may" about it
- 'open': use $fh->autoflush(1) instead of select/$| dance (especially
since the example already loads IO::Handle for no reason)
- 'printf': remove garbled text ("Look for this throught pod")
- change "use locale 'not_characters'" to the correct "use locale
':not_characters'"
- (hopefully) fix inconsistent use of "real filehandle"; use "bareword
filehandle" instead to distinguish from scalar variables / globrefs
- ":encoding" is a layer, not a pragma
- 'readline': actually use readline in examples
- ?...? is no longer valid; use m?...? instead
- 'sort': whether the algorithm is stable has no effect on runtime
complexity, so "That algorithm was not stable, so I<could> go
quadratic" is nonsense
- 'sort': declaring $a/$b as lexicals is an error regardless of strict
- 'sysopen': as far as I can tell the note about depending on fdopen()
is only true for non-PerlIO builds
- 'use': add an example of what 'use Module VERSION' expands to
- add 'select FILEHANDLE' to filehandle related functions
Also touch ext/Pod-Functions/Functions_pm.PL to make it parse
L<C<foo>|...> in the overview paragraphs.
And teach t/porting/podcheck.t about a ton of man pages and some
external modules.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commit accb4364d92e26c20e6a538fc04d1af52a8b94e2 caused regexes to fail
on big-endian systems. It was because I used SvCUR where I should have
been using SvLEN, and was overwriting the final byte of real data with
0, which didn't matter as long as that byte was 0, which in our smokes
on litlle-endian systems, it was.
Further clarification is that inversion lists are stored as UV*, whereas
the scalar handling code is expecting char*. By casting, it all works
out, except that the final byte is kept as a single char NUL. I was
trying to write that final byte as a byte, but by using SvCUR, I was
getting a byte in one of the UVs. With small numbers on a little-endian
system, that byte will be 0 anyway, but not on a big-endian one.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
This is at least a partial patch for [perl #127392], cutting the maximum
memory used on my box from around 8600kB to 7800kB. For [perl #127568],
which has been merged into #127392, the savings are even larger, about
37%
Previously a large number of large mortal SVs could be created while
compiling a single regex pattern, and their accumulated memory quickly
added up. This changes things to not use so many mortals.
|
| |
|
|
|
|
| |
I don't know of any cases where this happens, but in working on the next
commit I triggered a problem with shrinking an inversion list so much
that the required 0 UV at the beginning was freed.
|
| |
|
|
|
| |
Win32CORE.c: In function ‘boot_Win32CORE’:
../../XSUB.h:127:43: warning: unused parameter ‘cv’ [-Wunused-parameter]
|
| | |
|
| | |
|
