This is a live mirror of the Perl 5 development currently hosted at https://github.com/perl/perl5
Assert no bad array access.
authorJarkko Hietaniemi <jhi@iki.fi>
Sun, 7 Feb 2016 00:28:00 +0000 (19:28 -0500)
committerJarkko Hietaniemi <jhi@iki.fi>
Sun, 7 Feb 2016 13:23:46 +0000 (08:23 -0500)
Coverity CID 135147: Out-of-bounds access (OVERRUN)

Long-distance trouble: regexec.c:8922-ish calls (if DEBUGGING) the
regprop() in regcomp.c, which can access the five-element bounds[]
array with the flags value as the offset.  However, Coverity thinks
it sees that in regexec.c the flags value may be up to nine.

regcomp.c

index 639e4a3..d6a3b5b 100644 (file)
--- a/regcomp.c
+++ b/regcomp.c
@@ -17659,6 +17659,7 @@ Perl_regprop(pTHX_ const regexp *prog, SV *sv, const regnode *o, const regmatch_
             "{sb}",
             "{wb}"
         };
+        assert(FLAGS(o) < C_ARRAY_LENGTH(bounds));
         sv_catpv(sv, bounds[FLAGS(o)]);
     }
     else if (k == BRANCHJ && (OP(o) == UNLESSM || OP(o) == IFMATCH))