-
Notifications
You must be signed in to change notification settings - Fork 529
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
BBC: Crypt-OpenSSL-PKCS10-0.19 triggers "stack smashing detected" #21174
Comments
It should be noted that the CPANtesters results discussed in this ticket and in #19983 are very OS-specific. On FreeBSD-12:
On Linux:
|
It looks like the same problem to me, there's a few places in the code where it calls SvPV() with an I've commented on https://rt.cpan.org/Ticket/Display.html?id=148807 including an example where it produces the stack smashing error with older perls. As to the differences between operating systems: does both of the perls used for those reports on each OS have
The differences may also be due to differences in stack frame layout between compilers (gcc default on linux, clang default on FreeBSD) |
[snip]
FreeBSD-12:
Linux:
|
Again,#20037 (comment) could be applied; but again, the author had to be ignoring important compiler warnings for the situation to arise. |
I made this one crash with 5.32, I hadn't tried for others, but I expect it to be possible to make most of the other modules crash similarly. |
As an FYI I released TIMLEGGE/Crypt-OpenSSL-PKCS10-0.23.tar.gz which fixed the issue in the release version |
Thanks for the update. |
Description
With 1ef9039 the tests for JONOZZZ/Crypt-OpenSSL-PKCS10-0.19.tar.gz were starting to fail. Sample test report with v5.37.2: http://www.cpantesters.org/cpan/report/d7681930-0a87-11ed-a527-47589c44d1b7
Already multiple cases of fails triggered by this commit have been discussed in #19983; somehow the fail of this module seems to have remained undiscovered until now. Or maybe it's just me who has not seen an issue raised.
@khwilliamson would you like to comment?
Steps to Reproduce
cpan -i JONOZZZ/Crypt-OpenSSL-PKCS10-0.19.tar.gz
Expected behavior
Tests should succeed and module should be installed.
Perl configuration
The text was updated successfully, but these errors were encountered: