ppisar pushed to perl (f26). "Fix a crash when calling a subroutine from a stash"

notifications Mon, 19 Jun 2017 09:03:05 -0700

From 12af1e2279e350b578c29ce74fea9d5158a51430 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppi...@redhat.com>
Date: Fri, 16 Jun 2017 14:14:17 +0200
Subject: Fix a crash when calling a subroutine from a stash


---
 ....24.1-perl-131085-Crash-with-sub-in-stash.patch | 61 ++++++++++++++++++++++
 perl.spec                                          |  7 +++
 2 files changed, 68 insertions(+)
 create mode 100644 perl-5.24.1-perl-131085-Crash-with-sub-in-stash.patch

diff --git a/perl-5.24.1-perl-131085-Crash-with-sub-in-stash.patch 
b/perl-5.24.1-perl-131085-Crash-with-sub-in-stash.patch
new file mode 100644
index 0000000..552a722
--- /dev/null
+++ b/perl-5.24.1-perl-131085-Crash-with-sub-in-stash.patch
@@ -0,0 +1,61 @@
+From cba9aa759f7ce8a4a80e748eb451f679042cd74b Mon Sep 17 00:00:00 2001
+From: Father Chrysostomos <spr...@cpan.org>
+Date: Fri, 7 Apr 2017 14:08:02 -0700
+Subject: [PATCH] Crash with sub-in-stash
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Ported to 5.24.1:
+
+commit 790acddeaa0d2c73524596048b129561225cf100
+Author: Father Chrysostomos <spr...@cpan.org>
+Date:   Fri Apr 7 14:08:02 2017 -0700
+
+    [perl #131085] Crash with sub-in-stash
+
+    $ perl -e '$::{"A"} = sub {}; \&{"A"}'
+    Segmentation fault (core dumped)
+
+    The code that vivifies a typeglob out of a code ref assumed that the
+    CV had a name hek, which is always the case when perl itself puts the
+    code ref there (via ‘sub A{}’), but is not necessarily the case if
+    someone is insinuating other stuff into the stash.
+
+Signed-off-by: Petr Písař <ppi...@redhat.com>
+---
+ gv.c      | 2 +-
+ t/op/gv.t | 4 ++++
+ 2 files changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/gv.c b/gv.c
+index 3fda9b9..6690b64 100644
+--- a/gv.c
++++ b/gv.c
+@@ -421,7 +421,7 @@ Perl_gv_init_pvn(pTHX_ GV *gv, HV *stash, const char 
*name, STRLEN len, U32 flag
+       /* Not actually a constant.  Just a regular sub.  */
+       CV * const cv = (CV *)has_constant;
+       GvCV_set(gv,cv);
+-      if (CvSTASH(cv) == stash && (
++      if (CvNAMED(cv) && CvSTASH(cv) == stash && (
+              CvNAME_HEK(cv) == GvNAME_HEK(gv)
+           || (  HEK_LEN(CvNAME_HEK(cv)) == HEK_LEN(GvNAME_HEK(gv))
+              && HEK_FLAGS(CvNAME_HEK(cv)) != HEK_FLAGS(GvNAME_HEK(gv))
+diff --git a/t/op/gv.t b/t/op/gv.t
+index 03ae46e..cdaaef5 100644
+--- a/t/op/gv.t
++++ b/t/op/gv.t
+@@ -1170,6 +1170,10 @@ SKIP: {
+     is ($? & 127, 0,"[perl #128597] No crash when gp_free calls ckWARN_d");
+ }
+ 
++# [perl #131085] This used to crash; no ok() necessary.
++$::{"A131085"} = sub {}; \&{"A131085"};
++
++
+ __END__
+ Perl
+ Rules
+-- 
+2.9.4
+
diff --git a/perl.spec b/perl.spec
index b65faf6..29dcd99 100644
--- a/perl.spec
+++ b/perl.spec
@@ -346,6 +346,10 @@ Patch96:        
perl-5.25.12-avoid-a-memory-wrap-in-sv_vcatpvfn_flags.patch
 # in upstream after 5.27.0
 Patch97:        perl-5.24.1-sprintf-add-memory-wrap-tests.patch
 
+# Fix a crash when calling a subroutine from a stash, RT#131085,
+# in upstream after 5.27.0
+Patch98:        perl-5.24.1-perl-131085-Crash-with-sub-in-stash.patch
+
 # Link XS modules to libperl.so with EU::CBuilder on Linux, bug #960048
 Patch200:       
perl-5.16.3-Link-XS-modules-to-libperl.so-with-EU-CBuilder-on-Li.patch
 
@@ -3081,6 +3085,7 @@ popd
 %patch95 -p1
 %patch96 -p1
 %patch97 -p1
+%patch98 -p1
 %patch200 -p1
 %patch201 -p1
 
@@ -3159,6 +3164,7 @@ perl -x patchlevel.h \
     'Fedora Patch94: Fix a heap-use-after-free in four-arguments substr call 
(RT#130624)' \
     'Fedora Patch95: Make File::Glob more resistant against degenerative 
matching (RT#131211)' \
     'Fedora Patch96: Fix a memory wrap in sv_vcatpvfn_flags() (RT#131260)' \
+    'Fedora Patch98: Fix a crash when calling a subroutine from a stash 
(RT#131085)' \
     'Fedora Patch200: Link XS modules to libperl.so with EU::CBuilder on 
Linux' \
     'Fedora Patch201: Link XS modules to libperl.so with EU::MM on Linux' \
     %{nil}
@@ -5452,6 +5458,7 @@ popd
 * Fri Jun 16 2017 Petr Pisar <ppi...@redhat.com> - 4:5.24.1-392
 - Make File::Glob more resistant against degenerative matching (RT#131211)
 - Fix a memory wrap in sv_vcatpvfn_flags() (RT#131260)
+- Fix a crash when calling a subroutine from a stash (RT#131085)
 
 * Fri Mar 31 2017 Petr Pisar <ppi...@redhat.com> - 4:5.24.1-391
 - Introduce build-conditions for groff, systemtap, syslog tests, and tcsh
-- 
cgit v1.1


        
https://src.fedoraproject.org/cgit/perl.git/commit/?h=f26&id=12af1e2279e350b578c29ce74fea9d5158a51430
_______________________________________________
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org

ppisar pushed to perl (f26). "Fix a crash when calling a subroutine from a stash"

Reply via email to