19 months agoBump copyright year, as it's now 2013 v5.14.4-RC1
David Mitchell [Sun, 3 Mar 2013 23:22:28 +0000]
Bump copyright year, as it's now 2013

19 months agobump version to RC1
David Mitchell [Sun, 3 Mar 2013 23:07:12 +0000]
bump version to RC1

19 months agoUpdate Module::CoreList for 5.14.4
David Mitchell [Sun, 3 Mar 2013 23:05:16 +0000]
Update Module::CoreList for 5.14.4

19 months agofinal tidy of perldelta
David Mitchell [Sun, 3 Mar 2013 20:59:00 +0000]
final tidy of perldelta

19 months agoupdate perldelta with previous two cherrypicks
David Mitchell [Sun, 3 Mar 2013 20:28:01 +0000]
update perldelta with previous two cherrypicks

19 months agoAvoid wraparound when casting unsigned size_t to signed ssize_t.
Andy Dougherty [Wed, 16 Jan 2013 17:30:43 +0000]
Avoid wraparound when casting unsigned size_t to signed ssize_t.

Practically, this only affects a perl compiled with 64-bit IVs on a 32-bit
system.  In that instance a value of count >= 2**31 would turn negative
when cast to (ssize_t).
(cherry picked from commit 94e529cc4d56863d7272c254a29eda2b002a4335)

19 months agoPrevent premature hsplit() calls, and only trigger REHASH after hsplit()
Yves Orton [Tue, 12 Feb 2013 09:53:05 +0000]
Prevent premature hsplit() calls, and only trigger REHASH after hsplit()

Triggering a hsplit due to long chain length allows an attacker
to create a carefully chosen set of keys which can cause the hash
to use 2 * (2**32) * sizeof(void *) bytes ram. AKA a DOS via memory
exhaustion. Doing so also takes non trivial time.

Eliminating this check, and only inspecting chain length after a
normal hsplit() (triggered when keys>buckets) prevents the attack
entirely, and makes such attacks relatively benign.

(cherry picked from commit f1220d61455253b170e81427c9d0357831ca0fac)

20 months agobump version to 5.14.4
David Mitchell [Sun, 24 Feb 2013 23:19:13 +0000]
bump version to 5.14.4

20 months agoperldelta: first cut
David Mitchell [Sun, 24 Feb 2013 22:47:19 +0000]
perldelta: first cut

add entries for recent commits, then make a first attempt at getting the
document ready for release.

20 months agoSocket::unpack_sockaddr_un heap-buffer-overflow
David Mitchell [Sun, 24 Feb 2013 16:46:19 +0000]
Socket::unpack_sockaddr_un heap-buffer-overflow

[perl #111594]

A (fairly harmless) read buffer overflow can occur when copying sockaddr
buffers. Cherry-pick the fix from Socket 2.009 to keep ASAN happy.

20 months agosdbm.c: fix off-by-one access to global ".dir"
Reini Urban [Fri, 9 Mar 2012 15:11:50 +0000]
sdbm.c: fix off-by-one access to global ".dir"

Detected by clang -faddress-sanitizer.

The bug came in 081f72ad6fa2b76e0b3cd9046371b2dbd9130114, where
we started calculating lengths with sizeof on string constants
instead of using strlen.  Since string constants include the null
byte, sizeof(".dir"), for example, is 5, but we've been copying 6

This patch resolves [perl #111586] and includes revisions by the

20 months agofix off-by-two error in List::Util
David Mitchell [Sun, 24 Feb 2013 15:45:48 +0000]
fix off-by-two error in List::Util

A string literal is being used that includes two bytes beyond the
end of the string.

20 months agoUpdate perlhist
Chris 'BinGOs' Williams [Wed, 20 Feb 2013 23:11:43 +0000]
Update perlhist

22 months agoAdd release date for 5.17.7 to perlhist
Dave Rolsky [Tue, 18 Dec 2012 22:24:24 +0000]
Add release date for 5.17.7 to perlhist

22 months agofix segv in regcomp.c:S_join_exact()
David Mitchell [Tue, 5 Jul 2011 10:35:08 +0000]
fix segv in regcomp.c:S_join_exact()

[ cherry-picked from bb789b09de07edfb74477eb1603949c96d60927d
to stop clang's address-sanitizer from complaining. See [perl #115994] ]

This function joins multiple EXACT* nodes into a single node.
At the end, under DEBUGGING, it marks the optimised-out nodes as being
type OPTIMIZED. However, some of the 'nodes' aren't actually nodes;
they're random bits of string at the tail of those nodes. So you
can't peek that the 'node's OP field to decide what type it was.

Instead, just unconditionally overwrite all the slots with fake

22 months ago[perl #115992] PL_eval_start use-after-free
David Mitchell [Fri, 7 Dec 2012 11:07:30 +0000]
[perl #115992] PL_eval_start use-after-free

PL_eval_start is used for two purposes.

First, it indicates the start op of a freshly-compiled eval. It is set in
newPROG(), and used by entereval etc to know where to begin executing.
After execution has begun, its value is meaningless (and may well point
to a freed op).

Second, it's used as a temporary pointer to indicate, within an assignment
to $] (which has been optimised into a const), that it's not to croak in
op_lvalue() with "Can't modify constant item", but instead to set

This second use temporarily sets it in Perl_newASSIGNOP(), which calls
op_lvalue(), which uses and then clears it. The issue is that it can also
be left set by a previous eval, so something like 'local $[' will see it
set and try to use its value.

The quickest fix is to just set it NULL directly after each eval where its

This change has been applied directly to maint-5.14 rather than going via
bleed, since the old $[ mechanism was ripped out for 5.15.3.

23 months agoupdate perlhist for 5.17.6
Ricardo Signes [Wed, 21 Nov 2012 00:49:37 +0000]
update perlhist for 5.17.6

23 months agoadd perl5.16.2 to perlhist
Ricardo Signes [Thu, 1 Nov 2012 14:20:20 +0000]
add perl5.16.2 to perlhist

23 months agoAdd 5.17.5 to perlhist
Florian Ragwitz [Fri, 19 Oct 2012 15:50:32 +0000]
Add 5.17.5 to perlhist

2 years agoperldelta for smartmatch tainting fix
Dominic Hargreaves [Sun, 28 Oct 2012 18:11:41 +0000]
perldelta for smartmatch tainting fix

2 years ago$tainted ~~ [...] failing
Father Chrysostomos [Tue, 20 Sep 2011 15:55:09 +0000]
$tainted ~~ [...] failing

When smartmatch is about to start, to avoid calling get-magic (e.g.,
FETCH methods) more than once, it copies any argument that has

Tainting uses get-magic to taint the expression.  Calling mg_get(sv)
on a tainted scalar causes PL_tainted to be set, causing any scalars
modified by sv_setsv_flags to be tainted.  That means that tainting
magic gets copied from one scalar to another.

So when smartmatch tries to copy the variable to avoid repeated calls
to magic, it still copies taint magic to the new variable.

For $scalar ~~ @array (or ~~ [...]), S_do_smartmatch calls itself
recursively for each element of @array, with $scalar (on the suppos-
edly non-magical copy of $scalar) on the left and the element on
the right.

In that recursive call, it again does the get-magic check and copies
the argument.  Since the copied of a tainted variable on the LHS is
magical, it gets copied again.  Since the first copy is a mortal
(marked TEMP) with a refcount of one, the second copy steal its
string buffer.

The outer call to S_do_smartmatch then proceeds with the second ele-
ment of @array, without realising that its copy of $scalar has lost
its string buffer and is now undefined.

So these produce incorrect results under -T (where $^X is ‘perl’):

    $^X =~ ["whatever", undef]  # matches
    $^X =~ ["whatever", "perl"] # fails

This problem did not start occurring until this commit:

commit 8985fe98dcc5c0af2fadeac15dfbc13f553ee7fc
Author: David Mitchell <davem@iabyn.com>
Date:   Thu Dec 30 10:32:44 2010 +0000

    Better handling of magic methods freeing the SV

mg_get used to increase the refcount unconditionally, pushing it on to
the mortals stack.  So the magical copy would have had a refcount of
2, preventing its string buffer from being stolen.  Now it has a ref-
erence count of 1.

This commit solves it by adding a new parameter to S_do_smartmatch
telling it that the variable has already been copied and does not even
need to be checked.  The $scalar~~@array case sets that parameter for
the recursive calls.  That avoids the whole string-stealing problem
*and* avoids extra unnecessary SVs.

Origin: upstream, http://perl5.git.perl.org/perl.git/commit/be88a5c3cc8efc0dbee86240eabf0050554fc717
Bug: http://rt.perl.org/rt3/Public/Bug/Display.html?id=93590
Bug-Debian: http://bugs.debian.org/690571

(Backported to 5.14 by Niko Tyni.)

2 years agoperldelta entry for VMS fixes missed in 5.14.3.
Craig A. Berry [Thu, 25 Oct 2012 20:20:58 +0000]
perldelta entry for VMS fixes missed in 5.14.3.

c29067d7797853039 required two follow-up fixes (bf6dd99808 and
0749edf595e84) to avoid compile failures on VMS, but we didn't
get them into 5.14.3.

2 years agoRemove the VMS-specific private len in S_mayberelocate.
Craig A. Berry [Sat, 3 Dec 2011 21:55:26 +0000]
Remove the VMS-specific private len in S_mayberelocate.

This particular C<STRLEN len;> came along almost 15 years ago, way
back in aa6893958c2b.  Back then it was a plain and simple block
scope variable.  But now this code lives in a function that takes
as an argument a variable of the same name and having the same
meaning (i.e., the length of the directory name to be added to
@INC).  Someone looking only at the argument list might reasonably
expect to be able to use len (though luckily there are no subsequent
uses of it currently).  So we really ought to update that len rather
than create our own when we hijack the directory name to make our
unixified version of it.

2 years agoVMS-specific scope fix for S_mayberelocate.
Craig A. Berry [Sat, 3 Dec 2011 16:36:58 +0000]
VMS-specific scope fix for S_mayberelocate.

Back in 3185893b8dec106 I moved some code from the beginning of one
block to the middle of a different block.  Bad me.  The compiler
has been lax about allowing declarations in the middle of a block,
so we haven't noticed.  But as of c29067d7797853039, the code moved
to a new function while leaving the block it was in behind and we
end up with conflicting declarations of len.

Making our own block seems like the safest thing to do.  The
indentation in this section of code is a bit wacky -- I chose the
least intrusive alternative for clearer blame logs.

2 years agoCreate perldelta for 5.14.4
Dominic Hargreaves [Fri, 12 Oct 2012 22:12:31 +0000]
Create perldelta for 5.14.4

2 years agoAdd 5.14.3 to perlhist v5.14.3
Dominic Hargreaves [Thu, 11 Oct 2012 18:56:22 +0000]
Add 5.14.3 to perlhist

2 years agoadd Digest pointer to security section
Dominic Hargreaves [Thu, 11 Oct 2012 19:25:52 +0000]
add Digest pointer to security section

2 years agoperldelta for Module::CoreList
Dominic Hargreaves [Thu, 11 Oct 2012 19:01:53 +0000]
perldelta for Module::CoreList

2 years agoBump Module::CoreList version again in order to fix %released
Dominic Hargreaves [Thu, 11 Oct 2012 18:31:03 +0000]
Bump Module::CoreList version again in order to fix %released

I added 5.14.3 to %released too soon, with a date that does not reflect
the final release date. This commit creates a new version of
Module::CoreList which fixes this.

2 years agodisarm RC2 bump
Dominic Hargreaves [Wed, 10 Oct 2012 21:01:49 +0000]
disarm RC2 bump

2 years agobump version to RC2 v5.14.3-RC2
Dominic Hargreaves [Wed, 10 Oct 2012 17:03:12 +0000]
bump version to RC2

2 years agorefresh Acknowledgements
Dominic Hargreaves [Wed, 10 Oct 2012 16:45:51 +0000]
refresh Acknowledgements

2 years agoperldelta for heap buffer overrun fix
Dominic Hargreaves [Wed, 10 Oct 2012 16:19:18 +0000]
perldelta for heap buffer overrun fix

2 years agoavoid calling memset with a negative count
Andy Dougherty [Thu, 27 Sep 2012 13:52:18 +0000]
avoid calling memset with a negative count

Poorly written perl code that allows an attacker to specify the count to
perl's 'x' string repeat operator can already cause a memory exhaustion
denial-of-service attack. A flaw in versions of perl before 5.15.5 can
escalate that into a heap buffer overrun; coupled with versions of glibc
before 2.16, it possibly allows the execution of arbitrary code.

The flaw addressed to this commit has been assigned identifier

2 years agoperldelta for NetBSD 6.* change
Dominic Hargreaves [Thu, 27 Sep 2012 17:40:09 +0000]
perldelta for NetBSD 6.* change

2 years agoUpstream pkgsrc patch to support NetBSD 6.*
Chris 'BinGOs' Williams [Mon, 2 Apr 2012 19:19:52 +0000]
Upstream pkgsrc patch to support NetBSD 6.*

From original patch:

"NetBSD-6.x is same condition as older releases."

2 years agodisarm RC1 bump
Dominic Hargreaves [Wed, 26 Sep 2012 22:18:20 +0000]
disarm RC1 bump

2 years agobump version to RC1 v5.14.3-RC1
Dominic Hargreaves [Sat, 22 Sep 2012 18:38:02 +0000]
bump version to RC1

2 years agoUpdate Module::CoreList for 5.14.3
Dominic Hargreaves [Sat, 22 Sep 2012 18:36:14 +0000]
Update Module::CoreList for 5.14.3

2 years agoFinalise perldelta
Dominic Hargreaves [Sat, 22 Sep 2012 17:31:53 +0000]
Finalise perldelta

Includes spelling, syntax and readability fixes

2 years agoAdd 5.17.4 to perlhist
Florian Ragwitz [Wed, 19 Sep 2012 18:50:55 +0000]
Add 5.17.4 to perlhist

2 years agoadd 5.16.0 sizes and filecounts to perlhist
Ricardo Signes [Mon, 17 Sep 2012 15:08:07 +0000]
add 5.16.0 sizes and filecounts to perlhist

running and using the output of Porting/perlhist_calculate.pl
has not been done regularly, presumably because I had no idea
that it existed!

2 years agoadd 5.14.0 sizes and filecounts to perlhist
Ricardo Signes [Mon, 17 Sep 2012 15:08:07 +0000]
add 5.14.0 sizes and filecounts to perlhist

running and using the output of Porting/perlhist_calculate.pl
has not been done regularly, presumably because I had no idea
that it existed!

2 years agoBump copyright year, as it's now 2012
Dominic Hargreaves [Tue, 11 Sep 2012 16:07:36 +0000]
Bump copyright year, as it's now 2012

2 years agoBump the perl version in various places for 5.14.3
Dominic Hargreaves [Tue, 11 Sep 2012 15:29:49 +0000]
Bump the perl version in various places for 5.14.3

2 years agoBump versions of Digest and IPC::Open3
Dominic Hargreaves [Sat, 8 Sep 2012 17:09:33 +0000]
Bump versions of Digest and IPC::Open3

2 years agoUpdate perldelta for all queued maint-5.14 changes
Dominic Hargreaves [Fri, 7 Sep 2012 22:02:54 +0000]
Update perldelta for all queued maint-5.14 changes

2 years agoIPC::Open3::open3(..., '-') broken
Salvador Fandino [Wed, 27 Jul 2011 16:20:29 +0000]
IPC::Open3::open3(..., '-') broken

IPC::Open3::open3($in, $out, $err, '-') is broken in 5.14.1

Because the old "return 0" used to return to user code now is wrapped inside and eval block.

This patch solves the problem.

2 years agoAdd 5.17.3 to perlhist
Steve Hay [Mon, 20 Aug 2012 10:36:53 +0000]
Add 5.17.3 to perlhist

2 years agoPATCH: [perl #101970] /[[:lower:]]/i matches upper case
Karl Williamson [Thu, 27 Oct 2011 15:39:11 +0000]
PATCH: [perl #101970] /[[:lower:]]/i matches upper case

This bug is a regression in 5.14, in which /[[:lower:]]/i and
/[[:upper:]]/i no longer matched the opposite case.

The fix is to have these use a different table under /i matching, that
includes the correct /i code points.  These tables were already
available, just unused.

2 years agoregexec.c: Fix "\x{FB01}\x{FB00}" =~ /ff/i
Karl Williamson [Fri, 14 Oct 2011 01:56:45 +0000]
regexec.c: Fix "\x{FB01}\x{FB00}" =~ /ff/i

Only the first character of the string was being checked when scanning
for the beginning position of the pattern match.

This was so wrong, it looks like it has to be a regression.  I
experimented a little and did not find any.  I believe (but am not
certain) that a multi-char fold has to be involved.  The the handling of
these was so broken before 5.14 that there very well may not be a

2 years agoPATCH: [perl #101710] Regression with /i, latin1 chars.
Karl Williamson [Tue, 1 Nov 2011 23:57:15 +0000]
PATCH: [perl #101710] Regression with /i, latin1 chars.

The root cause of this bug is that it was assuming that a string was in
utf8 when it wasn't, and so was thinking that a byte was a starter byte
that wasn't, so was skipping ahead based on that starter byte.

2 years agoClose the eval "require $module" security hole in Digest->new($algorithm)
Michael G. Schwern [Mon, 3 Oct 2011 18:05:29 +0000]
Close the eval "require $module" security hole in Digest->new($algorithm)

Also the filter was incomplete.

Bug-Debian: http://bugs.debian.org/644108

2 years agoproperly propagate tainted errors
Tony Cook [Sun, 11 Mar 2012 03:38:57 +0000]
properly propagate tainted errors

Backport af89892ed and 05a1a0145d by Tony Cook to 5.14

Bug: https://rt.perl.org/rt3/Public/Bug/Display.html?id=111654
Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=663158

2 years agoRT 64804: tainting with index() of a constant
David Mitchell [Tue, 28 Jun 2011 16:04:40 +0000]
RT 64804: tainting with index() of a constant

Bug: http://rt.perl.org/rt3/Public/Bug/Display.html?id=64804
Bug-Debian: http://bugs.debian.org/291450
Origin: upstream, http://perl5.git.perl.org/perl.git/commit/3b36395d31cf0a2f3a017505cd0ea857a7acb5d1

At compile time, ck_index with a tainted constant set PL_tainted,
which remained on during the rest of compilation, tainting all other

Fix this by saving and restoring PL_tainted across the call to
fbm_compile, which is what sets PL_tainted.

2 years agoenable LFS on GNU/Hurd
Pino Toscano [Tue, 1 Nov 2011 18:37:19 +0000]
enable LFS on GNU/Hurd

at the moment, perl is compiled on GNU/Hurd without large file support.
This, other than the lacking of support for files > 2 GB, causes the
failure in the t/op/stat.t test.
The failure in stat.t happens because of the following: when filtering
devices in /dev/* using grep {} with -b/-c, stat fails for large
devices such as /dev/hdX blocks, or /dev/zero chars (this latter case
should be an Hurd-specific issue, but shouldn't matter for this case),
hence the counts done with grep {} and the ones done filtering the
output of `ls' don't match.

The attached patch enables the LFS using the same way used on linux.sh;
about t/op/lfs.t, it gets skipped at the "kernel/fs not configured to
use large files?" check, although it correctly detects sparse files and
(at least by looking at the disk usage) allocates the 5GB (or so) file
created with system() in that test.

2 years agoFix hang in ext/POSIX/t/sysconf.t on GNU/Hurd
Pino Toscano [Mon, 31 Oct 2011 21:37:04 +0000]
Fix hang in ext/POSIX/t/sysconf.t on GNU/Hurd

while compiling perl 5.14.2 on GNU/Hurd, I ran into what it seems a
undefined POSIX behaviour in ext/POSIX/t/sysconf.t.

      my $fd = POSIX::open($fifo, O_RDWR)
      or skip("could not open $fifo ($!)", 3 * @path_consts_fifo);

according to the POSIX open()[1] about O_RDWR,
  The result is undefined if this flag is applied to a FIFO.
.... which is actually our case.
Apparently Linux and *FreeBSD (and maybe also OSes) accept this
behaviour, but on GNU/Hurd this causes the open() call to block
undefinitely. Given there's nothing done with the FIFO if not querying
{,f}pathconf() values, the proposed solution I attached is to change
the opening mode to "O_RDONLY | O_NONBLOCK".

[1] http://pubs.opengroup.org/onlinepubs/9699919799/functions/open.html

2 years agoAdd GNU/Hurd hints for NDBM_File
Pino Toscano [Mon, 31 Oct 2011 19:21:27 +0000]
Add GNU/Hurd hints for NDBM_File

currently, there are few tests failing because of a broken NDBM module;
using the same hints as used on Linux (given that apparently the cause
is the same) makes the following tests pass:

Dominic Hargreaves adds: Note that the original git commit log [what
you see above] lists some tests which aren't affected in blead.

2 years agoImprove general GNU hints, needed for GNU/Hurd.
Pino Toscano [Wed, 10 Aug 2011 05:11:33 +0000]
Improve general GNU hints, needed for GNU/Hurd.

Bug-Debian: http://bugs.debian.org/636609

With minor modifications to add Pino to AUTHORS.

2 years ago[perl #90122] Make h2ph correctly search gcc include directories
Niko Tyni [Thu, 19 May 2011 04:44:06 +0000]
[perl #90122] Make h2ph correctly search gcc include directories

System header conversion with "h2ph -a" is currently broken on Ubuntu
Natty and Oneiric (unless the gcc-multilib package is installed for
backward compatibility), resulting in things like

 # perl -e 'require "syscall.ph"'
 Can't locate asm/unistd.ph in @INC [...]

This happens because Ubuntu has switched to a 'multiarch' setup, see
<https://wiki.ubuntu.com/MultiarchSpec> for details.

The asm subdirectory isn't in $Config{usrinc} anymore: /usr/include/asm
is now /usr/include/x86_64-linux-gnu/asm. (The third component of the
new path varies with the actual architecture.)

gcc --print-search-dirs doesn't really tell anything about where gcc
looks for the include directories, it was just used to find the gcc
internal directory prefix.

Parse the output of "gcc -v -E" instead, and append $Config{usrinc}
for safety. Duplicates shouldn't matter.

The h2ph "-a" switch isn't currently tested automatically, and that
seems nontrivial to do portably. Manual testing was done with

 # mkdir ttt
 # ./perl -Ilib ./utils/h2ph -a -d $(pwd)/ttt syscall.h

The gcc invocation has been tested to work with gcc 4.6, 4.1, and 3.3.


2 years agoMake hints/gnu.sh append to $ccflags rather than overriding them
Samuel Thibault [Wed, 4 Aug 2010 10:34:05 +0000]
Make hints/gnu.sh append to $ccflags rather than overriding them

Bug-Debian: http://bugs.debian.org/587901

Don't override possible extra $ccflags values given to Configure
on GNU/Hurd.

2 years agoimport perlhist data for 5.16.1
Ricardo Signes [Thu, 9 Aug 2012 13:42:53 +0000]
import perlhist data for 5.16.1

2 years agobe_BY.CP1131 is still broken on Mountain Lion
Ricardo Signes [Thu, 9 Aug 2012 19:57:04 +0000]
be_BY.CP1131 is still broken on Mountain Lion

2 years agobackport perlhist.pod from 5.17.2
Tony Cook [Sat, 21 Jul 2012 04:10:50 +0000]
backport perlhist.pod from 5.17.2

2 years agoimport AUTHORS data from blead
Ricardo Signes [Wed, 21 Mar 2012 01:44:29 +0000]
import AUTHORS data from blead

2 years ago[perl #92258] <$fh> hangs on a glob copy
Father Chrysostomos [Mon, 6 Jun 2011 05:37:54 +0000]
[perl #92258] <$fh> hangs on a glob copy

Opening a file handle to \$glob causes assertion failures
(under debugging) or hangs or other erratic behaviour without
debugging. This might even crash in some cases.

It never really worked properly, but it didn’t start hanging
apparently until 5.12.2 and 5.14.0.

2 years agoUpdate PerlCheat to 5.14
H.Merijn Brand [Tue, 14 Jun 2011 18:12:01 +0000]
Update PerlCheat to 5.14

2 years agoPrefer the system gcc when searching for libraries such as -lm
Nicholas Clark [Wed, 15 Jun 2011 15:24:43 +0000]
Prefer the system gcc when searching for libraries such as -lm

40f026236b9959b7 added code to the Linux hints file to use gcc to locate
libraries such as -lm. However, if the user has their own gcc earlier in $PATH
than the system gcc, we don't want its libraries. So try to prefer the system

2 years agoDon't include libutil.h on Linux
Florian Ragwitz [Wed, 13 Jul 2011 17:05:01 +0000]
Don't include libutil.h on Linux

All it does is cause warnings on recent systems with that header installed. It's
required for some variants of FreeBSD only.

2 years agoGNU gcc-4.6.1 revealed a broken system header on HP-UX 11.00
H.Merijn Brand [Mon, 8 Aug 2011 10:06:45 +0000]
GNU gcc-4.6.1 revealed a broken system header on HP-UX 11.00

2 years agoTeach Configure about "procselfexe" on Solaris and NetBSD
Nicholas Clark [Tue, 27 Sep 2011 22:15:32 +0000]
Teach Configure about "procselfexe" on Solaris and NetBSD

Configure would already find /proc/self/exe on NetBSD, where /proc/self is
a symlink to /proc/curproc. However, the revised probe avoids the extra
symlink traversal. Configure did not previously probe for the
relevant path on Solaris, /proc/self/path/a.out

Rename the description of /proc/curproc/file from BSD to FreeBSD, as it seems
that of the "big 3" BSDs, only FreeBSD uses this path.

Based on a patch from Johann 'Myrkraverk' Oskarsson.

2 years agoIn Configure, refactor the test for procselfexe into a loop.
Nicholas Clark [Tue, 27 Sep 2011 21:47:39 +0000]
In Configure, refactor the test for procselfexe into a loop.

This removes code duplication, and makes it easy to add more variants.
Based on a patch from Johann 'Myrkraverk' Oskarsson.

2 years agoCorrect FreeBSD hints file for FreeBSD 10.0
Jilles Tjoelker [Sun, 30 Oct 2011 09:53:43 +0000]
Correct FreeBSD hints file for FreeBSD 10.0

Perl does not build on FreeBSD 10.0 because some checks in
hints/freebsd.sh think FreeBSD 10 is FreeBSD 1 and therefore enable
behaviour only appropriate for a.out systems.

The below patch was included in the lang/perl5.12 port and fixes its
build. The resulting binaries are also suitable to compile other ports.
I have also verified that this patch applies to lang/perl5.10 and
lang/perl5.14, making them build.

2 years agoAvoid attacks on sitecustomize by using NUL delimiters to wrap filenames.
Nicholas Clark [Thu, 24 Nov 2011 17:11:32 +0000]
Avoid attacks on sitecustomize by using NUL delimiters to wrap filenames.

Previously the generated code used regular '' strings, which meant that a
crafted pathname containing ' characters could be used to inject code.
Until the previous commit, this was only a problem if building in or
Configuring to install to such a directory. Which, hopefully, would be
"obviously wrong" to anyone capable of building Perl from source.

However, fixing the bug that prevented sitecustomize being subject to
relocatable include now means that for a relocatable pearl, an end-user
controlled path can now reach the sitecusomize code.

2 years agoMake sitecustomize relocatableinc aware
Carl Hayter [Thu, 24 Nov 2011 16:49:50 +0000]
Make sitecustomize relocatableinc aware

When -Dusesitecustomize is used with -Duserelocatableinc,
SITELIB_EXP/sitecustomize.pl is not found due to SITELIB_EXP having a
'.../..' relocation path.

This patch refactors the path relocation code from S_incpush() into
S_mayberelocate() so that it can be used in both S_incpush() and in
usesitecustomize's use of SITELIB_EXP.

2 years agoEnforce Any ~~ Object smartmatch precedence
Leon Timmermans [Mon, 23 Jan 2012 01:01:00 +0000]
Enforce Any ~~ Object smartmatch precedence

2 years agoAdd new 5.15.9 entries to pod/perlhist.pod
Abigail [Tue, 20 Mar 2012 20:23:27 +0000]
Add new 5.15.9 entries to pod/perlhist.pod

2 years agoCopy perlhist.pod from blead to maint-5.14
Dave Rolsky [Wed, 21 Dec 2011 18:03:33 +0000]
Copy perlhist.pod from blead to maint-5.14

3 years agoCreate perldelta for 5.14.3
Florian Ragwitz [Mon, 26 Sep 2011 11:18:20 +0000]
Create perldelta for 5.14.3

3 years agoAdd 5.14.2 to perlhist v5.14.2
Florian Ragwitz [Mon, 26 Sep 2011 10:04:56 +0000]
Add 5.14.2 to perlhist

3 years agoDelete some empty perldelta sections
Florian Ragwitz [Wed, 21 Sep 2011 11:21:17 +0000]
Delete some empty perldelta sections

3 years agoFix pod syntax in perldelta
Father Chrysostomos [Wed, 21 Sep 2011 05:22:58 +0000]
Fix pod syntax in perldelta

3 years agoperl5123delta: should have NAME perl5123delta
Karl Williamson [Sat, 16 Jul 2011 19:28:38 +0000]
perl5123delta: should have NAME perl5123delta

3 years agoRemove the RC1 marker
Florian Ragwitz [Mon, 19 Sep 2011 11:33:28 +0000]
Remove the RC1 marker

3 years agoBump version to RC1 v5.14.2-RC1
Florian Ragwitz [Mon, 19 Sep 2011 05:22:19 +0000]
Bump version to RC1

3 years agoAdd 5.14.2-RC1 to perlhist
Florian Ragwitz [Mon, 19 Sep 2011 05:18:57 +0000]
Add 5.14.2-RC1 to perlhist

3 years agoUpdate Module::CoreList for 5.14.2
Florian Ragwitz [Mon, 19 Sep 2011 04:34:54 +0000]
Update Module::CoreList for 5.14.2

3 years agoAcknowledgements in perldelta
Florian Ragwitz [Mon, 19 Sep 2011 04:21:15 +0000]
Acknowledgements in perldelta

3 years ago/aa and \b fail under some utf8 strings
Karl Williamson [Sat, 30 Jul 2011 18:33:31 +0000]
/aa and \b fail under some utf8 strings

This was due to my failure to realize that this 'if' needed to
be updated when the /aa modifier was added.

3 years agoPanic with \b and /aa
Karl Williamson [Sat, 30 Jul 2011 18:08:47 +0000]
Panic with \b and /aa

This was due to my oversight in not fixing this switch statement
to accommodate /aa when it was added.

3 years agoNote that PERL_GLOBAL_STRUCT is broken
Florian Ragwitz [Thu, 8 Sep 2011 08:19:01 +0000]
Note that PERL_GLOBAL_STRUCT is broken

3 years agoIn Glob.xs, use memset() instead of bzero()
Nicholas Clark [Tue, 6 Sep 2011 13:06:06 +0000]
In Glob.xs, use memset() instead of bzero()

3c97495f56fb647c used bzero(), which isn't available on some platforms.

3 years agoPerldelta for the CPAN updates
Florian Ragwitz [Wed, 7 Sep 2011 15:33:44 +0000]
Perldelta for the CPAN updates

3 years agoBump CPAN{,::Distribution}::VERSION after MYMETA/configure_requires fixes
Florian Ragwitz [Wed, 7 Sep 2011 15:33:09 +0000]
Bump CPAN{,::Distribution}::VERSION after MYMETA/configure_requires fixes

3 years agoChanged read_meta to ignore dynamic_config
David Golden [Sat, 25 Jun 2011 01:13:40 +0000]
Changed read_meta to ignore dynamic_config

Because read_meta is also used to read META.* for configure_requires,
it must not return undef when dynamic_config is true.  Instead,
the caller of read_meta must check dynamic_config when appropriate.

This is an API change, but as this is a new function, I think getting
correct semantics is more important than preserving back compatibility.

3 years agoconfigure_requires should only check META
David Golden [Sat, 25 Jun 2011 00:52:33 +0000]
configure_requires should only check META

It should not check MYMETA if for some reason configure_requires
is checked again after MYMETA has been created.

This patch adds a regex filter to the check for the meta file.

3 years agoPerldelta for the CVE-2011-2939 fix
Florian Ragwitz [Mon, 5 Sep 2011 11:43:50 +0000]
Perldelta for the CVE-2011-2939 fix

3 years agoBackport the CVE-2011-2939 fix for Encode
Florian Ragwitz [Mon, 5 Sep 2011 11:43:37 +0000]
Backport the CVE-2011-2939 fix for Encode

3 years agoPerldelta for the PerlIO::scalar COW fix
Florian Ragwitz [Mon, 5 Sep 2011 11:03:50 +0000]
Perldelta for the PerlIO::scalar COW fix

3 years agoGet PerlIO::scalar to write to COWs
Father Chrysostomos [Sun, 5 Jun 2011 02:01:59 +0000]
Get PerlIO::scalar to write to COWs