# New Ticket Created by Andy Dougherty
# Please include the string: [perl #38784]
# in the subject line of all future correspondence about this issue.
# <URL: https://rt.perl.org/rt3/Ticket/Display.html?id=38784 >
The following trivial patch prevents parrot from reading possibly
unallocated memory: If the C< char *name > were less than 10 characters
long, then the memcmp could read beyond the end of the allocated block;
the strncmp will properly terminate at the end of C<name>.
In most other places, this file uses a plain strcmp(). In these two
places, it used a memcmp(). I don't know why.
--- parrot-current/compilers/imcc/parser_util.c Wed Feb 22 11:15:12 2006
+++ parrot-andy/compilers/imcc/parser_util.c Wed Mar 22 12:36:53 2006
@@ -537,8 +537,8 @@
else if (!strcmp(name, "yield")) {
cur_unit->instructions->r[0]->pcc_sub->calls_a_sub |= 1 |ITPCCYIELD;
}
- else if (!memcmp(name, "invoke", 6) ||
- !memcmp(name, "callmethod", 10)) {
+ else if (!strncmp(name, "invoke", 6) ||
+ !strncmp(name, "callmethod", 10)) {
if (cur_unit->type & IMC_PCCSUB)
cur_unit->instructions->r[0]->pcc_sub->calls_a_sub |= 1;
}
--
Andy Dougherty [EMAIL PROTECTED]
