perleval bug on 64-bit big-endian architectures

Mon, 22 Feb 2016 16:04:48 -0800 

I ran into a problem with a perl test on sparc.  Looks like the code
pulling keys out of a dict wasn't doing the right thing when it came to
type declarations.

Basically, on a 64-bit big-endian machine like SPARC, size_t will be
64 bits, and I32 will be 32 bits.  If we pass the pointer to the 64-bit
value off to a function that is expecting a 32-bit value, then the function
will write the result (say, 3, as what happens in the test) into the lower
end of the top half of the value:

    00 00 00 03 00 00 00 00

Back to the vim code, which interprets that memory again as a 64-bit value,
and sees 12 billion or so, which is definitely greater than strlen(key), so
we get the malformed key error.

On x86, this isn't a problem, since

    03 00 00 00 00 00 00 00

is interpreted as 3 regardless of whether the code thinks that's the start
of a 64-bit value or a 32-bit value.  And in a 32-bit process, the
endianness wouldn't matter since size_t would be 32-bits.

Patch is attached.

Thanks,
Danek

-- 
-- 
You received this message from the "vim_dev" maillist.
Do not top-post! Type your reply below the text you are replying to.
For more information, visit http://www.vim.org/maillist.php

--- 
You received this message because you are subscribed to the Google Groups 
"vim_dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
For more options, visit https://groups.google.com/d/optout.

diff --git a/src/if_perl.xs b/src/if_perl.xs
index 47c9440..9ca5291 100644
--- src/if_perl.xs
+++ src/if_perl.xs
@@ -1097,7 +1097,7 @@ perl_to_vim(SV *sv, typval_T *rettv)
        case SVt_PVHV:  /* dictionary */
        {
            HE *                entry;
-           size_t              key_len;
+           I32                 key_len;
            char *              key;
            dictitem_T *        item;
            SV *                item2;
@@ -1121,9 +1121,9 @@ perl_to_vim(SV *sv, typval_T *rettv)
                for (entry = hv_iternext((HV *)sv); entry; entry = 
hv_iternext((HV *)sv))
                {
                    key_len = 0;
-                   key = hv_iterkey(entry, (I32 *)&key_len);
+                   key = hv_iterkey(entry, &key_len);
 
-                   if (!key || !key_len || strlen(key) < key_len) {
+                   if (!key || !key_len || strlen(key) < (size_t)key_len) {
                        EMSG2("Malformed key Dictionary '%s'", key && *key ? 
key : "(empty)");
                        break;
                    }

Raspunde prin e-mail lui