Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP4:GA
perl-DBI
perl-DBI-CVE-2013-7490.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File perl-DBI-CVE-2013-7490.patch of Package perl-DBI
From a8b98e988d6ea2946f5f56691d6d5ead53f65766 Mon Sep 17 00:00:00 2001 From: Tim Bunce <Tim.Bunce@pobox.com> Date: Sun, 21 Sep 2014 15:01:17 +0100 Subject: [PATCH] Fixed risk of memory corruption with many arguments to methods RT#86744 --- DBI.xs | 12 +++++++----- t/70callbacks.t | 10 ++++++++++ 3 files changed, 20 insertions(+), 5 deletions(-) Index: DBI-1.628/DBI.xs =================================================================== --- DBI-1.628.orig/DBI.xs +++ DBI-1.628/DBI.xs @@ -3117,6 +3117,7 @@ XS(XS_DBI_dispatch); /* proto XS(XS_DBI_dispatch) { dXSARGS; + dORIGMARK; dMY_CXT; SV *h = ST(0); /* the DBI handle we are working with */ @@ -3417,6 +3418,7 @@ XS(XS_DBI_dispatch) XPUSHs(*hp); PUTBACK; call_method("DESTROY", G_DISCARD|G_EVAL|G_KEEPERR); + MSPAGAIN; } else { imp_xxh_t *imp_xxh = dbih_getcom2(aTHX_ *hp, 0); @@ -3507,8 +3509,8 @@ XS(XS_DBI_dispatch) SV *code = SvRV(*hook_svp); I32 skip_dispatch = 0; if (trace_level) - PerlIO_printf(DBILOGFP, "%c {{ %s callback %s being invoked\n", - (PL_dirty?'!':' '), meth_name, neatsvpv(*hook_svp,0)); + PerlIO_printf(DBILOGFP, "%c {{ %s callback %s being invoked with %ld args\n", + (PL_dirty?'!':' '), meth_name, neatsvpv(*hook_svp,0), (long)items); /* we don't use ENTER,SAVETMPS & FREETMPS,LEAVE because we may need mortal * results to live long enough to be returned to our caller @@ -3530,7 +3532,7 @@ XS(XS_DBI_dispatch) } PUTBACK; outitems = call_sv(code, G_ARRAY); /* call the callback code */ - SPAGAIN; + MSPAGAIN; /* The callback code can undef $_ to indicate to skip dispatch */ skip_dispatch = !SvOK(DEFSV); @@ -3854,7 +3856,7 @@ XS(XS_DBI_dispatch) XPUSHs(&PL_sv_yes); PUTBACK; call_method("STORE", G_DISCARD); - SPAGAIN; + MSPAGAIN; } } } @@ -4011,7 +4013,7 @@ XS(XS_DBI_dispatch) XPUSHs( result ); PUTBACK; items = call_sv(*hook_svp, G_SCALAR); - SPAGAIN; + MSPAGAIN; status = (items) ? POPs : &PL_sv_undef; PUTBACK; if (trace_level) Index: DBI-1.628/t/70callbacks.t =================================================================== --- DBI-1.628.orig/t/70callbacks.t +++ DBI-1.628/t/70callbacks.t @@ -190,6 +190,17 @@ is $called{execute}, 1, 'Execute callbac ok $sth->fetch, 'Fetch'; is $called{fetch}, 1, 'Fetch callback should have been called'; +# stress test for stack reallocation and mark handling -- RT#86744 +my $stress_count = 3000; +my $place_holders = join(',', ('?') x $stress_count); +my @params = ('t') x $stress_count; +my $stress_dbh = DBI->connect( 'DBI:NullP:test'); +my $stress_sth = $stress_dbh->prepare("select 1"); +$stress_sth->{Callbacks}{execute} = sub { return; }; +$stress_sth->execute(@params); + +done_testing(); + __END__ A generic 'transparent' callback looks like this:
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor