This is a live mirror of the Perl 5 development currently hosted at https://github.com/perl/perl5
https://perl5.git.perl.org / perl5.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 87b6714) | patch
Perl_av_extend_guts: Zero() trailing elements after unshift & resize
authorRichard Leach <richardleach@users.noreply.github.com>
Tue, 18 Jul 2023 21:43:19 +0000 (21:43 +0000)
committerRichard Leach <richardleach@users.noreply.github.com>
Thu, 20 Jul 2023 21:57:28 +0000 (22:57 +0100)
commit9e298ab597b2c6fc0741749d7e29119e2d6cd628
tree4aa0b9b9abab98de9fdfd1e87fa10016edeb624dtree | snapshot
parent87b6714e189c3d9159ea45bb9c42ed0cffb988cecommit | diff
Perl_av_extend_guts: Zero() trailing elements after unshift & resize

Since https://github.com/Perl/perl5/commit/399fef93c903aedee05a74de780b57eeeb571b32,
trailing elements in an array that has been unshifted and resized
might not be properly Zero() initialized. This is because of faulty
arithmetic when calculating `to_null`, the number of elements to
initialize, when the array was only partially shifted.

This commit corrects the arithmetic, adds comments arount the
calculation of `to_null`, and adds a test based upon the case
provided in GH #21235.

The test added segfaults more reliably for me - almost every time -
than the originally supplied case. However, since it relies upon
uninitialized memory, it's probably still not deterministic and
somewhat dependent upon the choice of memory allocator.

Closes #21235
av.c diff | blob | blame | history
t/op/array.t diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.