Skip Menu |

This queue is for tickets about the Text-CSV_XS CPAN distribution.

Report information
The Basics
Id: 113279
Status: resolved
Priority: 0/
Queue: Text-CSV_XS

People
Owner: Nobody in particular
Requestors: SJOHNSTON [...] cpan.org
Cc:
AdminCc:

Bug Information
Severity: (no value)
Broken in: 0.40
Fixed in: 1.23



Subject: Failed parse + bind_columns causes memory corruption
When parse fails and bind_columns is being used, "Attempt to free unreferenced scalar" occurs: my $csv = Text::CSV_XS->new; my $foo; $csv->bind_columns (\$foo); $csv->parse( 'foo "bar"' ); The parse error can be avoided with 'allow_loose_quotes' but it is concerning when bad data can cause memory issues. In my application, it resulted in a segfault but I can't reproduce that with a simple script.
Subject: Re: [rt.cpan.org #113279] Failed parse + bind_columns causes memory corruption
Date: Wed, 23 Mar 2016 09:04:16 +0100
To: bug-Text-CSV_XS [...] rt.cpan.org
From: "H.Merijn Brand" <h.m.brand [...] xs4all.nl>
Thanks for the report. I can reproduce locally $ perl -v This is perl 5, version 22, subversion 1 (v5.22.1) built for x86_64-linux-thread-multi-ld Copyright 1987-2015, Larry Wall Perl may be copied only under the terms of either the Artistic License or the GNU General Public License, which may be found in the Perl 5 source kit. Complete documentation for Perl, including FAQ lists, should be found on this system using "man perl" or "perldoc perl". If you have access to the Internet, point your browser at http://www.perl.org/, the Perl Home Page. $ cat rt113279.pl #!/pro/bin/perl use 5.18.2; use warnings; use Text::CSV_XS; my $csv = Text::CSV_XS->new; my $foo; $csv->bind_columns (\$foo); $csv->parse ('foo "bar"'); $ perl rt113279.pl Attempt to free unreferenced scalar: SV 0xfd5de0, Perl interpreter: 0xfa6370. -- H.Merijn Brand http://tux.nl Perl Monger http://amsterdam.pm.org/ using perl5.00307 .. 5.23 porting perl5 on HP-UX, AIX, and openSUSE http://mirrors.develooper.com/hpux/ http://www.test-smoke.org/ http://qa.perl.org http://www.goldmark.org/jeff/stupid-disclaimers/
Download (untitled)
application/pgp-signature 490b

Message body not shown because it is not plain text.

Again, thanks for the report. The bug has been fixed (and pushed). I just want to write some tests for it before I release.