Change 26760: Avoid possible dereference of NULL in the initialization of PL_origalen.

[Gisle Aas]

Change 26760 by [EMAIL PROTECTED] on 2006/01/10 08:58:21

        Avoid possible dereference of NULL in the initialization of PL_origalen.
        This can only happen when perlparse is called with no argv.
        Don't try to update PL_origargv unless PL_origalen is at least 2.

Affected files ...

... //depot/perl/mg.c#398 edit
... //depot/perl/perl.c#702 edit

Differences ...

==== //depot/perl/mg.c#398 (text) ====
Index: perl/mg.c
--- perl/mg.c#397~26708~        2006-01-08 04:27:29.000000000 -0800
+++ perl/mg.c   2006-01-10 00:58:21.000000000 -0800
@@ -2568,28 +2568,30 @@
             pstat(PSTAT_SETCMD, un, len, 0, 0);
        }
 #endif
-       /* PL_origalen is set in perl_parse(). */
-       s = SvPV_force(sv,len);
-       if (len >= (STRLEN)PL_origalen-1) {
-           /* Longer than original, will be truncated. We assume that
-             * PL_origalen bytes are available. */
-           Copy(s, PL_origargv[0], PL_origalen-1, char);
-       }
-       else {
-           /* Shorter than original, will be padded. */
-           Copy(s, PL_origargv[0], len, char);
-           PL_origargv[0][len] = 0;
-           memset(PL_origargv[0] + len + 1,
-                  /* Is the space counterintuitive?  Yes.
-                   * (You were expecting \0?)  
-                   * Does it work?  Seems to.  (In Linux 2.4.20 at least.)
-                   * --jhi */
-                  (int)' ',
-                  PL_origalen - len - 1);
+       if (PL_origalen > 1) {
+           /* PL_origalen is set in perl_parse(). */
+           s = SvPV_force(sv,len);
+           if (len >= (STRLEN)PL_origalen-1) {
+               /* Longer than original, will be truncated. We assume that
+                * PL_origalen bytes are available. */
+               Copy(s, PL_origargv[0], PL_origalen-1, char);
+           }
+           else {
+               /* Shorter than original, will be padded. */
+               Copy(s, PL_origargv[0], len, char);
+               PL_origargv[0][len] = 0;
+               memset(PL_origargv[0] + len + 1,
+                      /* Is the space counterintuitive?  Yes.
+                       * (You were expecting \0?)  
+                       * Does it work?  Seems to.  (In Linux 2.4.20 at least.)
+                       * --jhi */
+                      (int)' ',
+                      PL_origalen - len - 1);
+           }
+           PL_origargv[0][PL_origalen-1] = 0;
+           for (i = 1; i < PL_origargc; i++)
+               PL_origargv[i] = 0;
        }
-       PL_origargv[0][PL_origalen-1] = 0;
-       for (i = 1; i < PL_origargc; i++)
-           PL_origargv[i] = 0;
        UNLOCK_DOLLARZERO_MUTEX;
        break;
 #endif

==== //depot/perl/perl.c#702 (text) ====
Index: perl/perl.c
--- perl/perl.c#701~26675~      2006-01-06 07:50:34.000000000 -0800
+++ perl/perl.c 2006-01-10 00:58:21.000000000 -0800
@@ -1487,7 +1487,7 @@
              }
         }
         /* Can we grab env area too to be used as the area for $0? */
-        if (PL_origenviron) {
+        if (s && PL_origenviron) {
              if ((PL_origenviron[0] == s + 1
 #ifdef OS2
                   || (PL_origenviron[0] == s + 9 && (s += 8))
@@ -1523,7 +1523,7 @@
                   }
              }
         }
-        PL_origalen = s - PL_origargv[0] + 1;
+        PL_origalen = s ? s - PL_origargv[0] + 1 : 0;
     }
 
     if (PL_do_undump) {
End of Patch.