This is a live mirror of the Perl 5 development currently hosted at https://github.com/perl/perl5
https://perl5.git.perl.org / perl5.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 051475b) | patch
Fix security problem: CWE-134: Use of Externally-Controlled Format String
authorPali <pali@cpan.org>
Sun, 3 Dec 2017 16:02:53 +0000 (17:02 +0100)
committerTony Cook <tony@develop-help.com>
Mon, 15 Jan 2018 23:26:59 +0000 (10:26 +1100)
commit7ceac2e89b40347b95855c622b9f8f31bd6560f4
tree33e923d3c724b20fb5f3c9ce39e269d79bc68f9etree | snapshot
parent051475ba96b05e8ea21b4fdea8bd58b2644b4d2dcommit | diff
Fix security problem: CWE-134: Use of Externally-Controlled Format String

Function croak() takes printf-like formatted string, so passing arbitrary
char* can leads to buffer overflow. Use croak_sv() which is now available
and avoids converting SV* to char*.
dist/Devel-PPPort/parts/inc/call diff | blob | blame | history
dist/Devel-PPPort/parts/inc/ppphtest diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.