Prevent long jumps from clobbering local variables
This commit is contained in:
parent
7f49d3b6d7
commit
f526e67959
@ -0,0 +1,111 @@
|
|||||||
|
From 35ad0133df9b65a4e32f2f07a2a05b387bd79591 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Tony Cook <tony@develop-help.com>
|
||||||
|
Date: Thu, 3 Jan 2019 10:48:05 +1100
|
||||||
|
Subject: [PATCH] (perl #133575) prevent set/longjmp clobbering locals in
|
||||||
|
S_fold_constants
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
My original approach moved the whole switch into the new function,
|
||||||
|
but that was a lot messier, and I don't think it's necessary.
|
||||||
|
|
||||||
|
pad_swipe() can throw, but only for panics, and in DESTROY if
|
||||||
|
refadjust is true, which isn't the case here.
|
||||||
|
|
||||||
|
CLEAR_ERRSV() might throw if the code called by CALLRUNOPS()
|
||||||
|
puts an object that dies in DESTROY in $@, but I think that
|
||||||
|
might cause an infinite loop in the original code.
|
||||||
|
|
||||||
|
Signed-off-by: Petr Písař <ppisar@redhat.com>
|
||||||
|
---
|
||||||
|
op.c | 32 ++++++++++++++++++++++++--------
|
||||||
|
1 file changed, 24 insertions(+), 8 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/op.c b/op.c
|
||||||
|
index 146407ba70..0b46b348cb 100644
|
||||||
|
--- a/op.c
|
||||||
|
+++ b/op.c
|
||||||
|
@@ -5464,15 +5464,34 @@ S_op_integerize(pTHX_ OP *o)
|
||||||
|
return o;
|
||||||
|
}
|
||||||
|
|
||||||
|
+/* This function exists solely to provide a scope to limit
|
||||||
|
+ setjmp/longjmp() messing with auto variables.
|
||||||
|
+ */
|
||||||
|
+PERL_STATIC_INLINE int
|
||||||
|
+S_fold_constants_eval(pTHX) {
|
||||||
|
+ int ret = 0;
|
||||||
|
+ dJMPENV;
|
||||||
|
+
|
||||||
|
+ JMPENV_PUSH(ret);
|
||||||
|
+
|
||||||
|
+ if (ret == 0) {
|
||||||
|
+ CALLRUNOPS(aTHX);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ JMPENV_POP;
|
||||||
|
+
|
||||||
|
+ return ret;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
static OP *
|
||||||
|
S_fold_constants(pTHX_ OP *const o)
|
||||||
|
{
|
||||||
|
dVAR;
|
||||||
|
- OP * volatile curop;
|
||||||
|
+ OP *curop;
|
||||||
|
OP *newop;
|
||||||
|
- volatile I32 type = o->op_type;
|
||||||
|
+ I32 type = o->op_type;
|
||||||
|
bool is_stringify;
|
||||||
|
- SV * volatile sv = NULL;
|
||||||
|
+ SV *sv = NULL;
|
||||||
|
int ret = 0;
|
||||||
|
OP *old_next;
|
||||||
|
SV * const oldwarnhook = PL_warnhook;
|
||||||
|
@@ -5480,7 +5499,6 @@ S_fold_constants(pTHX_ OP *const o)
|
||||||
|
COP not_compiling;
|
||||||
|
U8 oldwarn = PL_dowarn;
|
||||||
|
I32 old_cxix;
|
||||||
|
- dJMPENV;
|
||||||
|
|
||||||
|
PERL_ARGS_ASSERT_FOLD_CONSTANTS;
|
||||||
|
|
||||||
|
@@ -5582,15 +5600,15 @@ S_fold_constants(pTHX_ OP *const o)
|
||||||
|
assert(IN_PERL_RUNTIME);
|
||||||
|
PL_warnhook = PERL_WARNHOOK_FATAL;
|
||||||
|
PL_diehook = NULL;
|
||||||
|
- JMPENV_PUSH(ret);
|
||||||
|
|
||||||
|
/* Effective $^W=1. */
|
||||||
|
if ( ! (PL_dowarn & G_WARN_ALL_MASK))
|
||||||
|
PL_dowarn |= G_WARN_ON;
|
||||||
|
|
||||||
|
+ ret = S_fold_constants_eval(aTHX);
|
||||||
|
+
|
||||||
|
switch (ret) {
|
||||||
|
case 0:
|
||||||
|
- CALLRUNOPS(aTHX);
|
||||||
|
sv = *(PL_stack_sp--);
|
||||||
|
if (o->op_targ && sv == PAD_SV(o->op_targ)) { /* grab pad temp? */
|
||||||
|
pad_swipe(o->op_targ, FALSE);
|
||||||
|
@@ -5608,7 +5626,6 @@ S_fold_constants(pTHX_ OP *const o)
|
||||||
|
o->op_next = old_next;
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
- JMPENV_POP;
|
||||||
|
/* Don't expect 1 (setjmp failed) or 2 (something called my_exit) */
|
||||||
|
PL_warnhook = oldwarnhook;
|
||||||
|
PL_diehook = olddiehook;
|
||||||
|
@@ -5616,7 +5633,6 @@ S_fold_constants(pTHX_ OP *const o)
|
||||||
|
* the stack - eg any nested evals */
|
||||||
|
Perl_croak(aTHX_ "panic: fold_constants JMPENV_PUSH returned %d", ret);
|
||||||
|
}
|
||||||
|
- JMPENV_POP;
|
||||||
|
PL_dowarn = oldwarn;
|
||||||
|
PL_warnhook = oldwarnhook;
|
||||||
|
PL_diehook = olddiehook;
|
||||||
|
--
|
||||||
|
2.17.2
|
||||||
|
|
@ -239,6 +239,10 @@ Patch47: perl-5.29.6-perl-132158-abort-compilation-if-we-see-an-error-com
|
|||||||
# in upstream after 5.29.6
|
# in upstream after 5.29.6
|
||||||
Patch48: perl-5.29.6-regen-warnings.pl-Fix-undefined-C-behavior.patch
|
Patch48: perl-5.29.6-regen-warnings.pl-Fix-undefined-C-behavior.patch
|
||||||
|
|
||||||
|
# Prevent long jumps from clobbering local variables, RT#133575,
|
||||||
|
# in upstream after 5.29.6
|
||||||
|
Patch49: perl-5.29.6-perl-133575-prevent-set-longjmp-clobbering-locals-in.patch
|
||||||
|
|
||||||
# Link XS modules to libperl.so with EU::CBuilder on Linux, bug #960048
|
# Link XS modules to libperl.so with EU::CBuilder on Linux, bug #960048
|
||||||
Patch200: perl-5.16.3-Link-XS-modules-to-libperl.so-with-EU-CBuilder-on-Li.patch
|
Patch200: perl-5.16.3-Link-XS-modules-to-libperl.so-with-EU-CBuilder-on-Li.patch
|
||||||
|
|
||||||
@ -2841,6 +2845,7 @@ Perl extension for Version Objects
|
|||||||
%patch46 -p1
|
%patch46 -p1
|
||||||
%patch47 -p1
|
%patch47 -p1
|
||||||
%patch48 -p1
|
%patch48 -p1
|
||||||
|
%patch49 -p1
|
||||||
%patch200 -p1
|
%patch200 -p1
|
||||||
%patch201 -p1
|
%patch201 -p1
|
||||||
|
|
||||||
@ -2883,6 +2888,7 @@ perl -x patchlevel.h \
|
|||||||
'Fedora Patch45: Fix first eof() return value (RT#133721)' \
|
'Fedora Patch45: Fix first eof() return value (RT#133721)' \
|
||||||
'Fedora Patch47: Fix a crash when compiling a malformed form (RT#132158)' \
|
'Fedora Patch47: Fix a crash when compiling a malformed form (RT#132158)' \
|
||||||
'Fedora Patch48: Fix un undefined C behavior in NULL pointer arithmetics (RT#133223)' \
|
'Fedora Patch48: Fix un undefined C behavior in NULL pointer arithmetics (RT#133223)' \
|
||||||
|
'Fedora Patch49: Prevent long jumps from clobbering local variables (RT#133575)' \
|
||||||
'Fedora Patch200: Link XS modules to libperl.so with EU::CBuilder on Linux' \
|
'Fedora Patch200: Link XS modules to libperl.so with EU::CBuilder on Linux' \
|
||||||
'Fedora Patch201: Link XS modules to libperl.so with EU::MM on Linux' \
|
'Fedora Patch201: Link XS modules to libperl.so with EU::MM on Linux' \
|
||||||
%{nil}
|
%{nil}
|
||||||
@ -5178,6 +5184,7 @@ popd
|
|||||||
- Fix first eof() return value (RT#133721)
|
- Fix first eof() return value (RT#133721)
|
||||||
- Fix a crash when compiling a malformed form (RT#132158)
|
- Fix a crash when compiling a malformed form (RT#132158)
|
||||||
- Fix un undefined C behavior in NULL pointer arithmetics (RT#133223)
|
- Fix un undefined C behavior in NULL pointer arithmetics (RT#133223)
|
||||||
|
- Prevent long jumps from clobbering local variables (RT#133575)
|
||||||
|
|
||||||
* Mon Jan 14 2019 Björn Esser <besser82@fedoraproject.org> - 4:5.28.1-429
|
* Mon Jan 14 2019 Björn Esser <besser82@fedoraproject.org> - 4:5.28.1-429
|
||||||
- Rebuilt for libcrypt.so.2 (#1666033)
|
- Rebuilt for libcrypt.so.2 (#1666033)
|
||||||
|
Loading…
Reference in New Issue
Block a user