From a0f4e270b14b13781a0f1ecc6bc06fd672e4067c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppi...@redhat.com>
Date: Tue, 12 Jul 2016 12:50:33 +0200
Subject: Fix a crash in lexical scope warnings
---
...2-perl-128597-Crash-from-gp_free-ckWARN_d.patch | 101 +++++++++++++++++++++
perl.spec | 10 +-
2 files changed, 110 insertions(+), 1 deletion(-)
create mode 100644 perl-5.22.2-perl-128597-Crash-from-gp_free-ckWARN_d.patch
diff --git a/perl-5.22.2-perl-128597-Crash-from-gp_free-ckWARN_d.patch
b/perl-5.22.2-perl-128597-Crash-from-gp_free-ckWARN_d.patch
new file mode 100644
index 0000000..9eed744
--- /dev/null
+++ b/perl-5.22.2-perl-128597-Crash-from-gp_free-ckWARN_d.patch
@@ -0,0 +1,101 @@
+From 31321d9c337d50cc8ead96ffacc82c90999ecef0 Mon Sep 17 00:00:00 2001
+From: Father Chrysostomos <spr...@cpan.org>
+Date: Mon, 11 Jul 2016 14:49:17 -0700
+Subject: [PATCH] Crash from gp_free/ckWARN_d
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Ported to 5.22.2:
+
+commit a2637ca0a3fec01b80d7ea5ba62802354fd5e6f3
+Author: Father Chrysostomos <spr...@cpan.org>
+Date: Mon Jul 11 14:49:17 2016 -0700
+
+ [perl #128597] Crash from gp_free/ckWARN_d
+
+ See the explanation in the test added and in the RT ticket.
+
+ The solution is to make the warn macros check that PL_curcop
+ is non-null.
+
+Signed-off-by: Petr Písař <ppi...@redhat.com>
+---
+ regen/warnings.pl | 6 ++++--
+ t/op/gv.t | 18 +++++++++++++++++-
+ warnings.h | 6 ++++--
+ 3 files changed, 25 insertions(+), 5 deletions(-)
+
+diff --git a/regen/warnings.pl b/regen/warnings.pl
+index 694cb03..85e6d5a 100644
+--- a/regen/warnings.pl
++++ b/regen/warnings.pl
+@@ -362,8 +362,10 @@ EOM
+
+ print $warn <<'EOM';
+
+-#define isLEXWARN_on (PL_curcop->cop_warnings != pWARN_STD)
+-#define isLEXWARN_off (PL_curcop->cop_warnings == pWARN_STD)
++#define isLEXWARN_on \
++ (PL_curcop && PL_curcop->cop_warnings != pWARN_STD)
++#define isLEXWARN_off \
++ (!PL_curcop || PL_curcop->cop_warnings == pWARN_STD)
+ #define isWARN_ONCE (PL_dowarn & (G_WARN_ON|G_WARN_ONCE))
+ #define isWARN_on(c,x) (IsSet((U8 *)(c + 1), 2*(x)))
+ #define isWARNf_on(c,x) (IsSet((U8 *)(c + 1), 2*(x)+1))
+diff --git a/t/op/gv.t b/t/op/gv.t
+index 2c9cc64..0cb8ebe 100644
+--- a/t/op/gv.t
++++ b/t/op/gv.t
+@@ -12,7 +12,7 @@ BEGIN {
+
+ use warnings;
+
+-plan(tests => 276 );
++plan(tests => 277 );
+
+ # type coercion on assignment
+ $foo = 'foo';
+@@ -1150,6 +1150,22 @@ pass "No crash due to CvGV pointing to glob copy in the
stash";
+ is($c_125840, 1, 'RT #125840: $c=$d');
+ }
+
++# [perl #128597] Crash when gp_free calls ckWARN_d
++# I am not sure this test even belongs in this file, as the crash was the
++# result of various features interacting. But a call to ckWARN_d from
++# gv.c:gp_free triggered the crash, so this seems as good a place as any.
++# ‘die’ (or any abnormal scope exit) can cause the current cop to be freed,
++# if the subroutine containing the ‘die’ gets freed as a result. That
++# causes PL_curcop to be set to NULL. If a writable handle gets freed
++# while PL_curcop is NULL, then gp_free will call ckWARN_d while that con-
++# dition still holds, so ckWARN_d needs to know about PL_curcop possibly
++# being NULL.
++SKIP: {
++ skip_if_miniperl("No PerlIO::scalar on miniperl", 1);
++ runperl(prog => 'open my $fh, q|>|, \$buf;'
++ .'my $sub = eval q|sub {exit 0}|; $sub->()');
++ is ($? & 127, 0,"[perl #128597] No crash when gp_free calls ckWARN_d");
++}
+
+ __END__
+ Perl
+diff --git a/warnings.h b/warnings.h
+index 24fe243..b0a0eb4 100644
+--- a/warnings.h
++++ b/warnings.h
+@@ -117,8 +117,10 @@
+ #define WARN_ALLstring
"\125\125\125\125\125\125\125\125\125\125\125\125\125\125\125\125\125"
+ #define WARN_NONEstring
"\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
+
+-#define isLEXWARN_on (PL_curcop->cop_warnings != pWARN_STD)
+-#define isLEXWARN_off (PL_curcop->cop_warnings == pWARN_STD)
++#define isLEXWARN_on \
++ (PL_curcop && PL_curcop->cop_warnings != pWARN_STD)
++#define isLEXWARN_off \
++ (!PL_curcop || PL_curcop->cop_warnings == pWARN_STD)
+ #define isWARN_ONCE (PL_dowarn & (G_WARN_ON|G_WARN_ONCE))
+ #define isWARN_on(c,x) (IsSet((U8 *)(c + 1), 2*(x)))
+ #define isWARNf_on(c,x) (IsSet((U8 *)(c + 1), 2*(x)+1))
+--
+2.7.4
+
diff --git a/perl.spec b/perl.spec
index 86a4d04..13132a2 100644
--- a/perl.spec
+++ b/perl.spec
@@ -29,7 +29,7 @@
Name: perl
Version: %{perl_version}
# release number must be even higher, because dual-lived modules will be
broken otherwise
-Release: 362%{?dist}
+Release: 363%{?dist}
Epoch: %{perl_epoch}
Summary: Practical Extraction and Report Language
Group: Development/Languages
@@ -103,6 +103,9 @@ Patch30:
perl-5.25.2-Don-t-let-XSLoader-load-relative-paths.patch
# in upstream after 5.22.3
Patch31: perl-5.22.2-CVE-2016-1238-maint-5.22-dot-in-inc.patch
+# Fix a crash in lexical scope warnings, RT#128597, in upstream after 5.25.2
+Patch32: perl-5.22.2-perl-128597-Crash-from-gp_free-ckWARN_d.patch
+
# Link XS modules to libperl.so with EU::CBuilder on Linux, bug #960048
Patch200:
perl-5.16.3-Link-XS-modules-to-libperl.so-with-EU-CBuilder-on-Li.patch
@@ -2375,6 +2378,7 @@ Perl extension for Version Objects
%patch29 -p1
%patch30 -p1
%patch31 -p1
+%patch32 -p1
%patch200 -p1
%patch201 -p1
@@ -2398,6 +2402,7 @@ perl -x patchlevel.h \
'Fedora Patch29: Fix duplicating PerlIO::encoding when spawning threads
(RT#31923)' \
'Fedora Patch30: Do not let XSLoader load relative paths (CVE-2016-6185)' \
'Fedora Patch31: Avoid loading optional modules from default .
(CVE-2016-1238)' \
+ 'Fedora Patch32: Fix a crash in lexical scope warnings (RT#128597)' \
'Fedora Patch200: Link XS modules to libperl.so with EU::CBuilder on
Linux' \
'Fedora Patch201: Link XS modules to libperl.so with EU::MM on Linux' \
%{nil}
@@ -4650,6 +4655,9 @@ popd
# Old changelog entries are preserved in CVS.
%changelog
+* Fri Nov 04 2016 Petr Pisar <ppi...@redhat.com> - 4:5.22.2-363
+- Fix a crash in lexical scope warnings (RT#128597)
+
* Wed Aug 03 2016 Jitka Plesnikova <jples...@redhat.com> - 4:5.22.2-362
- Avoid loading optional modules from default . (CVE-2016-1238)
--
cgit v0.12
http://pkgs.fedoraproject.org/cgit/perl.git/commit/?h=f24&id=a0f4e270b14b13781a0f1ecc6bc06fd672e4067c
_______________________________________________
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
