Skip Menu |

This queue is for tickets about the version CPAN distribution.

Report information
The Basics
Id: 81085
Status: resolved
Priority: 0/
Queue: version
People
Owner: Nobody in particular
Requestors: 'spro^^*%*^6ut# [...] &$%*c
Cc:
AdminCc:
Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)

History Show all quoted text
  Fri Nov 09 17:10:41 2012 $_ = 'spro^^*%*^6ut# [...] &$%*c>#!^!#&!pan.org'; y/a-z.@//cd; print - Ticket created
Subject: version::new does not check number of arguments
version::new with no arguments reads past the end of the stack. It behaves erratically if it does not find what it expects. Of course any code that does this is buggy, but it is an easy mistake to make: Pint:perl.git-copy sprout$ ./perl -Ilib -e ' version::new' Bus error Pint:perl.git-copy sprout$ ./perl -Ilib -le '$x = 1; print version::new' *version::new=HASH(0x803630) Pint:perl.git-copy sprout$ ./perl -Ilib -le '$x = "version"; print version::new' Invalid version format (dotted-decimal versions require at least three parts) at -e line 1.
  Thu Nov 15 08:12:56 2012 john.peacock [...] havurah-software.org - Correspondence added
Subject: Re: [rt.cpan.org #81085] version::new does not check number of arguments
Date: Thu, 15 Nov 2012 08:12:38 -0500
To: bug-version [...] rt.cpan.org
From: John Peacock <john.peacock [...] havurah-software.org>
On 11/09/2012 05:10 PM, Father Chrysostomos via RT wrote: Show quoted text
> version::new with no arguments reads past the end of the stack. It behaves erratically if it does > not find what it expects.
FWIW, it doesn't `bus error` with the CPAN release (due to code added to core only to support UTF-8 class names apparently), but it is still broken in the same ways. This is the minimal fix: --- a/universal.c Sun Feb 05 09:53:14 2012 -0500 +++ b/universal.c Thu Nov 15 08:11:46 2012 -0500 @@ -488,7 +488,7 @@ { dVAR; dXSARGS; - if (items > 3) + if (items > 3 || items == 0) croak_xs_usage(cv, "class, version"); SP -= items; { John
  Thu Nov 15 08:12:57 2012 The RT System itself - Status changed from 'new' to 'open'
  Thu Nov 15 12:31:30 2012 $_ = 'spro^^*%*^6ut# [...] &$%*c>#!^!#&!pan.org'; y/a-z.@//cd; print - Correspondence added
On Thu Nov 15 08:12:56 2012, john.peacock@havurah-software.org wrote: Show quoted text
> On 11/09/2012 05:10 PM, Father Chrysostomos via RT wrote:
> > version::new with no arguments reads past the end of the stack. It
> behaves erratically if it does
> > not find what it expects.
> > FWIW, it doesn't `bus error` with the CPAN release (due to code added > to > core only to support UTF-8 class names apparently), but it is still > broken in the same ways. This is the minimal fix: > > --- a/universal.c Sun Feb 05 09:53:14 2012 -0500 > +++ b/universal.c Thu Nov 15 08:11:46 2012 -0500 > @@ -488,7 +488,7 @@ > { > dVAR; > dXSARGS; > - if (items > 3) > + if (items > 3 || items == 0) > croak_xs_usage(cv, "class, version"); > SP -= items; > {
Shall I apply that to blead, or wait for a version.pm release? (The latter might be easier.)
  Fri Nov 16 19:10:51 2012 john.peacock [...] havurah-software.org - Correspondence added
Subject: Re: [rt.cpan.org #81085] version::new does not check number of arguments
Date: Fri, 16 Nov 2012 19:10:38 -0500
To: bug-version [...] rt.cpan.org
From: John Peacock <john.peacock [...] havurah-software.org>
On 11/15/2012 12:31 PM, Father Chrysostomos via RT wrote: Show quoted text
> > Shall I apply that to blead, or wait for a version.pm release? (The latter might be easier.) >
I've got a bunch of little things to fix before I do a CPAN release. I will send a patch with tests to apply to core prior to that. John
  Wed Mar 06 19:17:45 2013 jpeacock [...] cpan.org - Correspondence added
Resolved in 0.9902
  Wed Mar 06 19:17:46 2013 jpeacock [...] cpan.org - Status changed from 'open' to 'resolved'