Permalink
Browse files

[inseparable changes from match from perl-5.003_97h to perl-5.003_97i]

 CORE PORTABILITY

Subject: Provide memset() if it's missing
From: Chip Salzenberg <chip@perl.com>
Files: global.sym perl.h proto.h util.c

Subject: Don't tell GCC that warn(), croak(), and die() are printf-lik
From: Chip Salzenberg <chip@perl.com>
Files: proto.h

 DOCUMENTATION

Subject: FAQ udpate (24-apr-97)
Date: Thu, 24 Apr 1997 16:47:23 -0600 (MDT)
From: Nathan Torkington <gnat@prometheus.frii.com>
Files: pod/perlfaq*.pod

    private-msgid: 199704242247.QAA07010@prometheus.frii.com

 OTHER CORE CHANGES

Subject: Misc. sv_vcatpvfn() fixes
From: Hugo van der Sanden <hv@crypt.compulink.co.uk>
Files: gv.c mg.c op.c perl.c pp.c pp_ctl.c sv.c toke.c util.c

Subject: Enforce order of sprintf() elements
From: Chip Salzenberg <chip@perl.com>
Files: sv.c

Subject: Guard against long numbers, <<LONG_DELIM, and <long glob>
From: Chip Salzenberg <chip@perl.com>
Files: global.sym mg.c perl.c pod/perldiag.pod proto.h toke.c util.c

Subject: Guard against C<goto> to deeply nested label
From: Chip Salzenberg <chip@perl.com>
Files: pod/perldiag.pod pp_ctl.c

Subject: Guard against overflow in dup2() emulation
From: Chip Salzenberg <chip@perl.com>
Files: util.c

Subject: Win32: Guard against long function names
From: Chip Salzenberg <chip@perl.com>
Files: win32/win32sck.c

Subject: Make mess() always work, by using a non-arena SV
From: Chip Salzenberg <chip@perl.com>
Files: perl.c util.c

Subject: When copying a format line, take only its string value
From: Chip Salzenberg <chip@perl.com>
Files: sv.c

Subject: Fix LEAKTEST numbers
From: Chip Salzenberg <chip@perl.com>
Files: ext/DynaLoader/dl_vms.xs handy.h os2/os2.c util.c vms/vms.c win32/win32.c win32/win32sck.c
  • Loading branch information...
Perl 5 Porters Chip Salzenberg
Perl 5 Porters authored and Chip Salzenberg committed Apr 24, 1997
1 parent 74a7701 commit fc36a67e8855d031b2a6921819d899eb149eee2d
Showing with 1,120 additions and 351 deletions.
  1. +122 −0 Changes
  2. +2 −1 embed.h
  3. +1 −1 ext/DynaLoader/dl_vms.xs
  4. +2 −1 global.sym
  5. +9 −11 gv.c
  6. +5 −1 handy.h
  7. +7 −5 mg.c
  8. +3 −3 op.c
  9. +6 −6 os2/os2.c
  10. +1 −1 patchlevel.h
  11. +58 −35 perl.c
  12. +13 −8 perl.h
  13. +28 −3 pod/perldiag.pod
  14. +6 −1 pod/perlfaq.pod
  15. +7 −6 pod/perlfaq1.pod
  16. +4 −4 pod/perlfaq3.pod
  17. +2 −3 pod/perlfaq4.pod
  18. +2 −3 pod/perlfaq5.pod
  19. +17 −15 pod/perlfaq6.pod
  20. +4 −2 pod/perlfaq7.pod
  21. +388 −1 pod/perlfaq8.pod
  22. +76 −21 pod/perltoc.pod
  23. +1 −1 pp.c
  24. +24 −16 pp_ctl.c
  25. +8 −5 proto.h
  26. +184 −104 sv.c
  27. +41 −24 toke.c
  28. +69 −36 util.c
  29. +22 −22 vms/vms.c
  30. +5 −5 win32/win32.c
  31. +3 −6 win32/win32sck.c
View
122 Changes
@@ -45,6 +45,128 @@ And the Keepers of the Patch Pumpkin:
Chip Salzenberg <chip@perl.com>
+-----------------
+Version 5.003_97i
+-----------------
+
+This patch eliminates all known sources of buffer overflow! (And the
+crowd goes wild. (Yeah.)) Showstoppers only between here and _98.
+
+ CORE LANGUAGE CHANGES
+
+ (no changes)
+
+ CORE PORTABILITY
+
+ Title: "Provide memset() if it's missing"
+ From: Chip Salzenberg
+ Files: global.sym perl.h proto.h util.c
+
+ Title: "Don't tell GCC that warn(), croak(), and die() are printf-lik
+ From: Chip Salzenberg
+ Files: proto.h
+
+ OTHER CORE CHANGES
+
+ Title: "Misc. sv_vcatpvfn() fixes"
+ From: Hugo, Dale, Nick, Hallvard, Chip
+ Files: gv.c mg.c op.c perl.c pp.c pp_ctl.c sv.c toke.c util.c
+
+ Title: "Enforce order of sprintf() elements"
+ From: Chip Salzenberg
+ Files: sv.c
+
+ Title: "Guard against long numbers, <<LONG_DELIM, and <long glob>"
+ From: Chip Salzenberg
+ Files: global.sym mg.c perl.c pod/perldiag.pod proto.h toke.c util.c
+
+ Title: "Guard against C<goto> to deeply nested label"
+ From: Chip Salzenberg
+ Files: pod/perldiag.pod pp_ctl.c
+
+ Title: "Guard against overflow in dup2() emulation"
+ From: Chip Salzenberg
+ Files: util.c
+
+ Title: "Win32: Guard against long function names"
+ From: Chip Salzenberg
+ Files: win32/win32sck.c
+
+ Title: "Make mess() always work, by using a non-arena SV"
+ From: Chip Salzenberg, from idea by Gurusamy Sarathy
+ Files: perl.c util.c
+
+ Title: "Fix scalar leak in pp_prtf()"
+ From: Doug MacEachern
+ Msg-ID: <199704241706.NAA19140@postman.osf.org>
+ Date: Thu, 24 Apr 1997 13:06:21 -0400
+ Files: pp_sys.c
+
+ Title: "When copying a format line, take only its string value"
+ From: Chip Salzenberg
+ Files: sv.c
+
+ Title: "Undo private patch"
+ From: Chip Salzenberg
+ Files: installperl lib/ExtUtils/Install.pm
+
+ Title: "Fix LEAKTEST numbers"
+ From: Chip Salzenberg
+ Files: ext/DynaLoader/dl_vms.xs handy.h os2/os2.c util.c vms/vms.c
+ win32/win32.c win32/win32sck.c
+
+ BUILD PROCESS
+
+ Title: "Cope with a <db.h> that isn't related to DB"
+ From: Jarkko Hietaniemi
+ Msg-ID: <199704241728.UAA09951@alpha.hut.fi>
+ Date: Thu, 24 Apr 1997 20:28:39 +0300 (EET DST)
+ Files: Configure
+
+ LIBRARY AND EXTENSIONS
+
+ Title: "Always NUL-terminate opsets"
+ From: Chip Salzenberg
+ Files: ext/Opcode/Opcode.xs
+
+ Title: "Don't core dump if my_inet_aton() get a NULL"
+ From: Chip Salzenberg
+ Files: ext/Socket/Socket.xs
+
+ Title: "Handle symlinks, high permission bits in File::Path"
+ From: Chip Salzenberg
+ Files: lib/File/Path.pm
+
+ Title: "Math::{Complex,Trig} update"
+ From: Gurusamy Sarathy
+ Msg-ID: <199704242221.BAA30363@alpha.hut.fi>
+ Date: Fri, 25 Apr 1997 01:21:44 +0300 (EET DST)
+ Files: lib/Math/Complex.pm lib/Math/Trig.pm pod/roffitall
+ t/lib/complex.t t/lib/trig.t
+
+ TESTS
+
+ (no other changes)
+
+ UTILITIES
+
+ Title: "Fix buffer overflow in a2p"
+ From: Chip Salzenberg
+ Files: x2p/a2py.c
+
+ DOCUMENTATION
+
+ Title: "FAQ udpate (24-apr-97)"
+ From: Nathan Torkington <gnat@prometheus.frii.com>
+ Msg-ID: <199704242247.QAA07010@prometheus.frii.com>
+ Date: Thu, 24 Apr 1997 16:47:23 -0600 (MDT)
+ Files: pod/perlfaq*.pod
+
+ Title: "Document new {,s}printf() behavior"
+ From: Chip Salzenberg
+ Files: pod/perldelta.pod pod/perlfunc.pod
+
+
-----------------
Version 5.003_97h
-----------------
View
@@ -117,7 +117,6 @@
#define convert Perl_convert
#define cop_seqmax Perl_cop_seqmax
#define cos_amg Perl_cos_amg
-#define cpytill Perl_cpytill
#define croak Perl_croak
#define cryptseen Perl_cryptseen
#define cshlen Perl_cshlen
@@ -138,6 +137,7 @@
#define debstack Perl_debstack
#define debstackptrs Perl_debstackptrs
#define dec_amg Perl_dec_amg
+#define delimcpy Perl_delimcpy
#define deprecate Perl_deprecate
#define di Perl_di
#define die Perl_die
@@ -383,6 +383,7 @@
#define my_htonl Perl_my_htonl
#define my_lstat Perl_my_lstat
#define my_memcmp Perl_my_memcmp
+#define my_memset Perl_my_memset
#define my_ntohl Perl_my_ntohl
#define my_pclose Perl_my_pclose
#define my_popen Perl_my_popen
View
@@ -249,7 +249,7 @@ dl_load_file(filespec, flags)
specdsc.dsc$w_length = strlen(specdsc.dsc$a_pointer);
DLDEBUG(2,PerlIO_printf(PerlIO_stderr(), "\tVMS-ified filespec is %s\n",
specdsc.dsc$a_pointer));
- New(7901,dlptr,1,struct libref);
+ New(1399,dlptr,1,struct libref);
dlptr->name.dsc$b_dtype = dlptr->defspec.dsc$b_dtype = DSC$K_DTYPE_T;
dlptr->name.dsc$b_class = dlptr->defspec.dsc$b_class = DSC$K_CLASS_S;
sts = sys$filescan(&specdsc,namlst,0);
View
@@ -360,7 +360,6 @@ ck_subr
ck_svconst
ck_trunc
convert
-cpytill
croak
cv_ckproto
cv_clone
@@ -374,6 +373,7 @@ debop
debprofdump
debstack
debstackptrs
+delimcpy
deprecate
die
die_where
@@ -555,6 +555,7 @@ my_failure_exit
my_htonl
my_lstat
my_memcmp
+my_memset
my_ntohl
my_pclose
my_popen
View
20 gv.c
@@ -275,8 +275,8 @@ I32 autoload;
--nsplit;
if ((nsplit - origname) == 5 && strnEQ(origname, "SUPER", 5)) {
/* ->SUPER::method should really be looked up in original stash */
- SV *tmpstr = sv_2mortal(newSVpv(HvNAME(curcop->cop_stash), 0));
- sv_catpvn(tmpstr, "::SUPER", 7);
+ SV *tmpstr = sv_2mortal(newSVpvf("%s::SUPER",
+ HvNAME(curcop->cop_stash)));
stash = gv_stashpvn(SvPVX(tmpstr), SvCUR(tmpstr), TRUE);
DEBUG_o( deb("Treating %s as %s::%s\n",
origname, HvNAME(stash), name) );
@@ -1179,13 +1179,11 @@ int flags;
case copy_amg:
{
SV* ref=SvRV(left);
- if (!SvROK(ref) && SvTYPE(ref) <= SVt_PVMG) { /* Just to be
- * extra
- * causious,
- * maybe in some
- * additional
- * cases sv_setsv
- * is safe too */
+ if (!SvROK(ref) && SvTYPE(ref) <= SVt_PVMG) {
+ /*
+ * Just to be extra cautious. Maybe in some
+ * additional cases sv_setsv is safe, too.
+ */
SV* newref = newSVsv(ref);
SvOBJECT_on(newref);
SvSTASH(newref) = (HV*)SvREFCNT_inc(SvSTASH(ref));
@@ -1242,7 +1240,7 @@ int flags;
&& !(flags & AMGf_unary)) {
/* We look for substitution for
* comparison operations and
- * concatendation */
+ * concatenation */
if (method==concat_amg || method==concat_ass_amg
|| method==repeat_amg || method==repeat_ass_amg) {
return NULL; /* Delegate operation to string conversion */
@@ -1298,7 +1296,7 @@ int flags;
if (amtp && amtp->fallback >= AMGfallYES) {
DEBUG_o( deb("%s", SvPVX(msg)) );
} else {
- croak("%S", msg);
+ croak("%_", msg);
}
return NULL;
}
View
@@ -130,6 +130,10 @@ typedef unsigned short U16;
# define U32_MIN PERL_ULONG_MIN
#endif
+#define BIT_DIGITS(N) (((N)*146)/485 + 1) /* log2(10) =~ 146/485 */
+#define TYPE_DIGITS(T) BIT_DIGITS(sizeof(T) * 8)
+#define TYPE_CHARS(T) (TYPE_DIGITS(T) + 2) /* sign, NUL */
+
#define Ctl(ch) ((ch) & 037)
#define strNE(s1,s2) (strcmp(s1,s2))
@@ -277,7 +281,7 @@ typedef U16 line_t;
#define Safefree(d) safexfree((Malloc_t)d)
#define NEWSV(x,len) newSV(x,len)
-#define MAXXCOUNT 1200
+#define MAXXCOUNT 1400
long xcount[MAXXCOUNT];
long lastxcount[MAXXCOUNT];
View
12 mg.c
@@ -531,18 +531,18 @@ MAGIC *mg;
break;
case '(':
sv_setiv(sv, (IV)gid);
- sv_setpvf(sv, "%vd", (IV)gid);
+ sv_setpvf(sv, "%Vd", (IV)gid);
goto add_groups;
case ')':
sv_setiv(sv, (IV)egid);
- sv_setpvf(sv, "%vd", (IV)egid);
+ sv_setpvf(sv, "%Vd", (IV)egid);
add_groups:
#ifdef HAS_GETGROUPS
{
Groups_t gary[NGROUPS];
i = getgroups(NGROUPS,gary);
while (--i >= 0)
- sv_catpvf(sv, " %vd", (IV)gary[i]);
+ sv_catpvf(sv, " %Vd", (IV)gary[i]);
}
#endif
SvIOK_on(sv); /* what a wonderful hack! */
@@ -627,9 +627,11 @@ MAGIC* mg;
while (s < strend) {
struct stat st;
- s = cpytill(tokenbuf, s, strend, ':', &i);
+ s = delimcpy(tokenbuf, tokenbuf + sizeof tokenbuf,
+ s, strend, ':', &i);
s++;
- if (*tokenbuf != '/'
+ if (i >= sizeof tokenbuf /* too long -- assume the worst */
+ || *tokenbuf != '/'
|| (Stat(tokenbuf, &st) == 0 && (st.st_mode & 2)) ) {
MgTAINTEDDIR_on(mg);
return 0;
View
6 op.c
@@ -3153,15 +3153,15 @@ char* p;
gv_efullname3(name = sv_newmortal(), gv, Nullch);
sv_setpv(msg, "Prototype mismatch:");
if (name)
- sv_catpvf(msg, " sub %S", name);
+ sv_catpvf(msg, " sub %_", name);
if (SvPOK(cv))
sv_catpvf(msg, " (%s)", SvPVX(cv));
sv_catpv(msg, " vs ");
if (p)
sv_catpvf(msg, "(%s)", p);
else
sv_catpv(msg, "none");
- warn("%S", msg);
+ warn("%_", msg);
}
}
@@ -3348,7 +3348,7 @@ OP *block;
CV *cv;
HV *hv;
- sv_setpvf(sv, "%S:%ld-%ld",
+ sv_setpvf(sv, "%_:%ld-%ld",
GvSV(curcop->cop_filegv),
(long)subline, (long)curcop->cop_line);
gv_efullname3(tmpstr, gv, Nullch);
View
@@ -55,7 +55,7 @@ get_sysinfo(ULONG pid, ULONG flags)
char *pbuffer;
ULONG rc, buf_len = QSS_INI_BUFFER;
- New(1022, pbuffer, buf_len, char);
+ New(1322, pbuffer, buf_len, char);
/* QSS_PROCESS | QSS_MODULE | QSS_SEMAPHORES | QSS_SHARED */
rc = QuerySysState(flags, pid, pbuffer, buf_len);
while (rc == ERROR_BUFFER_OVERFLOW) {
@@ -208,7 +208,7 @@ register SV **sp;
int flag = P_WAIT, trueflag, err, secondtry = 0;
if (sp > mark) {
- New(401,Argv, sp - mark + 3, char*);
+ New(1301,Argv, sp - mark + 3, char*);
a = Argv;
if (mark < sp && SvNIOKp(*(mark+1)) && !SvPOKp(*(mark+1))) {
@@ -321,7 +321,7 @@ int execf;
if (strnEQ(cmd,"/bin/sh",7) && isSPACE(cmd[7])) {
STRLEN l = strlen(sh_path);
- New(4545, news, strlen(cmd) - 7 + l, char);
+ New(1302, news, strlen(cmd) - 7 + l, char);
strcpy(news, sh_path);
strcpy(news + l, cmd + 7);
cmd = news;
@@ -367,7 +367,7 @@ int execf;
}
}
- New(402,Argv, (s - cmd) / 2 + 2, char*);
+ New(1303,Argv, (s - cmd) / 2 + 2, char*);
Cmd = savepvn(cmd, s-cmd);
a = Argv;
for (s = Cmd; *s;) {
@@ -1149,15 +1149,15 @@ Perl_OS2_init(char **env)
environ = env;
}
if ( (shell = getenv("PERL_SH_DRIVE")) ) {
- New(404, sh_path, strlen(SH_PATH) + 1, char);
+ New(1304, sh_path, strlen(SH_PATH) + 1, char);
strcpy(sh_path, SH_PATH);
sh_path[0] = shell[0];
} else if ( (shell = getenv("PERL_SH_DIR")) ) {
int l = strlen(shell), i;
if (shell[l-1] == '/' || shell[l-1] == '\\') {
l--;
}
- New(404, sh_path, l + 8, char);
+ New(1304, sh_path, l + 8, char);
strncpy(sh_path, shell, l);
strcpy(sh_path + l, "/sh.exe");
for (i = 0; i < l; i++) {
View
@@ -38,7 +38,7 @@
*/
static char *local_patches[] = {
NULL
- ,"Dev97A-H - Eight development patches to 5.003_97"
+ ,"Dev97A-I - Nine development patches to 5.003_97"
,NULL
};
Oops, something went wrong.

0 comments on commit fc36a67

Please sign in to comment.