This is a live mirror of the Perl 5 development currently hosted at https://github.com/perl/perl5
https://perl5.git.perl.org / perl5.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e94bb47) | patch
Use SSize_t for tmps stack offsets
authorFather Chrysostomos <sprout@cpan.org>
Sun, 25 Aug 2013 01:02:09 +0000 (18:02 -0700)
committerFather Chrysostomos <sprout@cpan.org>
Sun, 25 Aug 2013 13:39:28 +0000 (06:39 -0700)
commite8eb279cb8d8b30256eb8b1957e1dabed28fc4eb
tree4ecc06a52d1ab4fb015da2e28803da335120ab95tree | snapshot
parente94bb4701fe9ef6ea7467f3fbc456bd68d184ef0commit | diff
Use SSize_t for tmps stack offsets

This is a partial fix for #119161.

On 64-bit platforms, I32 is too small to hold offsets into a stack
that can grow larger than I32_MAX.  What happens is the offsets can
wrap so we end up referencing and modifying elements with negative
indices, corrupting memory, and causing crashes.

With this commit, ()=1..1000000000000 stops crashing immediately.
Instead, it gobbles up all your memory first, and then, if your com-
puter still survives, crashes.  The second crash happesn bcause of
a similar bug with the argument stack, which the next commit will
take care of.
dump.c diff | blob | blame | history
embed.fnc diff | blob | blame | history
embed.h diff | blob | blame | history
intrpvar.h diff | blob | blame | history
op.c diff | blob | blame | history
proto.h diff | blob | blame | history
scope.c diff | blob | blame | history
scope.h diff | blob | blame | history
sv.c diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.