[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index][Top&Search][Original]

[PATCH] Invalid read in regdupe in maint-5.8

From: Vincent Pit <perl@profvince.com>
Reply-To: perl@profvince.com
To: perl5-porters@perl.org
Date: Thu, 25 Sep 2008 17:53:14 +0200
Message-ID: <48DBB3EA.7030305@profvince.com>

On maint-5.8, valgrind reports an invalid read of total size 4 (the size
of a regnode) in regcomp.c:Perl_regdupe:4845 when creating threads
(testcase attached). Compared to what is allocated in pregcomp, it seems
that the computed len is one regnode too long. The patch attached fixes
the error and passes all tests with 34415.

Vincent.

#!/usr/bin/env perl

use threads;

sub try { };

my @t = map { threads->create(\&try) } 1 .. 2;
$_->join for @t;

--- regcomp.c	2008-09-19 23:03:55.000000000 +0200
+++ regcomp.c	2008-09-25 17:30:56.000000000 +0200
@@ -4840,7 +4840,7 @@
     len = r->offsets[0];
     npar = r->nparens+1;
 
-    size = sizeof(regexp) + (len+1)*sizeof(regnode);
+    size = sizeof(regexp) + len*sizeof(regnode);
     Newxc(ret, size, char, regexp);
     Copy(r, ret, size, char);

[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index][Top&Search][Original]