Branch: refs/heads/blead Home: https://github.com/Perl/perl5 Commit: e2c62bff85f589709838536ffdc57202063737a7 https://github.com/Perl/perl5/commit/e2c62bff85f589709838536ffdc57202063737a7 Author: Tony Cook <t...@develop-help.com> Date: 2023-07-27 (Thu, 27 Jul 2023)
Changed paths: M MANIFEST M pp.c A t/bigmem/str.t Log Message: ----------- S_scomplement: string complement used an I32 string length Discovered while scanning for stack issues, S_scomplement which implements string complement for pp_complement and pp_scomplement used an I32 to keep the working length, for strings between 2GB and 4GB this resulted in a noop. Commit: 4967e83094a1ed257b510a2f6deacc33fdda4647 https://github.com/Perl/perl5/commit/4967e83094a1ed257b510a2f6deacc33fdda4647 Author: Tony Cook <t...@develop-help.com> Date: 2023-07-27 (Thu, 27 Jul 2023) Changed paths: M embed.fnc M pp.c M proto.h M t/bigmem/str.t M util.c Log Message: ----------- pp_repeat: handle large source strings for scalar repeat This deliberately dropped out since repeatcpy() took an I32 length of source string parameter, but the code in repeatcpy() is sufficiently robust we can simply make it a SSize_t. Removed the error for strings over I32 len, the left over check should reasonably handle integer overflow beyond the capacity of a SSize_t. Commit: 5e5bed8b47b6ce94e1e5c6d04d8a2495f58fe3d4 https://github.com/Perl/perl5/commit/5e5bed8b47b6ce94e1e5c6d04d8a2495f58fe3d4 Author: Tony Cook <t...@develop-help.com> Date: 2023-07-27 (Thu, 27 Jul 2023) Changed paths: M pp_hot.c Log Message: ----------- pp_subst: don't cast the replacement len to I32 If I understand the code clen is the length of a constant replacement string, ie. s/.../THIS/. I don't expect this would ever go over 2GB, but aim for correctness. I made this a SSize_t cast instead of completely removing the cast since some analysers/compilers reasonably complain about such comparisons. Commit: d5fbf546cd1a836de6627229a0fac1df4acd0c0e https://github.com/Perl/perl5/commit/d5fbf546cd1a836de6627229a0fac1df4acd0c0e Author: Tony Cook <t...@develop-help.com> Date: 2023-07-27 (Thu, 27 Jul 2023) Changed paths: M pp_hot.c Log Message: ----------- pp_subst: use SSize_t for substring sizes I wasn't able to make this misbehave, since with a COW enabled perl a COW copy of the input SV is created when the regexp is matched above, and this entire block is skipped down to "have_a_cow:" Commit: fb929d466f7cb374042a595306ad46682379ba1a https://github.com/Perl/perl5/commit/fb929d466f7cb374042a595306ad46682379ba1a Author: Tony Cook <t...@develop-help.com> Date: 2023-07-27 (Thu, 27 Jul 2023) Changed paths: M MANIFEST M pp_ctl.c A t/bigmem/subst2.t Log Message: ----------- rxres_restore: restore regexp progress offsets with SSize_t casts This was casting the offsets to I32 when restoring them, but these values can be outside the positive range of an I32, which caused problems in pp_substcont. Commit: 5261e751dc3387281222eb0ac4d87ce0b4538983 https://github.com/Perl/perl5/commit/5261e751dc3387281222eb0ac4d87ce0b4538983 Author: Tony Cook <t...@develop-help.com> Date: 2023-07-27 (Thu, 27 Jul 2023) Changed paths: M regexec.c Log Message: ----------- S_reg_set_capture_string: use SSize_t for capture group offset I wasn't able to trigger this code on a COW built perl, but we can match against strings over 2GB, so this value could become too large for an I32 on a 64-bit platform. Commit: f6ada4d416b87cdcb33e90b491998f950e00d023 https://github.com/Perl/perl5/commit/f6ada4d416b87cdcb33e90b491998f950e00d023 Author: Tony Cook <t...@develop-help.com> Date: 2023-07-27 (Thu, 27 Jul 2023) Changed paths: M doio.c M embed.fnc M proto.h Log Message: ----------- do_msgsnd, do_msgrcv: use STRLEN/SSize_t as appropriate The size parameters for msgsnd() and msgrcv() are size_t, and the return value of msgrcv() is ssize_t, adjust perl to match. Unfortunately Linux appears to limit the size of the message queue to well under 2GB, so I wasn't able to write a failing test for this. Commit: ef7be9972ab31686177981b38d8857beb997f504 https://github.com/Perl/perl5/commit/ef7be9972ab31686177981b38d8857beb997f504 Author: Tony Cook <t...@develop-help.com> Date: 2023-07-27 (Thu, 27 Jul 2023) Changed paths: M doio.c M t/io/msg.t Log Message: ----------- msgrcv: properly handle magic This would call get magic on the buffer SV, even though it's output only. It failed to call set magic on the buffer SV. Commit: e87b2984a41bbb3d7a62d40a9ddd896131fa7109 https://github.com/Perl/perl5/commit/e87b2984a41bbb3d7a62d40a9ddd896131fa7109 Author: Tony Cook <t...@develop-help.com> Date: 2023-07-27 (Thu, 27 Jul 2023) Changed paths: M doio.c M t/io/msg.t Log Message: ----------- msgrcv: validate the size parameter before using it While the code checks that size is non-negative, that check was done after using that size with SvGROW(), so a negative size caused a panic, rather than the error return value the code appeared to be written for. Commit: 14c843feaee8f145a0b8ebe692176c24b30de39d https://github.com/Perl/perl5/commit/14c843feaee8f145a0b8ebe692176c24b30de39d Author: Tony Cook <t...@develop-help.com> Date: 2023-07-27 (Thu, 27 Jul 2023) Changed paths: M embed.fnc M proto.h M sv.c Log Message: ----------- visit()/sv_clean_all(): returned an I32 cleaned SV count These could in theory overflow a 32-bit signed integer (which is undefined behaviour) Commit: 941b22acaf8d350bbb521c38771c3c0625e245f6 https://github.com/Perl/perl5/commit/941b22acaf8d350bbb521c38771c3c0625e245f6 Author: Tony Cook <t...@develop-help.com> Date: 2023-07-27 (Thu, 27 Jul 2023) Changed paths: M sv.c Log Message: ----------- sv_utf8_decode(): use SSize_t for string offset While we can't test this easily from perl (as the comment mentions, the pos() is cleared in utf8::decode()), testing under the debugger revealed the pos value being truncated here, so use the correct type. Commit: 4e5c4877d02aa81480fbfd74f3fe922c7b166063 https://github.com/Perl/perl5/commit/4e5c4877d02aa81480fbfd74f3fe922c7b166063 Author: Tony Cook <t...@develop-help.com> Date: 2023-07-27 (Thu, 27 Jul 2023) Changed paths: M op.c M t/bigmem/hash.t Log Message: ----------- hash keys: validate hash key length at compile time This was new to me, I hadn't encountered this failure while working on the original "other I32 bugs". The original test here was failing with an "Out of memory" error since the long hash key length was overflowing the I32. Once that was fixed the test was failing purely due to the invalid code, once that was fixed the test passed so I removed the TODO. Commit: 03f6a7924c84dfae6ebc442d73072b6e26ae3896 https://github.com/Perl/perl5/commit/03f6a7924c84dfae6ebc442d73072b6e26ae3896 Author: Tony Cook <t...@develop-help.com> Date: 2023-07-27 (Thu, 27 Jul 2023) Changed paths: M MANIFEST M doio.c M embed.fnc M op.c M pp.c M pp_ctl.c M pp_hot.c M proto.h M regexec.c M sv.c M t/bigmem/hash.t A t/bigmem/str.t A t/bigmem/subst2.t M t/io/msg.t M util.c Log Message: ----------- fix a number of 32-bit vs 64-bit bugs Compare: https://github.com/Perl/perl5/compare/f1cf82e77b08...03f6a7924c84