In perl.git, the branch maint-5.26 has been updated <https://perl5.git.perl.org/perl.git/commitdiff/92583df5dc9b9edbcd4a9649f753e180b9729590?hp=adf1b5d28a4fd0e20bbbb72cab062fdd520cb065>
- Log ----------------------------------------------------------------- commit 92583df5dc9b9edbcd4a9649f753e180b9729590 Author: Steve Hay <[email protected]> Date: Wed Nov 28 21:39:02 2018 +0000 Update perldelta Acknowledgements commit 1c6b38711fd6e33e1305d39081a7ed6977e2dadb Author: Steve Hay <[email protected]> Date: Wed Nov 28 21:26:15 2018 +0000 5.26.3 and 5.28.1 tomorrow commit 7ac2e2636ceeb58867009d1dd2003f68067a8f4b Author: Steve Hay <[email protected]> Date: Wed Nov 28 21:24:12 2018 +0000 Fix Module::CoreList's %released date commit a2c1ffa15f961c366d9a2df6eb9a50b7974a9bbb Author: Steve Hay <[email protected]> Date: Wed Nov 28 21:19:40 2018 +0000 Disarm patchlevel.h and regen META.json commit 70ab498efd84cc716e3fa5e466aa6d324a0d905a Author: Steve Hay <[email protected]> Date: Wed Nov 7 21:24:58 2018 +0000 Update META.json commit ee757a824508abefa403fcfa8e58ebd319933062 Author: Steve Hay <[email protected]> Date: Wed Nov 7 21:24:46 2018 +0000 Bump to RC1 commit b9de8c10f90b3a2559572b35083d7004790ff6aa Author: Steve Hay <[email protected]> Date: Wed Nov 7 21:22:30 2018 +0000 5.26.3-RC1 and 5.28.1-RC1 tomorrow commit 0bc12356d67c62981b31589495b8981bf9b5c868 Author: Steve Hay <[email protected]> Date: Wed Nov 7 21:17:51 2018 +0000 Finalize perldelta commit b1f92e56d2e54dea1e73475cbc081c03f68ef643 Author: Steve Hay <[email protected]> Date: Wed Nov 7 21:10:42 2018 +0000 perldelta - Updates for security fixes and diagnostics commit 87e6afe6bc167de5f4fb64f30cbff214c822d4a8 Author: Steve Hay <[email protected]> Date: Wed Nov 7 19:53:00 2018 +0000 Bump proposed release date to avoid Thanksgiving and Black Friday commit efde7f69b99267510d3081a5b6af82f70d6c7084 Author: Steve Hay <[email protected]> Date: Tue Nov 6 22:33:35 2018 +0000 perldelta - Remove boilerplate stuff TODO: Security fixes, diagnostics, bug fixes, acknowledgements commit f80676d68a619efe61cf73725ed2f2fd94300ccc Author: Steve Hay <[email protected]> Date: Tue Nov 6 22:20:03 2018 +0000 Porting\corelist.pl update for new Module::CoreList::TieHashDelta $VERSION commit 874b9b4313b413d0d01bb798f7ac44598d72f026 Author: Steve Hay <[email protected]> Date: Tue Nov 6 21:59:28 2018 +0000 perldelta - Update Modules and Pragmata section commit 87e6a0e620daae772450f6652f31173bfce48c34 Author: Steve Hay <[email protected]> Date: Tue Nov 6 21:46:56 2018 +0000 maint-5.26 still has Module::CoreList::TieHashDelta! Set its $VERSION commit dabe076af345ab4512ea80245b4e4cd7ec0996cd Author: Yves Orton <[email protected]> Date: Mon Jun 26 13:19:55 2017 +0200 fix #131649 - extended charclass can trigger assert The extended charclass parser makes some assumptions during the first pass which are only true on well structured input, and it does not properly catch various errors. later on the code assumes that things the first pass will let through are valid, when in fact they should trigger errors. (cherry picked from commit 19a498a461d7c81ae3507c450953d1148efecf4f) commit c1c28ce6ba90ee05aa96b11ad551a6063680f3b9 Author: Karl Williamson <[email protected]> Date: Sat Mar 25 15:00:22 2017 -0600 regcomp.c: Convert some strchr to memchr This allows things to work properly in the face of embedded NULs. See the branch merge message for more information. (cherry picked from commit 43b2f4ef399e2fd7240b4eeb0658686ad95f8e62) commit 5dfd9842f2802803604cf517016d4d0518226006 Author: Karl Williamson <[email protected]> Date: Mon Sep 24 11:54:41 2018 -0600 PATCH: [perl #133423] for 5.26 maint commit 5737d31aac51360cc1eb412ef059e36147c9d6d6 Author: David Mitchell <[email protected]> Date: Fri Jun 29 13:37:03 2018 +0100 Perl_my_setenv(); handle integer wrap RT #133204 Wean this function off int/I32 and onto UV/Size_t. Also, replace all malloc-ish calls with a wrapper that does overflow checks, In particular, it was doing (nlen + vlen + 2) which could wrap when the combined length of the environment variable name and value exceeded around 0x7fffffff. The wrapper check function is probably overkill, but belt and braces... NB this function has several variant parts, #ifdef'ed by platform type; I have blindly changed the parts that aren't compiled under linux. (cherry picked from commit 34716e2a6ee2af96078d62b065b7785c001194be) ----------------------------------------------------------------------- Summary of changes: dist/Module-CoreList/Changes | 2 +- dist/Module-CoreList/lib/Module/CoreList.pm | 9 +- .../lib/Module/CoreList/TieHashDelta.pm | 2 +- dist/Module-CoreList/lib/Module/CoreList/Utils.pm | 2 +- pod/perldelta.pod | 358 ++++----------------- pod/perldiag.pod | 27 +- pod/perlhist.pod | 4 + pod/perlrecharclass.pod | 4 +- regcomp.c | 40 ++- t/lib/warnings/regcomp | 6 +- t/re/reg_mesg.t | 33 +- t/re/regex_sets.t | 6 +- util.c | 76 +++-- 13 files changed, 214 insertions(+), 355 deletions(-) diff --git a/dist/Module-CoreList/Changes b/dist/Module-CoreList/Changes index de7ca36614..e2e19870a7 100644 --- a/dist/Module-CoreList/Changes +++ b/dist/Module-CoreList/Changes @@ -1,4 +1,4 @@ -5.20181122_26 +5.20181129_26 - Updated for v5.26.3 5.20181020 diff --git a/dist/Module-CoreList/lib/Module/CoreList.pm b/dist/Module-CoreList/lib/Module/CoreList.pm index 3f9ec3769e..5a12c20e0e 100644 --- a/dist/Module-CoreList/lib/Module/CoreList.pm +++ b/dist/Module-CoreList/lib/Module/CoreList.pm @@ -3,7 +3,7 @@ use strict; use vars qw/$VERSION %released %version %families %upstream %bug_tracker %deprecated %delta/; use version; -$VERSION = '5.20181122_26'; +$VERSION = '5.20181129_26'; sub _undelta { my ($delta) = @_; @@ -345,7 +345,7 @@ sub changes_between { 5.029002 => '2018-08-20', 5.029003 => '2018-09-20', 5.029004 => '2018-10-20', - 5.026003 => '2018-11-22', + 5.026003 => '2018-11-29', ); for my $version ( sort { $a <=> $b } keys %released ) { @@ -15826,8 +15826,9 @@ for my $version ( sort { $a <=> $b } keys %released ) { 'Archive::Tar' => '2.24_01', 'B::Op_private' => '5.026003', 'Config' => '5.026003', - 'Module::CoreList' => '5.20181122_26', - 'Module::CoreList::Utils'=> '5.20181122_26', + 'Module::CoreList' => '5.20181129_26', + 'Module::CoreList::TieHashDelta'=> '5.20181129_26', + 'Module::CoreList::Utils'=> '5.20181129_26', }, removed => { } diff --git a/dist/Module-CoreList/lib/Module/CoreList/TieHashDelta.pm b/dist/Module-CoreList/lib/Module/CoreList/TieHashDelta.pm index 311c35541b..5e48cf0d9e 100644 --- a/dist/Module-CoreList/lib/Module/CoreList/TieHashDelta.pm +++ b/dist/Module-CoreList/lib/Module/CoreList/TieHashDelta.pm @@ -3,7 +3,7 @@ package Module::CoreList::TieHashDelta; use strict; use vars qw($VERSION); -$VERSION = '5.20180414_26'; +$VERSION = '5.20181129_26'; sub TIEHASH { my ($class, $changed, $removed, $parent) = @_; diff --git a/dist/Module-CoreList/lib/Module/CoreList/Utils.pm b/dist/Module-CoreList/lib/Module/CoreList/Utils.pm index 59d6749c14..a6cc2e5c9f 100644 --- a/dist/Module-CoreList/lib/Module/CoreList/Utils.pm +++ b/dist/Module-CoreList/lib/Module/CoreList/Utils.pm @@ -5,7 +5,7 @@ use warnings; use vars qw[$VERSION %utilities]; use Module::CoreList; -$VERSION = '5.20181122_26'; +$VERSION = '5.20181129_26'; sub utilities { my $perl = shift; diff --git a/pod/perldelta.pod b/pod/perldelta.pod index b7306d8a0f..bc94ddfbc0 100644 --- a/pod/perldelta.pod +++ b/pod/perldelta.pod @@ -2,9 +2,6 @@ =head1 NAME -[ this is a template for a new perldelta file. Any text flagged as XXX needs -to be processed before release. ] - perldelta - what is new for perl v5.26.3 =head1 DESCRIPTION @@ -15,150 +12,66 @@ release. If you are upgrading from an earlier release such as 5.26.1, first read L<perl5262delta>, which describes differences between 5.26.1 and 5.26.2. -=head1 Notice - -XXX Any important notices here - -=head1 Core Enhancements - -XXX New core language features go here. Summarize user-visible core language -enhancements. Particularly prominent performance optimisations could go -here, but most should go in the L</Performance Enhancements> section. - -[ List each enhancement as a =head2 entry ] - =head1 Security -XXX Any security-related notices go here. In particular, any security -vulnerabilities closed should be noted here rather than in the -L</Selected Bug Fixes> section. - -[ List each security issue as a =head2 entry ] +=head2 [CVE-2018-12015] Directory traversal in module Archive::Tar -=head1 Incompatible Changes +By default, L<Archive::Tar> doesn't allow extracting files outside the current +working directory. However, this secure extraction mode could be bypassed by +putting a symlink and a regular file with the same name into the tar file. -XXX For a release on a stable branch, this section aspires to be: +L<[perl #133250]|https://rt.perl.org/Ticket/Display.html?id=133250> +L<[cpan #125523]|https://rt.cpan.org/Ticket/Display.html?id=125523> - There are no changes intentionally incompatible with 5.XXX.XXX - If any exist, they are bugs, and we request that you submit a - report. See L</Reporting Bugs> below. +=head2 [CVE-2018-18311] Integer overflow leading to buffer overflow and segmentation fault -[ List each incompatible change as a =head2 entry ] +Integer arithmetic in C<Perl_my_setenv()> could wrap when the combined length +of the environment variable name and value exceeded around 0x7fffffff. This +could lead to writing beyond the end of an allocated buffer with attacker +supplied data. -=head1 Deprecations +L<[perl #133204]|https://rt.perl.org/Ticket/Display.html?id=133204> -XXX Any deprecated features, syntax, modules etc. should be listed here. +=head2 [CVE-2018-18312] Heap-buffer-overflow write in S_regatom (regcomp.c) -=head2 Module removals +A crafted regular expression could cause heap-buffer-overflow write during +compilation, potentially allowing arbitrary code execution. -XXX Remove this section if inapplicable. +L<[perl #133423]|https://rt.perl.org/Ticket/Display.html?id=133423> -The following modules will be removed from the core distribution in a -future release, and will at that time need to be installed from CPAN. -Distributions on CPAN which require these modules will need to list them as -prerequisites. +=head2 [CVE-2018-18313] Heap-buffer-overflow read in S_grok_bslash_N (regcomp.c) -The core versions of these modules will now issue C<"deprecated">-category -warnings to alert you to this fact. To silence these deprecation warnings, -install the modules in question from CPAN. +A crafted regular expression could cause heap-buffer-overflow read during +compilation, potentially leading to sensitive information being leaked. -Note that these are (with rare exceptions) fine modules that you are encouraged -to continue to use. Their disinclusion from core primarily hinges on their -necessity to bootstrapping a fully functional, CPAN-capable Perl installation, -not usually on concerns over their design. +L<[perl #133192]|https://rt.perl.org/Ticket/Display.html?id=133192> -=over +=head2 [CVE-2018-18314] Heap-buffer-overflow write in S_regatom (regcomp.c) -=item XXX +A crafted regular expression could cause heap-buffer-overflow write during +compilation, potentially allowing arbitrary code execution. -XXX Note that deprecated modules should be listed here even if they are listed -as an updated module in the L</Modules and Pragmata> section. - -=back +L<[perl #131649]|https://rt.perl.org/Ticket/Display.html?id=131649> -[ List each other deprecation as a =head2 entry ] - -=head1 Performance Enhancements - -XXX Changes which enhance performance without changing behaviour go here. -There may well be none in a stable release. - -[ List each enhancement as a =item entry ] - -=over 4 - -=item * +=head1 Incompatible Changes -XXX - -=back +There are no changes intentionally incompatible with 5.26.2. If any exist, +they are bugs, and we request that you submit a report. See +L</Reporting Bugs> below. =head1 Modules and Pragmata -XXX All changes to installed files in F<cpan/>, F<dist/>, F<ext/> and F<lib/> -go here. If Module::CoreList is updated, generate an initial draft of the -following sections using F<Porting/corelist-perldelta.pl>. A paragraph summary -for important changes should then be added by hand. In an ideal world, -dual-life modules would have a F<Changes> file that could be cribbed. - -[ Within each section, list entries as a =item entry ] - -=head2 New Modules and Pragmata - -=over 4 - -=item * - -XXX - -=back - =head2 Updated Modules and Pragmata =over 4 =item * -L<XXX> has been upgraded from version A.xx to B.yy. - -=back - -=head2 Removed Modules and Pragmata - -=over 4 +L<Archive::Tar> has been upgraded from version 2.24 to 2.24_01. =item * -XXX - -=back - -=head1 Documentation - -XXX Changes to files in F<pod/> go here. Consider grouping entries by -file and be sure to link to the appropriate page, e.g. L<perlfunc>. - -=head2 New Documentation - -XXX Changes which create B<new> files in F<pod/> go here. - -=head3 L<XXX> - -XXX Description of the purpose of the new file here - -=head2 Changes to Existing Documentation - -XXX Changes which significantly change existing files in F<pod/> go here. -However, any changes to F<pod/perldiag.pod> should go in the L</Diagnostics> -section. - -=head3 L<XXX> - -=over 4 - -=item * - -XXX Description of the change here +L<Module::CoreList> has been upgraded from version 5.20180414_26 to 5.20181129_26. =back @@ -168,217 +81,86 @@ The following additions or changes have been made to diagnostic output, including warnings and fatal error messages. For the complete list of diagnostic messages, see L<perldiag>. -XXX New or changed warnings emitted by the core's C<C> code go here. Also -include any changes in L<perldiag> that reconcile it to the C<C> code. - =head2 New Diagnostics -XXX Newly added diagnostic messages go under here, separated into New Errors -and New Warnings - =head3 New Errors =over 4 =item * -XXX L<message|perldiag/"message"> - -=back - -=head3 New Warnings +L<Unexpected ']' with no following ')' in (?[... in regex; marked by E<lt>-- HERE in mE<sol>%sE<sol>|perldiag/"Unexpected ']' with no following ')' in (?[... in regex; marked by E<lt>-- HERE in mE<sol>%sE<sol>"> -=over 4 +(F) While parsing an extended character class a ']' character was encountered +at a point in the definition where the only legal use of ']' is to close the +character class definition as part of a '])', you may have forgotten the close +paren, or otherwise confused the parser. =item * -XXX L<message|perldiag/"message"> +L<Expecting close paren for nested extended charclass in regex; marked by E<lt>-- HERE in mE<sol>%sE<sol>|perldiag/"Expecting close paren for nested extended charclass in regex; marked by E<lt>-- HERE in mE<sol>%sE<sol>"> -=back +(F) While parsing a nested extended character class like: -=head2 Changes to Existing Diagnostics + (?[ ... (?flags:(?[ ... ])) ... ]) + ^ -XXX Changes (i.e. rewording) of diagnostic messages go here - -=over 4 +we expected to see a close paren ')' (marked by ^) but did not. =item * -XXX Describe change here - -=back - -=head1 Utility Changes +L<Expecting close paren for wrapper for nested extended charclass in regex; marked by E<lt>-- HERE in mE<sol>%sE<sol>|perldiag/"Expecting close paren for wrapper for nested extended charclass in regex; marked by E<lt>-- HERE in mE<sol>%sE<sol>"> -XXX Changes to installed programs such as F<perlbug> and F<xsubpp> go here. -Most of these are built within the directory F<utils>. +(F) While parsing a nested extended character class like: -[ List utility changes as a =head2 entry for each utility and =item -entries for each change -Use L<XXX> with program names to get proper documentation linking. ] + (?[ ... (?flags:(?[ ... ])) ... ]) + ^ -=head2 L<XXX> - -=over 4 - -=item * - -XXX +we expected to see a close paren ')' (marked by ^) but did not. =back -=head1 Configuration and Compilation - -XXX Changes to F<Configure>, F<installperl>, F<installman>, and analogous tools -go here. Any other changes to the Perl build process should be listed here. -However, any platform-specific changes should be listed in the -L</Platform Support> section, instead. - -[ List changes as a =item entry ]. - -=over 4 - -=item * - -XXX - -=back - -=head1 Testing - -XXX Any significant changes to the testing of a freshly built perl should be -listed here. Changes which create B<new> files in F<t/> go here as do any -large changes to the testing harness (e.g. when parallel testing was added). -Changes to existing files in F<t/> aren't worth summarizing, although the bugs -that they represent may be covered elsewhere. - -[ List each test improvement as a =item entry ] - -=over 4 - -=item * - -XXX - -=back - -=head1 Platform Support - -XXX Any changes to platform support should be listed in the sections below. - -[ Within the sections, list each platform as a =item entry with specific -changes as paragraphs below it. ] - -=head2 New Platforms - -XXX List any platforms that this version of perl compiles on, that previous -versions did not. These will either be enabled by new files in the F<hints/> -directories, or new subdirectories and F<README> files at the top level of the -source tree. - -=over 4 - -=item XXX-some-platform - -XXX - -=back - -=head2 Discontinued Platforms - -XXX List any platforms that this version of perl no longer compiles on. - -=over 4 - -=item XXX-some-platform - -XXX - -=back - -=head2 Platform-Specific Notes - -XXX List any changes for specific platforms. This could include configuration -and compilation changes or changes in portability/compatibility. However, -changes within modules for platforms should generally be listed in the -L</Modules and Pragmata> section. - -=over 4 - -=item XXX-some-platform - -XXX - -=back - -=head1 Internal Changes - -XXX Changes which affect the interface available to C<XS> code go here. Other -significant internal changes for future core maintainers should be noted as -well. - -[ List each change as a =item entry ] - -=over 4 - -=item * - -XXX - -=back - -=head1 Selected Bug Fixes - -XXX Important bug fixes in the core language are summarized here. Bug fixes in -files in F<ext/> and F<lib/> are best summarized in L</Modules and Pragmata>. - -[ List each fix as a =item entry ] +=head2 Changes to Existing Diagnostics =over 4 =item * -XXX - -=back - -=head1 Known Problems - -XXX Descriptions of platform agnostic bugs we know we can't fix go here. Any -tests that had to be C<TODO>ed for the release would be noted here. Unfixed -platform specific bugs also go here. - -[ List each fix as a =item entry ] - -=over 4 - -=item * +L<Syntax error in (?[...]) in regex; marked by E<lt>-- HERE in mE<sol>%sE<sol>|perldiag/"Syntax error in (?[...]) in regex; marked by E<lt>-- HERE in mE<sol>%sE<sol>"> -XXX +This fatal error message has been slightly expanded (from "Syntax error in +(?[...]) in regex mE<sol>%sE<sol>") for greater clarity. =back -=head1 Errata From Previous Releases - -=over 4 - -=item * +=head1 Acknowledgements -XXX Add anything here that we forgot to add, or were mistaken about, in -the perldelta of a previous release. +Perl 5.26.3 represents approximately 8 months of development since Perl 5.26.2 +and contains approximately 4,500 lines of changes across 51 files from 15 +authors. -=back +Excluding auto-generated files, documentation and release tools, there were +approximately 770 lines of changes to 10 .pm, .t, .c and .h files. -=head1 Obituary +Perl continues to flourish into its third decade thanks to a vibrant community +of users and developers. The following people are known to have contributed +the improvements that became Perl 5.26.3: -XXX If any significant core contributor has died, we've added a short obituary -here. +Aaron Crane, Abigail, Chris 'BinGOs' Williams, Dagfinn Ilmari Mannsåker, David +Mitchell, H.Merijn Brand, James E Keenan, John SJ Anderson, Karen Etheridge, +Karl Williamson, Sawyer X, Steve Hay, Todd Rinaldo, Tony Cook, Yves Orton. -=head1 Acknowledgements +The list above is almost certainly incomplete as it is automatically generated +from version control history. In particular, it does not include the names of +the (very much appreciated) contributors who reported issues to the Perl bug +tracker. -XXX Generate this with: +Many of the changes included in this version originated in the CPAN modules +included in Perl's core. We're grateful to the entire CPAN community for +helping Perl to flourish. - perl Porting/acknowledgements.pl v5.26.2..HEAD +For a more complete list of all of Perl's historical contributors, please see +the F<AUTHORS> file in the Perl source distribution. =head1 Reporting Bugs diff --git a/pod/perldiag.pod b/pod/perldiag.pod index 106fe41121..c29925a2a4 100644 --- a/pod/perldiag.pod +++ b/pod/perldiag.pod @@ -5904,7 +5904,7 @@ yourself. a perl4 interpreter, especially if the next 2 tokens are "use strict" or "my $var" or "our $var". -=item Syntax error in (?[...]) in regex m/%s/ +=item Syntax error in (?[...]) in regex; marked by <-- HERE in m/%s/ (F) Perl could not figure out what you meant inside this construct; this notifies you that it is giving up trying. @@ -6402,6 +6402,31 @@ to find out why that isn't happening. (F) The unexec() routine failed for some reason. See your local FSF representative, who probably put it there in the first place. +=item Unexpected ']' with no following ')' in (?[... in regex; marked by <-- HERE in m/%s/ + +(F) While parsing an extended character class a ']' character was encountered +at a point in the definition where the only legal use of ']' is to close the +character class definition as part of a '])', you may have forgotten the close +paren, or otherwise confused the parser. + +=item Expecting close paren for nested extended charclass in regex; marked by <-- HERE in m/%s/ + +(F) While parsing a nested extended character class like: + + (?[ ... (?flags:(?[ ... ])) ... ]) + ^ + +we expected to see a close paren ')' (marked by ^) but did not. + +=item Expecting close paren for wrapper for nested extended charclass in regex; marked by <-- HERE in m/%s/ + +(F) While parsing a nested extended character class like: + + (?[ ... (?flags:(?[ ... ])) ... ]) + ^ + +we expected to see a close paren ')' (marked by ^) but did not. + =item Unexpected binary operator '%c' with no preceding operand in regex; marked by S<<-- HERE> in m/%s/ diff --git a/pod/perlhist.pod b/pod/perlhist.pod index 8d52377f71..fc10ad8751 100644 --- a/pod/perlhist.pod +++ b/pod/perlhist.pod @@ -628,6 +628,8 @@ the strings?). Steve 5.26.1 2017-Sep-22 Steve 5.26.2-RC1 2018-Mar-24 Steve 5.26.2 2018-Apr-14 + Steve 5.26.3-RC1 2018-Nov-08 + Steve 5.26.3 2018-Nov-29 Sawyer X 5.27.0 2017-May-31 The 5.27 development track Eric 5.27.1 2017-Jun-20 @@ -647,6 +649,8 @@ the strings?). Sawyer X 5.28.0-RC3 2018-Jun-18 Sawyer X 5.28.0-RC4 2018-Jun-19 Sawyer X 5.28.0 2018-Jun-22 + Steve 5.28.1-RC1 2018-Nov-08 + Steve 5.28.1 2018-Nov-29 Sawyer X 5.29.0 2018-Jun-26 The 5.29 development track Steve 5.29.1 2018-Jul-20 diff --git a/pod/perlrecharclass.pod b/pod/perlrecharclass.pod index 79480e4131..8c008507d1 100644 --- a/pod/perlrecharclass.pod +++ b/pod/perlrecharclass.pod @@ -1128,8 +1128,8 @@ hence both of the following work: Any contained POSIX character classes, including things like C<\w> and C<\D> respect the C<E<sol>a> (and C<E<sol>aa>) modifiers. -C<< (?[ ]) >> is a regex-compile-time construct. Any attempt to use -something which isn't knowable at the time the containing regular +Note that C<< (?[ ]) >> is a regex-compile-time construct. Any attempt +to use something which isn't knowable at the time the containing regular expression is compiled is a fatal error. In practice, this means just three limitations: diff --git a/regcomp.c b/regcomp.c index ca47db7573..ddac290d2b 100644 --- a/regcomp.c +++ b/regcomp.c @@ -12023,7 +12023,8 @@ S_grok_bslash_N(pTHX_ RExC_state_t *pRExC_state, RExC_parse++; /* Skip past the '{' */ - if (! (endbrace = strchr(RExC_parse, '}'))) { /* no trailing brace */ + endbrace = (char *) memchr(RExC_parse, '}', RExC_end - RExC_parse); + if (! endbrace) { /* no trailing brace */ vFAIL2("Missing right brace on \\%c{}", 'N'); } else if(!(endbrace == RExC_parse /* nothing between the {} */ @@ -12692,9 +12693,11 @@ S_regatom(pTHX_ RExC_state_t *pRExC_state, I32 *flagp, U32 depth) else { STRLEN length; char name = *RExC_parse; - char * endbrace; + char * endbrace = NULL; RExC_parse += 2; - endbrace = strchr(RExC_parse, '}'); + if (RExC_parse < RExC_end) { + endbrace = (char *) memchr(RExC_parse, '}', RExC_end - RExC_parse); + } if (! endbrace) { vFAIL2("Missing right brace on \\%c{}", name); @@ -14837,8 +14840,9 @@ S_handle_regex_sets(pTHX_ RExC_state_t *pRExC_state, SV** return_invlist, TRUE /* Force /x */ ); switch (*RExC_parse) { - case '?': - if (RExC_parse[1] == '[') depth++, RExC_parse++; + case '(': + if (RExC_parse[1] == '?' && RExC_parse[2] == '[') + depth++, RExC_parse+=2; /* FALLTHROUGH */ default: break; @@ -14895,9 +14899,9 @@ S_handle_regex_sets(pTHX_ RExC_state_t *pRExC_state, SV** return_invlist, } case ']': - if (depth--) break; - RExC_parse++; - if (*RExC_parse == ')') { + if (RExC_parse[1] == ')') { + RExC_parse++; + if (depth--) break; node = reganode(pRExC_state, ANYOF, 0); RExC_size += ANYOF_SKIP; nextchar(pRExC_state); @@ -14909,20 +14913,25 @@ S_handle_regex_sets(pTHX_ RExC_state_t *pRExC_state, SV** return_invlist, return node; } - goto no_close; + /* We output the messages even if warnings are off, because we'll fail + * the very next thing, and these give a likely diagnosis for that */ + if (posix_warnings && av_tindex_skip_len_mg(posix_warnings) >= 0) { + output_or_return_posix_warnings(pRExC_state, posix_warnings, NULL); + } + RExC_parse++; + vFAIL("Unexpected ']' with no following ')' in (?[..."); } RExC_parse += UTF ? UTF8SKIP(RExC_parse) : 1; } - no_close: /* We output the messages even if warnings are off, because we'll fail * the very next thing, and these give a likely diagnosis for that */ if (posix_warnings && av_tindex_skip_len_mg(posix_warnings) >= 0) { output_or_return_posix_warnings(pRExC_state, posix_warnings, NULL); } - FAIL("Syntax error in (?[...])"); + vFAIL("Syntax error in (?[...])"); } /* Pass 2 only after this. */ @@ -15102,14 +15111,15 @@ redo_curchar: * inversion list, and RExC_parse points to the trailing * ']'; the next character should be the ')' */ RExC_parse++; - assert(UCHARAT(RExC_parse) == ')'); + if (UCHARAT(RExC_parse) != ')') + vFAIL("Expecting close paren for nested extended charclass"); /* Then the ')' matching the original '(' handled by this * case: statement */ RExC_parse++; - assert(UCHARAT(RExC_parse) == ')'); + if (UCHARAT(RExC_parse) != ')') + vFAIL("Expecting close paren for wrapper for nested extended charclass"); - RExC_parse++; RExC_flags = save_flags; goto handle_operand; } @@ -16229,7 +16239,7 @@ S_regclass(pTHX_ RExC_state_t *pRExC_state, I32 *flagp, U32 depth, vFAIL2("Empty \\%c", (U8)value); if (*RExC_parse == '{') { const U8 c = (U8)value; - e = strchr(RExC_parse, '}'); + e = (char *) memchr(RExC_parse, '}', RExC_end - RExC_parse); if (!e) { RExC_parse++; vFAIL2("Missing right brace on \\%c{}", c); diff --git a/t/lib/warnings/regcomp b/t/lib/warnings/regcomp index 2b084c59b0..51ad57ccbe 100644 --- a/t/lib/warnings/regcomp +++ b/t/lib/warnings/regcomp @@ -59,21 +59,21 @@ Unmatched [ in regex; marked by <-- HERE in m/abc[ <-- HERE fi[.00./ at - line qr/(?[[[:word]]])/; EXPECT Assuming NOT a POSIX class since there is no terminating ':' in regex; marked by <-- HERE in m/(?[[[:word <-- HERE ]]])/ at - line 2. -syntax error in (?[...]) in regex m/(?[[[:word]]])/ at - line 2. +Unexpected ']' with no following ')' in (?[... in regex; marked by <-- HERE in m/(?[[[:word]] <-- HERE ])/ at - line 2. ######## # NAME qr/(?[ [[:digit: ])/ # OPTION fatal qr/(?[[[:digit: ])/; EXPECT Assuming NOT a POSIX class since no blanks are allowed in one in regex; marked by <-- HERE in m/(?[[[:digit: ] <-- HERE )/ at - line 2. -syntax error in (?[...]) in regex m/(?[[[:digit: ])/ at - line 2. +syntax error in (?[...]) in regex; marked by <-- HERE in m/(?[[[:digit: ]) <-- HERE / at - line 2. ######## # NAME qr/(?[ [:digit: ])/ # OPTION fatal qr/(?[[:digit: ])/ EXPECT Assuming NOT a POSIX class since no blanks are allowed in one in regex; marked by <-- HERE in m/(?[[:digit: ] <-- HERE )/ at - line 2. -syntax error in (?[...]) in regex m/(?[[:digit: ])/ at - line 2. +syntax error in (?[...]) in regex; marked by <-- HERE in m/(?[[:digit: ]) <-- HERE / at - line 2. ######## # NAME [perl #126141] # OPTION fatal diff --git a/t/re/reg_mesg.t b/t/re/reg_mesg.t index 39cfcf7df1..5194d93751 100644 --- a/t/re/reg_mesg.t +++ b/t/re/reg_mesg.t @@ -106,6 +106,8 @@ my $high_mixed_digit = ('A' lt '0') ? '0' : 'A'; my $colon_hex = sprintf "%02X", ord(":"); my $tab_hex = sprintf "%02X", ord("\t"); +my $bug133423 = "(?[(?^:(?[\\\x00]))\\]\x00|2[^^]\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80])R.\\670"; + ## ## Key-value pairs of code/error of code that should have fatal errors. ## @@ -213,8 +215,9 @@ my @death = '/\b{gc}/' => "'gc' is an unknown bound type {#} m/\\b{gc{#}}/", '/\B{gc}/' => "'gc' is an unknown bound type {#} m/\\B{gc{#}}/", - '/(?[[[::]]])/' => "Syntax error in (?[...]) in regex m/(?[[[::]]])/", - '/(?[[[:w:]]])/' => "Syntax error in (?[...]) in regex m/(?[[[:w:]]])/", + + '/(?[[[::]]])/' => "Unexpected ']' with no following ')' in (?[... {#} m/(?[[[::]]{#}])/", + '/(?[[[:w:]]])/' => "Unexpected ']' with no following ')' in (?[... {#} m/(?[[[:w:]]{#}])/", '/(?[[:w:]])/' => "", '/([.].*)[.]/' => "", # [perl #127582] '/[.].*[.]/' => "", # [perl #127604] @@ -237,11 +240,12 @@ my @death = '/(?[ \p{foo} ])/' => 'Can\'t find Unicode property definition "foo" {#} m/(?[ \p{foo}{#} ])/', '/(?[ \p{ foo = bar } ])/' => 'Can\'t find Unicode property definition "foo = bar" {#} m/(?[ \p{ foo = bar }{#} ])/', '/(?[ \8 ])/' => 'Unrecognized escape \8 in character class {#} m/(?[ \8{#} ])/', - '/(?[ \t ]/' => 'Syntax error in (?[...]) in regex m/(?[ \t ]/', - '/(?[ [ \t ]/' => 'Syntax error in (?[...]) in regex m/(?[ [ \t ]/', - '/(?[ \t ] ]/' => 'Syntax error in (?[...]) in regex m/(?[ \t ] ]/', - '/(?[ [ ] ]/' => 'Syntax error in (?[...]) in regex m/(?[ [ ] ]/', - '/(?[ \t + \e # This was supposed to be a comment ])/' => 'Syntax error in (?[...]) in regex m/(?[ \t + \e # This was supposed to be a comment ])/', + '/(?[ \t ]/' => "Unexpected ']' with no following ')' in (?[... {#} m/(?[ \\t ]{#}/", + '/(?[ [ \t ]/' => "Syntax error in (?[...]) {#} m/(?[ [ \\t ]{#}/", + '/(?[ \t ] ]/' => "Unexpected ']' with no following ')' in (?[... {#} m/(?[ \\t ]{#} ]/", + '/(?[ [ ] ]/' => "Syntax error in (?[...]) {#} m/(?[ [ ] ]{#}/", + '/(?[ \t + \e # This was supposed to be a comment ])/' => + "Syntax error in (?[...]) {#} m/(?[ \\t + \\e # This was supposed to be a comment ]){#}/", '/(?[ ])/' => 'Incomplete expression within \'(?[ ])\' {#} m/(?[ {#}])/', 'm/(?[[a-\d]])/' => 'False [] range "a-\d" {#} m/(?[[a-\d{#}]])/', 'm/(?[[\w-x]])/' => 'False [] range "\w-" {#} m/(?[[\w-{#}x]])/', @@ -290,6 +294,8 @@ my @death = '/(?xmsixp)abc/' => "", '/(?xxxx:abc)/' => "", '/(?<=/' => 'Sequence (?... not terminated {#} m/(?<={#}/', # [perl #128170] + "/$bug133423/" => "Operand with no preceding operator {#} m/(?[(?^:(?[\\ + ); @@ -427,10 +433,10 @@ my @death_utf8 = mark_as_utf8( '/ネ\p{}ネ/' => 'Empty \p{} {#} m/ネ\p{{#}}ネ/', - '/ネ(?[[[:ネ]]])ネ/' => "Syntax error in (?[...]) in regex m/ネ(?[[[:ネ]]])ネ/", - '/ネ(?[[[:ネ: ])ネ/' => "Syntax error in (?[...]) in regex m/ネ(?[[[:ネ: ])ネ/", - '/ネ(?[[[::]]])ネ/' => "Syntax error in (?[...]) in regex m/ネ(?[[[::]]])ネ/", - '/ネ(?[[[:ネ:]]])ネ/' => "Syntax error in (?[...]) in regex m/ネ(?[[[:ネ:]]])ネ/", + '/ネ(?[[[:ネ]]])ネ/' => "Unexpected ']' with no following ')' in (?[... {#} m/ネ(?[[[:ネ]]{#}])ネ/", + '/ネ(?[[[:ネ: ])ネ/' => "Syntax error in (?[...]) {#} m/ネ(?[[[:ネ: ])ネ{#}/", + '/ネ(?[[[::]]])ネ/' => "Unexpected ']' with no following ')' in (?[... {#} m/ネ(?[[[::]]{#}])ネ/", + '/ネ(?[[[:ネ:]]])ネ/' => "Unexpected ']' with no following ')' in (?[... {#} m/ネ(?[[[:ネ:]]{#}])ネ/", '/ネ(?[[:ネ:]])ネ/' => "", '/ネ(?[ネ])ネ/' => 'Unexpected character {#} m/ネ(?[ネ{#}])ネ/', '/ネ(?[ + [ネ] ])/' => 'Unexpected binary operator \'+\' with no preceding operand {#} m/ネ(?[ +{#} [ネ] ])/', @@ -443,8 +449,9 @@ my @death_utf8 = mark_as_utf8( '/(?[ \x{ネ} ])ネ/' => 'Non-hex character {#} m/(?[ \x{ネ{#}} ])ネ/', '/(?[ \p{ネ} ])/' => 'Can\'t find Unicode property definition "ネ" {#} m/(?[ \p{ネ}{#} ])/', '/(?[ \p{ ネ = bar } ])/' => 'Can\'t find Unicode property definition "ネ = bar" {#} m/(?[ \p{ ネ = bar }{#} ])/', - '/ネ(?[ \t ]/' => 'Syntax error in (?[...]) in regex m/ネ(?[ \t ]/', - '/(?[ \t + \e # ネ This was supposed to be a comment ])/' => 'Syntax error in (?[...]) in regex m/(?[ \t + \e # ネ This was supposed to be a comment ])/', + '/ネ(?[ \t ]/' => "Unexpected ']' with no following ')' in (?[... {#} m/ネ(?[ \\t ]{#}/", + '/(?[ \t + \e # ネ This was supposed to be a comment ])/' => + "Syntax error in (?[...]) {#} m/(?[ \\t + \\e # ネ This was supposed to be a comment ]){#}/", 'm/(*ネ)ネ/' => q<Unknown verb pattern 'ネ' {#} m/(*ネ){#}ネ/>, '/\cネ/' => "Character following \"\\c\" must be printable ASCII", '/\b{ネ}/' => "'ネ' is an unknown bound type {#} m/\\b{ネ{#}}/", diff --git a/t/re/regex_sets.t b/t/re/regex_sets.t index 6a79f9d692..e9644bd4e6 100644 --- a/t/re/regex_sets.t +++ b/t/re/regex_sets.t @@ -158,13 +158,13 @@ for my $char ("٠", "٥", "٩") { eval { $_ = '/(?[(\c]) /'; qr/$_/ }; like($@, qr/^Syntax error/, '/(?[(\c]) / should not panic'); eval { $_ = '(?[\c#]' . "\n])"; qr/$_/ }; - like($@, qr/^Syntax error/, '/(?[(\c]) / should not panic'); + like($@, qr/^Unexpected/, '/(?[(\c]) / should not panic'); eval { $_ = '(?[(\c])'; qr/$_/ }; like($@, qr/^Syntax error/, '/(?[(\c])/ should be a syntax error'); eval { $_ = '(?[(\c]) ]\b'; qr/$_/ }; - like($@, qr/^Syntax error/, '/(?[(\c]) ]\b/ should be a syntax error'); + like($@, qr/^Unexpected/, '/(?[(\c]) ]\b/ should be a syntax error'); eval { $_ = '(?[\c[]](])'; qr/$_/ }; - like($@, qr/^Syntax error/, '/(?[\c[]](])/ should be a syntax error'); + like($@, qr/^Unexpected/, '/(?[\c[]](])/ should be a syntax error'); like("\c#", qr/(?[\c#])/, '\c# should match itself'); like("\c[", qr/(?[\c[])/, '\c[ should match itself'); like("\c\ ", qr/(?[\c\])/, '\c\ should match itself'); diff --git a/util.c b/util.c index 2e053a7115..ba5fb2ded8 100644 --- a/util.c +++ b/util.c @@ -2064,8 +2064,40 @@ Perl_new_warnings_bitfield(pTHX_ STRLEN *buffer, const char *const bits, *(s+(nlen+1+vlen)) = '\0' #ifdef USE_ENVIRON_ARRAY - /* VMS' my_setenv() is in vms.c */ + +/* small wrapper for use by Perl_my_setenv that mallocs, or reallocs if + * 'current' is non-null, with up to three sizes that are added together. + * It handles integer overflow. + */ +static char * +S_env_alloc(void *current, Size_t l1, Size_t l2, Size_t l3, Size_t size) +{ + void *p; + Size_t sl, l = l1 + l2; + + if (l < l2) + goto panic; + l += l3; + if (l < l3) + goto panic; + sl = l * size; + if (sl < l) + goto panic; + + p = current + ? safesysrealloc(current, sl) + : safesysmalloc(sl); + if (p) + return (char*)p; + + panic: + croak_memory_wrap(); +} + + +/* VMS' my_setenv() is in vms.c */ #if !defined(WIN32) && !defined(NETWARE) + void Perl_my_setenv(pTHX_ const char *nam, const char *val) { @@ -2081,28 +2113,27 @@ Perl_my_setenv(pTHX_ const char *nam, const char *val) #ifndef PERL_USE_SAFE_PUTENV if (!PL_use_safe_putenv) { /* most putenv()s leak, so we manipulate environ directly */ - I32 i; - const I32 len = strlen(nam); - int nlen, vlen; + UV i; + Size_t vlen, nlen = strlen(nam); /* where does it go? */ for (i = 0; environ[i]; i++) { - if (strnEQ(environ[i],nam,len) && environ[i][len] == '=') + if (strnEQ(environ[i], nam, nlen) && environ[i][nlen] == '=') break; } if (environ == PL_origenviron) { /* need we copy environment? */ - I32 j; - I32 max; + UV j, max; char **tmpenv; max = i; while (environ[max]) max++; - tmpenv = (char**)safesysmalloc((max+2) * sizeof(char*)); + /* XXX shouldn't that be max+1 rather than max+2 ??? - DAPM */ + tmpenv = (char**)S_env_alloc(NULL, max, 2, 0, sizeof(char*)); for (j=0; j<max; j++) { /* copy environment */ - const int len = strlen(environ[j]); - tmpenv[j] = (char*)safesysmalloc((len+1)*sizeof(char)); + const Size_t len = strlen(environ[j]); + tmpenv[j] = S_env_alloc(NULL, len, 1, 0, 1); Copy(environ[j], tmpenv[j], len+1, char); } tmpenv[max] = NULL; @@ -2121,15 +2152,15 @@ Perl_my_setenv(pTHX_ const char *nam, const char *val) #endif } if (!environ[i]) { /* does not exist yet */ - environ = (char**)safesysrealloc(environ, (i+2) * sizeof(char*)); + environ = (char**)S_env_alloc(environ, i, 2, 0, sizeof(char*)); environ[i+1] = NULL; /* make sure it's null terminated */ } else safesysfree(environ[i]); - nlen = strlen(nam); + vlen = strlen(val); - environ[i] = (char*)safesysmalloc((nlen+vlen+2) * sizeof(char)); + environ[i] = S_env_alloc(NULL, nlen, vlen, 2, 1); /* all that work just for this */ my_setenv_format(environ[i], nam, nlen, val, vlen); } else { @@ -2154,22 +2185,21 @@ Perl_my_setenv(pTHX_ const char *nam, const char *val) if (environ) /* old glibc can crash with null environ */ (void)unsetenv(nam); } else { - const int nlen = strlen(nam); - const int vlen = strlen(val); - char * const new_env = - (char*)safesysmalloc((nlen + vlen + 2) * sizeof(char)); + const Size_t nlen = strlen(nam); + const Size_t vlen = strlen(val); + char * const new_env = S_env_alloc(NULL, nlen, vlen, 2, 1); my_setenv_format(new_env, nam, nlen, val, vlen); (void)putenv(new_env); } # else /* ! HAS_UNSETENV */ char *new_env; - const int nlen = strlen(nam); - int vlen; + const Size_t nlen = strlen(nam); + Size_t vlen; if (!val) { val = ""; } vlen = strlen(val); - new_env = (char*)safesysmalloc((nlen + vlen + 2) * sizeof(char)); + new_env = S_env_alloc(NULL, nlen, vlen, 2, 1); /* all that work just for this */ my_setenv_format(new_env, nam, nlen, val, vlen); (void)putenv(new_env); @@ -2192,14 +2222,14 @@ Perl_my_setenv(pTHX_ const char *nam, const char *val) { dVAR; char *envstr; - const int nlen = strlen(nam); - int vlen; + const Size_t nlen = strlen(nam); + Size_t vlen; if (!val) { val = ""; } vlen = strlen(val); - Newx(envstr, nlen+vlen+2, char); + envstr = S_env_alloc(NULL, nlen, vlen, 2, 1); my_setenv_format(envstr, nam, nlen, val, vlen); (void)PerlEnv_putenv(envstr); Safefree(envstr); -- Perl5 Master Repository
