5 perl5274delta - what is new for perl v5.27.4
9 This document describes differences between the 5.27.3 release and the 5.27.4
12 If you are upgrading from an earlier release such as 5.27.2, first read
13 L<perl5273delta>, which describes differences between 5.27.2 and 5.27.3.
15 =head1 Core Enhancements
17 =head2 In-place editing is now safer
19 Previously in-place editing would delete or rename the input file
20 as soon as you started working on a new file.
22 Without backups this would result in loss of data if there was an
23 error, such as a full disk, when writing to the output file.
25 This has changed so that the input file isn't replaced until the
26 output file has been completely written and successfully closed.
28 This works by creating a work file in the same directory, which is
29 renamed over the input file once the output file is complete.
37 Since this renaming needs to only happen once, if you create a thread
38 or child process, that renaming will only happen in the original
43 If you change directories while processing a file, and your operating
44 system doesn't provide the C<unlinkat()>, C<renameat()> and C<fchmodat()>
45 functions, the final rename step may fail.
49 L<[perl #127663]|https://rt.perl.org/Public/Bug/Display.html?id=127663>
53 =head2 [CVE-2017-12837] Heap buffer overflow in regular expression compiler
55 Compiling certain regular expression patterns with the case-insensitive
56 modifier could cause a heap buffer overflow and crash perl. This has now been
58 L<[perl #131582]|https://rt.perl.org/Public/Bug/Display.html?id=131582>
60 =head2 [CVE-2017-12883] Buffer over-read in regular expression parser
62 For certain types of syntax error in a regular expression pattern, the error
63 message could either contain the contents of a random, possibly large, chunk of
64 memory, or could crash perl. This has now been fixed.
65 L<[perl #131598]|https://rt.perl.org/Public/Bug/Display.html?id=131598>
67 =head2 [CVE-2017-12814] C<$ENV{$key}> stack buffer overflow on Windows
69 A possible stack buffer overflow in the C<%ENV> code on Windows has been fixed
70 by removing the buffer completely since it was superfluous anyway.
71 L<[perl #131665]|https://rt.perl.org/Public/Bug/Display.html?id=131665>
73 =head1 Performance Enhancements
79 Slightly improved performance when parsing stash names.
80 L<[perl #129990]|https://rt.perl.org/Public/Bug/Display.html?id=129990>
84 =head1 Modules and Pragmata
86 =head2 Updated Modules and Pragmata
92 L<attributes> has been upgraded from version 0.3 to 0.31.
96 L<File::Glob> has been upgraded from version 1.29 to 1.30.
100 L<I18N::Langinfo> has been upgraded from version 0.13 to 0.14.
101 This fixes a bug in which the underlying locale was ignored for the
102 C<RADIXCHAR> (always was returned as a dot, and the C<THOUSEP> (always
103 empty). Now the locale-appropriate values are returned.
107 L<Module::CoreList> has been upgraded from version 5.20170821 to 5.20170920.
111 L<sort> has been upgraded from version 2.02 to 2.03.
115 L<Term::ReadLine> has been upgraded from version 1.16 to 1.17.
119 L<threads> has been upgraded from version 2.17 to 2.18.
123 L<VMS::Stdio> has been upgraded from version 2.41 to 2.42.
127 =head2 Removed Modules and Pragmata
133 The C<VMS::stdio> compatibility shim has been removed.
139 The following additions or changes have been made to diagnostic output,
140 including warnings and fatal error messages. For the complete list of
141 diagnostic messages, see L<perldiag>.
143 =head2 Changes to Existing Diagnostics
149 A false-positive warning that was issued when using a
150 numerically-quantified sub-pattern in a recursive regex has been
151 silenced. L<[perl #131868]|https://rt.perl.org/Public/Bug/Display.html?id=131868>
157 Tests were added and changed to reflect the other additions and changes
160 =head1 Platform Support
162 =head2 Platform-Specific Notes
168 Perl now correctly uses reentrant functions, like C<asctime_r>, on
169 versions of Darwin that have support for them.
173 =head1 Internal Changes
179 A new function, L<C<Perl_langinfo()>|perlapi/Perl_langinfo> has been
180 added. It is an (almost) drop-in replacement for the system
181 C<nl_langinfo(3)>, but works on platforms that lack that; as well as
182 being more thread-safe, and hiding some gotchas with locale handling
183 from the caller. Code that uses this, needn't use L<C<localeconv(3)>>
184 (and be affected by the gotchas) to find the decimal point, thousands
185 separator, or currency symbol. See L<perlapi/Perl_langinfo>.
189 A new API function L<C<sv_rvunweaken()>|perlapi/sv_rvunweaken> has
190 been added to complement L<C<sv_rvweaken()>|perlapi/sv_rvweaken>.
191 The implementation was taken from L<Scalar::Util/unweaken>.
195 A new flag, C<SORTf_UNSTABLE>, has been added. This will allow a
196 future commit to make mergesort unstable when the user specifies ‘no
197 sort stable’, since it has been decided that mergesort should remain
202 =head1 Selected Bug Fixes
208 The internal stack usage checks introduced in 5.27.2 are now also done
209 by the C<entersub> operator when calling XSUBs. This means we can
210 report which XSUB failed to allocate enough stack space.
211 L<[perl #131975]|https://rt.perl.org/Public/Bug/Display.html?id=131975>
215 Parsing a C<sub> definition could cause a use after free if the C<sub>
216 keyword was followed by whitespace including newlines (and comments.)
217 L<[perl #131836]|https://rt.perl.org/Public/Bug/Display.html?id=131836>
221 The tokenizer now correctly adjusts a parse pointer when skipping
222 whitespace in a C< ${identifier} > construct.
223 L<[perl #131949]|https://rt.perl.org/Public/Bug/Display.html?id=131949>
227 Accesses to C<${^LAST_FH}> no longer assert after using any of a
228 variety of I/O operations on a non-glob.
229 L<[perl #128263]|https://rt.perl.org/Public/Bug/Display.html?id=128263>
233 The C<Copy()>, C<Move()>, C<Zero()> macros and their variants now
234 assert if the pointers supplied are C<NULL>. ISO C considers
235 supplying NULL pointers to the functions these macros are built upon
236 as undefined behaviour even when their count parameters are zero.
237 Based on these assertions and the original bug report three macro
238 calls were made conditional.
239 L<[perl #131746]|https://rt.perl.org/Public/Bug/Display.html?id=131746>
240 L<[perl #131892]|https://rt.perl.org/Public/Bug/Display.html?id=131892>
244 The in-place sort optimisation now correctly strengthens weak
245 references using the new L<C<sv_rvunweaken()>|perlapi/sv_rvunweaken>
250 Only the C<=> operator is permitted for defining defaults for
251 parameters in subroutine signatures. Previously other assignment
252 operators, e.g. C<+=>, were also permitted.
253 L<[perl #131777]|https://rt.perl.org/Public/Bug/Display.html?id=131777>
257 Package names are now always included in C<:prototype> warnings
258 L<[perl #131833]|https://rt.perl.org/Public/Bug/Display.html?id=131833>
262 Creating a thread with no parameters no longer tries to C<Copy()> a
263 null pointer. This fixes an assertion failure and allows threaded
264 builds to work again.
268 The C<je_old_stack_hwm> field, previously only found in the C<jmpenv>
269 structure on debugging builds, has been added to non-debug builds as
270 well. This fixes an issue with some CPAN modules caused by the size of
271 this structure varying between debugging and non-debugging builds.
272 L<[perl #131942]|https://rt.perl.org/Public/Bug/Display.html?id=131942>
276 The arguments to the C<ninstr()> macro are now correctly parenthesized.
280 A NULL pointer dereference in the C<S_regmatch()> function has been
282 L<[perl #132017]|https://rt.perl.org/Public/Bug/Display.html?id=132017>
286 =head1 Acknowledgements
288 Perl 5.27.4 represents approximately 4 weeks of development since Perl 5.27.3
289 and contains approximately 5,000 lines of changes across 140 files from 18
292 Excluding auto-generated files, documentation and release tools, there were
293 approximately 3,300 lines of changes to 76 .pm, .t, .c and .h files.
295 Perl continues to flourish into its third decade thanks to a vibrant community
296 of users and developers. The following people are known to have contributed the
297 improvements that became Perl 5.27.4:
299 Abigail, Chris 'BinGOs' Williams, Dagfinn Ilmari Mannsåker, David Mitchell,
300 Dominic Hargreaves, Father Chrysostomos, H.Merijn Brand, James E Keenan, Jarkko
301 Hietaniemi, John SJ Anderson, Karl Williamson, Lukas Mai, Matthew Horsfall,
302 Neil Bowers, Nicolas R., Steve Hay, Tony Cook, Yves Orton.
304 The list above is almost certainly incomplete as it is automatically generated
305 from version control history. In particular, it does not include the names of
306 the (very much appreciated) contributors who reported issues to the Perl bug
309 Many of the changes included in this version originated in the CPAN modules
310 included in Perl's core. We're grateful to the entire CPAN community for
311 helping Perl to flourish.
313 For a more complete list of all of Perl's historical contributors, please see
314 the F<AUTHORS> file in the Perl source distribution.
316 =head1 Reporting Bugs
318 If you find what you think is a bug, you might check the perl bug database
319 at L<https://rt.perl.org/> . There may also be information at
320 L<http://www.perl.org/> , the Perl Home Page.
322 If you believe you have an unreported bug, please run the L<perlbug> program
323 included with your release. Be sure to trim your bug down to a tiny but
324 sufficient test case. Your bug report, along with the output of C<perl -V>,
325 will be sent off to perlbug@perl.org to be analysed by the Perl porting team.
327 If the bug you are reporting has security implications which make it
328 inappropriate to send to a publicly archived mailing list, then see
329 L<perlsec/SECURITY VULNERABILITY CONTACT INFORMATION>
330 for details of how to report the issue.
334 If you wish to thank the Perl 5 Porters for the work we had done in Perl 5,
335 you can do so by running the C<perlthanks> program:
339 This will send an email to the Perl 5 Porters list with your show of thanks.
343 The F<Changes> file for an explanation of how to view exhaustive details on
346 The F<INSTALL> file for how to build Perl.
348 The F<README> file for general stuff.
350 The F<Artistic> and F<Copying> files for copyright information.