This is a live mirror of the Perl 5 development currently hosted at https://github.com/perl/perl5
https://perl5.git.perl.org / perl5.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 52ef4d4) | patch
(perl #131990) treat the length for LSCALAR, LUTF8STR as unsigned
authorTony Cook <tony@develop-help.com>
Mon, 4 Dec 2017 04:49:27 +0000 (15:49 +1100)
committerTony Cook <tony@develop-help.com>
Thu, 8 Feb 2018 02:58:12 +0000 (13:58 +1100)
commit0a406809258c9d03a34e12c0b7e6028f7fe59ec9
tree512c1957b2db3aca71d5981c62839a952a7c6574tree | snapshot
parent52ef4d491a3291a21a896ffe1385f431549e3d39commit | diff
(perl #131990) treat the length for LSCALAR, LUTF8STR as unsigned

Older Storable without 64-bit object might write such objects.

A malicious file might also be provided with such a large length
to cause a resource consumption attack (allocating large amounts of
memory), but Storable explicitly doesn't protect against attacks.
dist/Storable/Storable.xs diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.