In perl.git, the branch tonyc/127743-cperl-storable-fixes has been updated
<https://perl5.git.perl.org/perl.git/commitdiff/862c79b288b39ec55970c5a0d601f38a6e0a33c5?hp=06682a00b1b33d7ae62d117ac156ce40ac144202>
- Log -----------------------------------------------------------------
commit 862c79b288b39ec55970c5a0d601f38a6e0a33c5
Author: Tony Cook <t...@develop-help.com>
Date: Mon Dec 4 15:49:27 2017 +1100
(perl #131990) treat the length for LSCALAR, LUTF8STR as unsigned
Older Storable without 64-bit object might write such objects.
A malicious file might also be provided with such a large length
to cause a resource consumption attack (allocating large amounts of
memory), but Storable explicitly doesn't protect against attacks.
-----------------------------------------------------------------------
Summary of changes:
dist/Storable/Storable.xs | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/dist/Storable/Storable.xs b/dist/Storable/Storable.xs
index f10780fc7f..29d4c79963 100644
--- a/dist/Storable/Storable.xs
+++ b/dist/Storable/Storable.xs
@@ -5607,7 +5607,7 @@ static SV *get_lstring(pTHX_ stcxt_t *cxt, UV len, int
isutf8, const char *cname
*/
static SV *retrieve_lscalar(pTHX_ stcxt_t *cxt, const char *cname)
{
- I32 len;
+ U32 len;
RLEN(len);
return get_lstring(aTHX_ cxt, len, 0, cname);
}
@@ -5656,7 +5656,7 @@ static SV *retrieve_utf8str(pTHX_ stcxt_t *cxt, const
char *cname)
*/
static SV *retrieve_lutf8str(pTHX_ stcxt_t *cxt, const char *cname)
{
- int len;
+ U32 len;
TRACEME(("retrieve_lutf8str"));
--
Perl5 Master Repository
