Skip Menu |

This queue is for tickets about the Sub-Name CPAN distribution.

Report information
The Basics
Id: 117072
Status: resolved
Priority: 0/
Queue: Sub-Name
People
Owner: ether [...] cpan.org
Requestors: alexander.bluhm [...] gmx.net
Cc:
AdminCc:
Bug Information
Severity: (no value)
Broken in:
  • 0.18
  • 0.19
Fixed in: 0.20-TRIAL

History Show all quoted text
  Fri Aug 19 17:18:09 2016 alexander.bluhm [...] gmx.net - Ticket created
Subject: segmentation fault during t/exotic_names.t
On OpenBSD 6.0 the test t/exotic_names.t fails sometimes. Program received signal SIGSEGV, Segmentation fault. 0x00000a9bf44b686a in XS_Sub__Name_subname (cv=Variable "cv" is not available. ) at Name.xs:72 72 else if (*s && s[-1] == '\'') { (gdb) print s $1 = 0xa9c6d507000 "test::SOME_y_STASH::SOME_y_NAME" With OpenBSD malloc randomisation the storage for nameptr is sometimes at the beginning of the page. Then accessing s[-1] with s == nameptr is fatal. There must be some check to prevent this. This diff fixes the bug. --- Name.xs.orig Thu Aug 18 20:52:37 2016 +++ Name.xs Fri Aug 19 22:57:13 2016 @@ -63,13 +63,13 @@ subname(name, sub) croak("Not a subroutine reference"); for (s = nameptr; s <= nameptr + namelen; s++) { - if (*s == ':' && s[-1] == ':') { + if (s > nameptr && *s == ':' && s[-1] == ':') { end = s - 1; begin = ++s; if (seen_quote) need_subst++; } - else if (*s && s[-1] == '\'') { + else if (s > nameptr && *s != '\0' && s[-1] == '\'') { end = s - 1; begin = s; if (seen_quote++)
  Fri Sep 09 14:57:35 2016 ether [...] cpan.org - Taken
  Sat Sep 10 20:34:15 2016 ether [...] cpan.org - Correspondence added
On 2016-08-19 14:18:09, bluhm wrote: Show quoted text
> On OpenBSD 6.0 the test t/exotic_names.t fails sometimes. > > Program received signal SIGSEGV, Segmentation fault. > 0x00000a9bf44b686a in XS_Sub__Name_subname (cv=Variable "cv" is not > available. > ) at Name.xs:72 > 72 else if (*s && s[-1] == '\'') { > > (gdb) print s > $1 = 0xa9c6d507000 "test::SOME_y_STASH::SOME_y_NAME" > > With OpenBSD malloc randomisation the storage for nameptr is sometimes > at the beginning of the page. Then accessing s[-1] with s == nameptr > is fatal. There must be some check to prevent this. This diff > fixes the bug.
Many thanks, I've released this as 0.20-TRIAL!
  Sat Sep 10 20:34:16 2016 The RT System itself - Status changed from 'new' to 'open'
  Sat Sep 10 20:34:21 2016 ether [...] cpan.org - Status changed from 'open' to 'resolved'
  Sun Sep 11 06:09:46 2016 LEONT [...] cpan.org - Correspondence added
On Fri Aug 19 17:18:09 2016, bluhm wrote: Show quoted text
> On OpenBSD 6.0 the test t/exotic_names.t fails sometimes. > > Program received signal SIGSEGV, Segmentation fault. > 0x00000a9bf44b686a in XS_Sub__Name_subname (cv=Variable "cv" is not > available. > ) at Name.xs:72 > 72 else if (*s && s[-1] == '\'') { > > (gdb) print s > $1 = 0xa9c6d507000 "test::SOME_y_STASH::SOME_y_NAME" > > With OpenBSD malloc randomisation the storage for nameptr is sometimes > at the beginning of the page. Then accessing s[-1] with s == nameptr > is fatal. There must be some check to prevent this. This diff > fixes the bug. > > --- Name.xs.orig Thu Aug 18 20:52:37 2016 > +++ Name.xs Fri Aug 19 22:57:13 2016 > @@ -63,13 +63,13 @@ subname(name, sub) > croak("Not a subroutine reference"); > > for (s = nameptr; s <= nameptr + namelen; s++) { > - if (*s == ':' && s[-1] == ':') { > + if (s > nameptr && *s == ':' && s[-1] == ':') { > end = s - 1; > begin = ++s; > if (seen_quote) > need_subst++; > } > - else if (*s && s[-1] == '\'') { > + else if (s > nameptr && *s != '\0' && s[-1] == '\'') { > end = s - 1; > begin = s; > if (seen_quote++)
Looks good to me. Leon
  Tue Sep 13 00:28:29 2016 ether [...] cpan.org - Fixed in 0.20-TRIAL added