Compare commits
No commits in common. "master" and "f22" have entirely different histories.
3
.gitignore
vendored
3
.gitignore
vendored
@ -6,6 +6,3 @@
|
|||||||
/Data-Dumper-2.145.tar.gz
|
/Data-Dumper-2.145.tar.gz
|
||||||
/Data-Dumper-2.151.tar.gz
|
/Data-Dumper-2.151.tar.gz
|
||||||
/Data-Dumper-2.154.tar.gz
|
/Data-Dumper-2.154.tar.gz
|
||||||
/Data-Dumper-2.161.tar.gz
|
|
||||||
/Data-Dumper-2.172.tar.gz
|
|
||||||
/Data-Dumper-2.173.tar.gz
|
|
||||||
|
@ -1,167 +0,0 @@
|
|||||||
From d9c4b4ae5a1a17347ff5e3ecbf8e1d9da481f476 Mon Sep 17 00:00:00 2001
|
|
||||||
From: David Mitchell <davem@iabyn.com>
|
|
||||||
Date: Wed, 3 Apr 2019 13:23:24 +0100
|
|
||||||
Subject: [PATCH] Data::Dumper - avoid leak on croak
|
|
||||||
MIME-Version: 1.0
|
|
||||||
Content-Type: text/plain; charset=UTF-8
|
|
||||||
Content-Transfer-Encoding: 8bit
|
|
||||||
|
|
||||||
v5.21.3-742-g19be3be696 added a facility to Dumper.xs to croak if the
|
|
||||||
recursion level became too deep (1000 by default).
|
|
||||||
|
|
||||||
The trouble with this is that various parts of DD_dump() allocate
|
|
||||||
temporary SVs and buffers, which will leak if DD_dump() unceremoniously
|
|
||||||
just croaks().
|
|
||||||
|
|
||||||
This currently manifests as dist/Data-Dumper/t/recurse.t failing under
|
|
||||||
Address Sanitiser.
|
|
||||||
|
|
||||||
This commit makes the depth checking code just set a sticky 'too deep'
|
|
||||||
boolean flag, and
|
|
||||||
a) on entry, DD_dump() just returns immediately if the flag is set;
|
|
||||||
b) the flag is checked by the top-level called of DD_dump() and croaks
|
|
||||||
if set.
|
|
||||||
|
|
||||||
So the net effect is to defer croaking until the dump is complete,
|
|
||||||
and avoid any further recursion once the flag is set.
|
|
||||||
|
|
||||||
This is a bit of a quick fix. More long-term solutions would be to
|
|
||||||
convert DD_dump() to be iterative rather than recursive, and/or make
|
|
||||||
sure all temporary SVs and buffers are suitably anchored somewhere so
|
|
||||||
that they get cleaned up on croak.
|
|
||||||
|
|
||||||
Petr Písař: Ported from 6d65cb5d847ac93680949c4fa02111808207fbdc in
|
|
||||||
perl git tree.
|
|
||||||
|
|
||||||
Signed-off-by: Petr Písař <ppisar@redhat.com>
|
|
||||||
---
|
|
||||||
Dumper.pm | 6 +++---
|
|
||||||
Dumper.xs | 27 ++++++++++++++++++++-------
|
|
||||||
2 files changed, 23 insertions(+), 10 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/Dumper.pm b/Dumper.pm
|
|
||||||
index 40aeb7d..06af4c4 100644
|
|
||||||
--- a/Dumper.pm
|
|
||||||
+++ b/Dumper.pm
|
|
||||||
@@ -10,7 +10,7 @@
|
|
||||||
package Data::Dumper;
|
|
||||||
|
|
||||||
BEGIN {
|
|
||||||
- $VERSION = '2.173'; # Don't forget to set version and release
|
|
||||||
+ $VERSION = '2.174'; # Don't forget to set version and release
|
|
||||||
} # date in POD below!
|
|
||||||
|
|
||||||
#$| = 1;
|
|
||||||
@@ -1461,13 +1461,13 @@ be to use the C<Sortkeys> filter of Data::Dumper.
|
|
||||||
|
|
||||||
Gurusamy Sarathy gsar@activestate.com
|
|
||||||
|
|
||||||
-Copyright (c) 1996-2017 Gurusamy Sarathy. All rights reserved.
|
|
||||||
+Copyright (c) 1996-2019 Gurusamy Sarathy. All rights reserved.
|
|
||||||
This program is free software; you can redistribute it and/or
|
|
||||||
modify it under the same terms as Perl itself.
|
|
||||||
|
|
||||||
=head1 VERSION
|
|
||||||
|
|
||||||
-Version 2.173
|
|
||||||
+Version 2.174
|
|
||||||
|
|
||||||
=head1 SEE ALSO
|
|
||||||
|
|
||||||
diff --git a/Dumper.xs b/Dumper.xs
|
|
||||||
index 7f0b027..a324cb6 100644
|
|
||||||
--- a/Dumper.xs
|
|
||||||
+++ b/Dumper.xs
|
|
||||||
@@ -61,9 +61,10 @@
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/* This struct contains almost all the user's desired configuration, and it
|
|
||||||
- * is treated as constant by the recursive function. This arrangement has
|
|
||||||
- * the advantage of needing less memory than passing all of them on the
|
|
||||||
- * stack all the time (as was the case in an earlier implementation). */
|
|
||||||
+ * is treated as mostly constant (except for maxrecursed) by the recursive
|
|
||||||
+ * function. This arrangement has the advantage of needing less memory
|
|
||||||
+ * than passing all of them on the stack all the time (as was the case in
|
|
||||||
+ * an earlier implementation). */
|
|
||||||
typedef struct {
|
|
||||||
SV *pad;
|
|
||||||
SV *xpad;
|
|
||||||
@@ -74,6 +75,7 @@ typedef struct {
|
|
||||||
SV *toaster;
|
|
||||||
SV *bless;
|
|
||||||
IV maxrecurse;
|
|
||||||
+ bool maxrecursed; /* at some point we exceeded the maximum recursion level */
|
|
||||||
I32 indent;
|
|
||||||
I32 purity;
|
|
||||||
I32 deepcopy;
|
|
||||||
@@ -97,7 +99,7 @@ static bool safe_decimal_number(const char *p, STRLEN len);
|
|
||||||
static SV *sv_x (pTHX_ SV *sv, const char *str, STRLEN len, I32 n);
|
|
||||||
static I32 DD_dump (pTHX_ SV *val, const char *name, STRLEN namelen, SV *retval,
|
|
||||||
HV *seenhv, AV *postav, const I32 level, SV *apad,
|
|
||||||
- const Style *style);
|
|
||||||
+ Style *style);
|
|
||||||
|
|
||||||
#ifndef HvNAME_get
|
|
||||||
#define HvNAME_get HvNAME
|
|
||||||
@@ -615,7 +617,7 @@ deparsed_output(pTHX_ SV *val)
|
|
||||||
*/
|
|
||||||
static I32
|
|
||||||
DD_dump(pTHX_ SV *val, const char *name, STRLEN namelen, SV *retval, HV *seenhv,
|
|
||||||
- AV *postav, const I32 level, SV *apad, const Style *style)
|
|
||||||
+ AV *postav, const I32 level, SV *apad, Style *style)
|
|
||||||
{
|
|
||||||
char tmpbuf[128];
|
|
||||||
Size_t i;
|
|
||||||
@@ -642,6 +644,9 @@ DD_dump(pTHX_ SV *val, const char *name, STRLEN namelen, SV *retval, HV *seenhv,
|
|
||||||
if (!val)
|
|
||||||
return 0;
|
|
||||||
|
|
||||||
+ if (style->maxrecursed)
|
|
||||||
+ return 0;
|
|
||||||
+
|
|
||||||
/* If the output buffer has less than some arbitrary amount of space
|
|
||||||
remaining, then enlarge it. For the test case (25M of output),
|
|
||||||
*1.1 was slower, *2.0 was the same, so the first guess of 1.5 is
|
|
||||||
@@ -793,7 +798,7 @@ DD_dump(pTHX_ SV *val, const char *name, STRLEN namelen, SV *retval, HV *seenhv,
|
|
||||||
}
|
|
||||||
|
|
||||||
if (style->maxrecurse > 0 && level >= style->maxrecurse) {
|
|
||||||
- croak("Recursion limit of %" IVdf " exceeded", style->maxrecurse);
|
|
||||||
+ style->maxrecursed = TRUE;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (realpack && !no_bless) { /* we have a blessed ref */
|
|
||||||
@@ -1528,6 +1533,7 @@ Data_Dumper_Dumpxs(href, ...)
|
|
||||||
style.indent = 2;
|
|
||||||
style.quotekeys = 1;
|
|
||||||
style.maxrecurse = 1000;
|
|
||||||
+ style.maxrecursed = FALSE;
|
|
||||||
style.purity = style.deepcopy = style.useqq = style.maxdepth
|
|
||||||
= style.use_sparse_seen_hash = style.trailingcomma = 0;
|
|
||||||
style.pad = style.xpad = style.sep = style.pair = style.sortkeys
|
|
||||||
@@ -1675,7 +1681,7 @@ Data_Dumper_Dumpxs(href, ...)
|
|
||||||
DD_dump(aTHX_ val, SvPVX_const(name), SvCUR(name), valstr, seenhv,
|
|
||||||
postav, 0, newapad, &style);
|
|
||||||
SPAGAIN;
|
|
||||||
-
|
|
||||||
+
|
|
||||||
if (style.indent >= 2 && !terse)
|
|
||||||
SvREFCNT_dec(newapad);
|
|
||||||
|
|
||||||
@@ -1715,6 +1721,13 @@ Data_Dumper_Dumpxs(href, ...)
|
|
||||||
}
|
|
||||||
SvREFCNT_dec(postav);
|
|
||||||
SvREFCNT_dec(valstr);
|
|
||||||
+
|
|
||||||
+ /* we defer croaking until here so that temporary SVs and
|
|
||||||
+ * buffers won't be leaked */
|
|
||||||
+ if (style.maxrecursed)
|
|
||||||
+ croak("Recursion limit of %" IVdf " exceeded",
|
|
||||||
+ style.maxrecurse);
|
|
||||||
+
|
|
||||||
}
|
|
||||||
else
|
|
||||||
croak("Call to new() method failed to return HASH ref");
|
|
||||||
--
|
|
||||||
2.20.1
|
|
||||||
|
|
@ -1,39 +1,29 @@
|
|||||||
%global base_version 2.173
|
%global cpan_version 2.154
|
||||||
|
|
||||||
Name: perl-Data-Dumper
|
Name: perl-Data-Dumper
|
||||||
Version: 2.174
|
Version: %(echo '%{cpan_version}' | tr '_' '.')
|
||||||
Release: 457%{?dist}
|
Release: 1%{?dist}
|
||||||
Summary: Stringify perl data structures, suitable for printing and eval
|
Summary: Stringify perl data structures, suitable for printing and eval
|
||||||
License: GPL+ or Artistic
|
License: GPL+ or Artistic
|
||||||
URL: https://metacpan.org/release/Data-Dumper
|
Group: Development/Libraries
|
||||||
Source0: https://cpan.metacpan.org/authors/id/X/XS/XSAWYERX/Data-Dumper-%{base_version}.tar.gz
|
URL: http://search.cpan.org/dist/Data-Dumper/
|
||||||
# Fix a memory leak when croaking about a too deep recursion,
|
Source0: http://www.cpan.org/authors/id/S/SM/SMUELLER/Data-Dumper-%{cpan_version}.tar.gz
|
||||||
# fixed in perl after 5.29.9
|
BuildRequires: perl
|
||||||
Patch0: Data-Dumper-2.173-Data-Dumper-avoid-leak-on-croak.patch
|
BuildRequires: perl(ExtUtils::MakeMaker)
|
||||||
BuildRequires: findutils
|
|
||||||
BuildRequires: gcc
|
|
||||||
BuildRequires: make
|
|
||||||
BuildRequires: perl-devel
|
|
||||||
BuildRequires: perl-generators
|
|
||||||
BuildRequires: perl-interpreter
|
|
||||||
BuildRequires: perl(ExtUtils::MakeMaker) >= 6.76
|
|
||||||
BuildRequires: perl(File::Copy)
|
|
||||||
BuildRequires: perl(strict)
|
|
||||||
# perl-Test-Simple is in cycle with perl-Data-Dumper
|
|
||||||
%if !%{defined perl_bootstrap}
|
|
||||||
# Run-time:
|
# Run-time:
|
||||||
BuildRequires: perl(B::Deparse)
|
BuildRequires: perl(B::Deparse)
|
||||||
BuildRequires: perl(bytes)
|
BuildRequires: perl(bytes)
|
||||||
BuildRequires: perl(Carp)
|
BuildRequires: perl(Carp)
|
||||||
BuildRequires: perl(constant)
|
BuildRequires: perl(constant)
|
||||||
BuildRequires: perl(Exporter)
|
BuildRequires: perl(Exporter)
|
||||||
|
BuildRequires: perl(overload)
|
||||||
BuildRequires: perl(Scalar::Util)
|
BuildRequires: perl(Scalar::Util)
|
||||||
BuildRequires: perl(XSLoader)
|
BuildRequires: perl(XSLoader)
|
||||||
|
# perl-Test-Simple is in cycle with perl-Data-Dumper
|
||||||
|
%if !%{defined perl_bootstrap}
|
||||||
# Tests only:
|
# Tests only:
|
||||||
BuildRequires: perl(Config)
|
BuildRequires: perl(Config)
|
||||||
BuildRequires: perl(if)
|
BuildRequires: perl(if)
|
||||||
BuildRequires: perl(lib)
|
BuildRequires: perl(lib)
|
||||||
BuildRequires: perl(overload)
|
|
||||||
BuildRequires: perl(strict)
|
BuildRequires: perl(strict)
|
||||||
BuildRequires: perl(Test::More) >= 0.98
|
BuildRequires: perl(Test::More) >= 0.98
|
||||||
BuildRequires: perl(vars)
|
BuildRequires: perl(vars)
|
||||||
@ -56,16 +46,17 @@ variable is output in a single Perl statement. Handles self-referential
|
|||||||
structures correctly.
|
structures correctly.
|
||||||
|
|
||||||
%prep
|
%prep
|
||||||
%setup -q -n Data-Dumper-%{base_version}
|
%setup -q -n Data-Dumper-%{cpan_version}
|
||||||
%patch0 -p1
|
sed -i '/MAN3PODS/d' Makefile.PL
|
||||||
|
|
||||||
%build
|
%build
|
||||||
perl Makefile.PL INSTALLDIRS=vendor NO_PACKLIST=1 NO_PERLLOCAL=1 OPTIMIZE="$RPM_OPT_FLAGS"
|
perl Makefile.PL INSTALLDIRS=vendor OPTIMIZE="$RPM_OPT_FLAGS"
|
||||||
%{make_build}
|
make %{?_smp_mflags}
|
||||||
|
|
||||||
%install
|
%install
|
||||||
%{make_install}
|
make pure_install DESTDIR=$RPM_BUILD_ROOT
|
||||||
find $RPM_BUILD_ROOT -type f -name '*.bs' -size 0 -delete
|
find $RPM_BUILD_ROOT -type f -name .packlist -exec rm -f {} \;
|
||||||
|
find $RPM_BUILD_ROOT -type f -name '*.bs' -size 0 -exec rm -f {} \;
|
||||||
%{_fixperms} $RPM_BUILD_ROOT/*
|
%{_fixperms} $RPM_BUILD_ROOT/*
|
||||||
|
|
||||||
%check
|
%check
|
||||||
@ -80,115 +71,6 @@ make test
|
|||||||
%{_mandir}/man3/*
|
%{_mandir}/man3/*
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
* Fri Jun 26 2020 Jitka Plesnikova <jplesnik@redhat.com> - 2.174-457
|
|
||||||
- Perl 5.32 re-rebuild of bootstrapped packages
|
|
||||||
|
|
||||||
* Mon Jun 22 2020 Jitka Plesnikova <jplesnik@redhat.com> - 2.174-456
|
|
||||||
- Increase release to favour standalone package
|
|
||||||
|
|
||||||
* Tue Feb 04 2020 Petr Pisar <ppisar@redhat.com> - 2.174-443
|
|
||||||
- Modernize the spec file
|
|
||||||
|
|
||||||
* Tue Feb 04 2020 Tom Stellard <tstellar@redhat.com> - 2.174-442
|
|
||||||
- Use make_build macro
|
|
||||||
- https://docs.fedoraproject.org/en-US/packaging-guidelines/#_parallel_make
|
|
||||||
|
|
||||||
* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.174-441
|
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
|
|
||||||
|
|
||||||
* Fri Jul 26 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.174-440
|
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
|
|
||||||
|
|
||||||
* Sun Jun 02 2019 Jitka Plesnikova <jplesnik@redhat.com> - 2.174-439
|
|
||||||
- Perl 5.30 re-rebuild of bootstrapped packages
|
|
||||||
|
|
||||||
* Thu May 30 2019 Jitka Plesnikova <jplesnik@redhat.com> - 2.174-438
|
|
||||||
- Increase release to favour standalone package
|
|
||||||
|
|
||||||
* Fri Apr 26 2019 Jitka Plesnikova <jplesnik@redhat.com> - 2.174-1
|
|
||||||
- Update version to 2.174 as provided in perl-5.29.10
|
|
||||||
|
|
||||||
* Wed Apr 03 2019 Petr Pisar <ppisar@redhat.com> - 2.173-3
|
|
||||||
- Fix a memory leak when croaking about a too deep recursion
|
|
||||||
|
|
||||||
* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.173-2
|
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
|
|
||||||
|
|
||||||
* Mon Nov 12 2018 Petr Pisar <ppisar@redhat.com> - 2.173-1
|
|
||||||
- 2.173 bump
|
|
||||||
|
|
||||||
* Thu Sep 20 2018 Jitka Plesnikova <jplesnik@redhat.com> - 2.172-1
|
|
||||||
- 2.172 bump
|
|
||||||
|
|
||||||
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.170-418
|
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
|
|
||||||
|
|
||||||
* Sat Jun 30 2018 Jitka Plesnikova <jplesnik@redhat.com> - 2.170-417
|
|
||||||
- Perl 5.28 re-rebuild of bootstrapped packages
|
|
||||||
|
|
||||||
* Wed Jun 27 2018 Jitka Plesnikova <jplesnik@redhat.com> - 2.170-416
|
|
||||||
- Increase release to favour standalone package
|
|
||||||
|
|
||||||
* Wed May 23 2018 Jitka Plesnikova <jplesnik@redhat.com> - 2.170-1
|
|
||||||
- Upgrade to 2.170 as provided in perl-5.28.0-RC1
|
|
||||||
|
|
||||||
* Thu Feb 08 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.167-399
|
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
|
|
||||||
|
|
||||||
* Thu Jan 11 2018 Petr Pisar <ppisar@redhat.com> - 2.167-398
|
|
||||||
- Fix postentry for quoted glob (bug #1532524)
|
|
||||||
|
|
||||||
* Tue Dec 05 2017 Petr Pisar <ppisar@redhat.com> - 2.167-397
|
|
||||||
- Fix quoting glob names (RT#119831)
|
|
||||||
|
|
||||||
* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.167-396
|
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
|
|
||||||
|
|
||||||
* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.167-395
|
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
|
|
||||||
|
|
||||||
* Wed Jun 07 2017 Jitka Plesnikova <jplesnik@redhat.com> - 2.167-394
|
|
||||||
- Perl 5.26 re-rebuild of bootstrapped packages
|
|
||||||
|
|
||||||
* Sat Jun 03 2017 Jitka Plesnikova <jplesnik@redhat.com> - 2.167-393
|
|
||||||
- Perl 5.26 rebuild
|
|
||||||
|
|
||||||
* Thu May 11 2017 Petr Pisar <ppisar@redhat.com> - 2.167-1
|
|
||||||
- Upgrade to 2.167 as provided in perl-5.25.12
|
|
||||||
|
|
||||||
* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.161-2
|
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
|
|
||||||
|
|
||||||
* Tue Jul 12 2016 Petr Pisar <ppisar@redhat.com> - 2.161-1
|
|
||||||
- 1.161 bump
|
|
||||||
|
|
||||||
* Wed May 18 2016 Jitka Plesnikova <jplesnik@redhat.com> - 2.160-366
|
|
||||||
- Perl 5.24 re-rebuild of bootstrapped packages
|
|
||||||
|
|
||||||
* Sat May 14 2016 Jitka Plesnikova <jplesnik@redhat.com> - 2.160-365
|
|
||||||
- Increase release to favour standalone package
|
|
||||||
|
|
||||||
* Wed May 11 2016 Jitka Plesnikova <jplesnik@redhat.com> - 2.160-1
|
|
||||||
- 2.160 bump in order to dual-live with perl 5.24
|
|
||||||
|
|
||||||
* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 2.158-348
|
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
|
|
||||||
|
|
||||||
* Thu Jun 18 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.158-347
|
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
|
|
||||||
|
|
||||||
* Wed Jun 10 2015 Jitka Plesnikova <jplesnik@redhat.com> - 2.158-346
|
|
||||||
- Perl 5.22 re-rebuild of bootstrapped packages
|
|
||||||
|
|
||||||
* Thu Jun 04 2015 Jitka Plesnikova <jplesnik@redhat.com> - 2.158-345
|
|
||||||
- Increase release to favour standalone package
|
|
||||||
|
|
||||||
* Wed Jun 03 2015 Jitka Plesnikova <jplesnik@redhat.com> - 2.158-2
|
|
||||||
- Perl 5.22 rebuild
|
|
||||||
|
|
||||||
* Wed May 06 2015 Petr Pisar <ppisar@redhat.com> - 2.158-1
|
|
||||||
- 2.158 bump in order to dual-live with perl 5.22
|
|
||||||
|
|
||||||
* Fri Sep 19 2014 Petr Pisar <ppisar@redhat.com> - 2.154-1
|
* Fri Sep 19 2014 Petr Pisar <ppisar@redhat.com> - 2.154-1
|
||||||
- 2.154 bump (fixes CVE-2014-4330 (limit recursion when dumping deep data
|
- 2.154 bump (fixes CVE-2014-4330 (limit recursion when dumping deep data
|
||||||
structures))
|
structures))
|
||||||
|
Loading…
Reference in New Issue
Block a user