This is a live mirror of the Perl 5 development currently hosted at https://github.com/perl/perl5
https://perl5.git.perl.org / perl5.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f0eb8bb) | patch
PerlIO::via: sanity check READ method return value
authorTony Cook <tony@develop-help.com>
Wed, 10 May 2023 04:22:00 +0000 (14:22 +1000)
committerTony Cook <tony@develop-help.com>
Tue, 1 Aug 2023 00:21:26 +0000 (10:21 +1000)
commit4d19b36932e18bce344d5db51a5fff31eb1cef20
tree9c90f6016f10b63fd7c20e176f4fc8177a22373ctree | snapshot
parentf0eb8bbcea48a988acb7df5c3c3db93d4a67fb75commit | diff
PerlIO::via: sanity check READ method return value

Coverity complained that the range of SvIV(result) could be large
and well outside the bounds of the buffer at SvPVX().

So sanity check that the value of result is within range, if it is
out of range warn and return an error.

Also document the bottom of the range of expected return values from
READ, -1 is less than $len and resulted in a crash.

Ideally we'd just use the length of the modified $buffer to avoid
such range errors, but the API is already designed, so we can't.

CID 453853
ext/PerlIO-via/t/via.t diff | blob | blame | history
ext/PerlIO-via/via.pm diff | blob | blame | history
ext/PerlIO-via/via.xs diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.