This is a live mirror of the Perl 5 development currently hosted at https://github.com/perl/perl5
Data::Dumper: handle huge inputs on 64-bit platforms
Several quantities relating to string escaping were being stored in 32-bit
variables. On a 64-bit system, pathological inputs could overflow the
available space and cause incorrect output.
The test for this requires about 10 GB of memory, so it is disabled except
when PERL_TEST_MEMORY is set to at least 10.
There are other questionable-looking uses of I32 in Dumper.xs, but they
don't seem to be exploitable. (It helps, for example, that the core hash API
restricts key lengths to 2**31-1.) That said, it may be worth auditing the
code rather more carefully for potential problems.