This is a live mirror of the Perl 5 development currently hosted at https://github.com/perl/perl5
study uses I32 internally for offsets, so should be skipped for long strings.
authorNicholas Clark <nick@ccl4.org>
Thu, 19 May 2011 09:14:16 +0000 (10:14 +0100)
committerNicholas Clark <nick@ccl4.org>
Thu, 19 May 2011 09:14:16 +0000 (10:14 +0100)
It already skips for anything that isn't a plain byte string with non-zero
length. Otherwise it risks becoming confused for strings longer than 2**31.

pp.c

diff --git a/pp.c b/pp.c
index 0069fba..3cfbe1a 100644 (file)
--- a/pp.c
+++ b/pp.c
@@ -712,8 +712,7 @@ PP(pp_study)
            RETPUSHYES;
     }
     s = (unsigned char*)(SvPV(sv, len));
-    pos = len;
-    if (pos <= 0 || !SvPOK(sv) || SvUTF8(sv)) {
+    if (len == 0 || len > I32_MAX || !SvPOK(sv) || SvUTF8(sv)) {
        /* No point in studying a zero length string, and not safe to study
           anything that doesn't appear to be a simple scalar (and hence might
           change between now and when the regexp engine runs without our set
@@ -721,6 +720,7 @@ PP(pp_study)
           stringification.  */
        RETPUSHNO;
     }
+    pos = len;
 
     if (PL_lastscream) {
        SvSCREAM_off(PL_lastscream);