Skip Menu |
Report information
Id: 133073
Status: pending release
Priority: 0/
Queue: perl5

Owner: Nobody
Requestors: marc-philip.werner [at] sap.com
Cc:
AdminCc:

Operating System: (no value)
PatchStatus: (no value)
Severity: medium
Type: core
Perl Version: 5.26.1
Fixed In: (no value)



To: "perlbug [...] perl.org" <perlbug [...] perl.org>
Subject: 5.26.1: some coverity findings in pp.c and toke.c
Date: Wed, 6 Dec 2017 09:09:08 +0000
From: "Werner, Marc-Philip" <marc-philip.werner [...] sap.com>
Download (untitled) / with headers
text/plain 6.2k
This is a bug report for perl from marc-philip.werner@sap.com, generated with the help of perlbug 1.40 running under perl 5.26.1. ----------------------------------------------------------------- Hi, we have some coverity code scans here. They have found this uninilialized variable in pp.c and the integer overrun in toke.c. Though it might be possible that these are false positives (no reasonable control path gets there), it's good to mute the scan here to see the real problems easier. I'm attaching a patchfile. Best Regards Marc-Philip [Please do not change anything below this line] ----------------------------------------------------------------- --- Flags: category=core severity=medium --- Site configuration information for perl 5.26.1: Configured by sap at Wed Dec 6 09:11:47 CET 2017. Summary of my perl5 (revision 5 version 26 subversion 1) configuration: Platform: osname=darwin osvers=17.2.0 archname=darwin-thread-multi-2level uname='darwin wdfm33972517a 17.2.0 darwin kernel version 17.2.0: fri sep 29 18:27:05 pdt 2017; root:xnu-4570.20.62~3release_x86_64 x86_64 ' config_args='-der -Dmyhostname=buildhost -Dmydomain=.com -Dcf_by=sap -Dprivlib=.../../lib -Dsitelib=.../../lib -Darchlib=.../../lib -Dsitearch=.../../lib -Dnoextensions=GDBM_File NDBM_File ODBM_File SDBM_File -Ddynamic_ext=MIME/Base64 Socket IO Time/HiRes Cwd Encode Data/Dumper Compress/Raw/Zlib -Dusethreads -Duseshrplib -Duserelocatableinc -Dprefix=/Users/d026948/SAPDevelop/hmexternals/perl/gen/out/perl-5.26.1-sap2-SNAPSHOT-darwinintel64-release-c -Duse64bitall -Accflags=-B$SDKROOT/usr/include/gcc -Accflags=-B$SDKROOT/usr/lib/gcc -Accflags=-isystem$SDKROOT/usr/include -Accflags=-F$SDKROOT/System/Library/Frameworks -Aldflags=-Wl,-syslibroot,$SDKROOT -Accdlflags=-B$SDKROOT/usr/include/gcc -Accdlflags=-B$SDKROOT/usr/lib/gcc -Accdlflags=-isystem$SDKROOT/usr/include -Accdlflags=-F$SDKROOT/System/Library/Frameworks -Alddlflags=-Wl,-syslibroot,$SDKROOT' hint=recommended useposix=true d_sigaction=define useithreads=define usemultiplicity=define use64bitint=define use64bitall=define uselongdouble=undef usemymalloc=n default_inc_excludes_dot=define bincompat5005=undef Compiler: cc='cc' ccflags ='-fno-common -DPERL_DARWIN -mmacosx-version-min=10.13 -arch x86_64 -B/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/usr/include/gcc -B/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/usr/lib/gcc -isystem/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/usr/include -F/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks -fno-strict-aliasing -pipe -fstack-protector-strong -DPERL_USE_SAFE_PUTENV' optimize='-O3' cppflags='-arch x86_64 -fno-common -DPERL_DARWIN -mmacosx-version-min=10.13 -arch x86_64 -B/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/usr/include/gcc -B/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/usr/lib/gcc -isystem/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/usr/include -F/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks -fno-strict-aliasing -pipe -fstack-protector-strong' ccversion='' gccversion='4.2.1 Compatible Apple LLVM 9.0.0 (clang-900.0.38)' gccosandvers='' intsize=4 longsize=8 ptrsize=8 doublesize=8 byteorder=12345678 doublekind=3 d_longlong=define longlongsize=8 d_longdbl=define longdblsize=16 longdblkind=3 ivtype='long' ivsize=8 nvtype='double' nvsize=8 Off_t='off_t' lseeksize=8 alignbytes=8 prototype=define Linker and Libraries: ld='cc -arch x86_64' ldflags =' -mmacosx-version-min=10.13 -arch x86_64 -Wl,-syslibroot,/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk -fstack-protector-strong' libpth=/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/lib/clang/9.0.0/lib /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/lib /Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.13.sdk/usr/lib /usr/lib libs=-lpthread -ldbm -ldl -lm -lutil -lc perllibs=-lpthread -ldl -lm -lutil -lc libc= so=dylib useshrplib=true libperl=libperl.dylib gnulibc_version='' Dynamic Linking: dlsrc=dl_dlopen.xs dlext=bundle d_dlsymun=undef ccdlflags=' -B/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/usr/include/gcc -B/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/usr/lib/gcc -isystem/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/usr/include -F/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks' cccdlflags=' ' lddlflags=' -mmacosx-version-min=10.13 -bundle -undefined dynamic_lookup -Wl,-syslibroot,/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk -fstack-protector-strong' --- @INC for perl 5.26.1: /Users/d026948/SAPDevelop/hmexternals/perl/gen/out/perl-5.26.1-sap2-SNAPSHOT-darwinintel64-release-c/lib /Users/d026948/SAPDevelop/hmexternals/perl/gen/out/perl-5.26.1-sap2-SNAPSHOT-darwinintel64-release-c/lib --- Environment for perl 5.26.1: DYLD_LIBRARY_PATH=/Users/d026948/SAPDevelop/hmexternals/perl/gen/out/perl-5.26.1-sap2-SNAPSHOT-darwinintel64-release-c/lib/CORE HOME=/Users/d026948 LANG=en_GB.UTF-8 LANGUAGE (unset) LD_LIBRARY_PATH (unset) LOGDIR (unset) PATH=/Users/d026948/SAPDevelop/hmexternals/perl/gen/out/perl-5.26.1-sap2-SNAPSHOT-darwinintel64-release-c/bin:/Users/d026948/SAPDevelop/xmake-0.9.3-8/bin:/opt/local/bin:/opt/local/sbin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/opt/X11/bin PERL_BADLANG (unset) SHELL=/bin/csh

Message body is not shown because sender requested not to inline it.

To: "perlbug [...] perl.org" <perlbug [...] perl.org>
Subject: uninitialized variable and integer overrun in pp.c and toke.c
From: "Werner, Marc-Philip" <marc-philip.werner [...] sap.com>
Date: Thu, 7 Dec 2017 11:45:10 +0000
Download (untitled) / with headers
text/plain 6.4k
From: marc-philip.werner@sap.com To: perlbug@perl.org Message-Id: <5.26.1_51638_1512643179@WDFM33972517A> Reply-To: marc-philip.werner@sap.com Subject: uninitialized variable and integer overrun in pp.c and toke.c This is a bug report for perl from marc-philip.werner@sap.com, generated with the help of perlbug 1.40 running under perl 5.26.1. ----------------------------------------------------------------- Hi, we have some coverity code scans here. They have found this uninitialized variable in pp.c and the integer overrun in toke.c. Though it might be possible that these are false positives (no reasonable control path gets there), it's good to mute the scan here to better see other (possibly real) problems. I'm attaching a patchfile. Best Regards Marc-Philip ----------------------------------------------------------------- --- Flags: category=core severity=medium --- Site configuration information for perl 5.26.1: Configured by sap at Thu Dec 7 10:39:47 CET 2017. Summary of my perl5 (revision 5 version 26 subversion 1) configuration: Platform: osname=darwin osvers=17.2.0 archname=darwin-thread-multi-2level uname='darwin wdfm33972517a 17.2.0 darwin kernel version 17.2.0: fri sep 29 18:27:05 pdt 2017; root:xnu-4570.20.62~3release_x86_64 x86_64 ' config_args='-der -Dmyhostname=buildhost -Dmydomain=.com -Dcf_by=sap -Dprivlib=.../../lib -Dsitelib=.../../lib -Darchlib=.../../lib -Dsitearch=.../../lib -Dnoextensions=GDBM_File NDBM_File ODBM_File SDBM_File -Ddynamic_ext=MIME/Base64 Socket IO Time/HiRes Cwd Encode Data/Dumper Compress/Raw/Zlib -Dusethreads -Duseshrplib -Duserelocatableinc -Dprefix=/Users/d026948/SAPDevelop/hmexternals/perl/gen/out/perl-5.26.1-sap2-SNAPSHOT-darwinintel64-release-c -Duse64bitall -Accflags=-B$SDKROOT/usr/include/gcc -Accflags=-B$SDKROOT/usr/lib/gcc -Accflags=-isystem$SDKROOT/usr/include -Accflags=-F$SDKROOT/System/Library/Frameworks -Aldflags=-Wl,-syslibroot,$SDKROOT -Accdlflags=-B$SDKROOT/usr/include/gcc -Accdlflags=-B$SDKROOT/usr/lib/gcc -Accdlflags=-isystem$SDKROOT/usr/include -Accdlflags=-F$SDKROOT/System/Library/Frameworks -Alddlflags=-Wl,-syslibroot,$SDKROOT' hint=recommended useposix=true d_sigaction=define useithreads=define usemultiplicity=define use64bitint=define use64bitall=define uselongdouble=undef usemymalloc=n default_inc_excludes_dot=define bincompat5005=undef Compiler: cc='cc' ccflags ='-fno-common -DPERL_DARWIN -mmacosx-version-min=10.13 -arch x86_64 -B/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/usr/include/gcc -B/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/usr/lib/gcc -isystem/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/usr/include -F/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks -fno-strict-aliasing -pipe -fstack-protector-strong -DPERL_USE_SAFE_PUTENV' optimize='-O3' cppflags='-arch x86_64 -fno-common -DPERL_DARWIN -mmacosx-version-min=10.13 -arch x86_64 -B/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/usr/include/gcc -B/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/usr/lib/gcc -isystem/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/usr/include -F/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks -fno-strict-aliasing -pipe -fstack-protector-strong' ccversion='' gccversion='4.2.1 Compatible Apple LLVM 9.0.0 (clang-900.0.38)' gccosandvers='' intsize=4 longsize=8 ptrsize=8 doublesize=8 byteorder=12345678 doublekind=3 d_longlong=define longlongsize=8 d_longdbl=define longdblsize=16 longdblkind=3 ivtype='long' ivsize=8 nvtype='double' nvsize=8 Off_t='off_t' lseeksize=8 alignbytes=8 prototype=define Linker and Libraries: ld='cc -arch x86_64' ldflags =' -mmacosx-version-min=10.13 -arch x86_64 -Wl,-syslibroot,/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk -fstack-protector-strong' libpth=/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/lib/clang/9.0.0/lib /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/lib /Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.13.sdk/usr/lib /usr/lib libs=-lpthread -ldbm -ldl -lm -lutil -lc perllibs=-lpthread -ldl -lm -lutil -lc libc= so=dylib useshrplib=true libperl=libperl.dylib gnulibc_version='' Dynamic Linking: dlsrc=dl_dlopen.xs dlext=bundle d_dlsymun=undef ccdlflags=' -B/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/usr/include/gcc -B/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/usr/lib/gcc -isystem/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/usr/include -F/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks' cccdlflags=' ' lddlflags=' -mmacosx-version-min=10.13 -bundle -undefined dynamic_lookup -Wl,-syslibroot,/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk -fstack-protector-strong' --- @INC for perl 5.26.1: /Users/d026948/SAPDevelop/hmexternals/perl/gen/out/perl-5.26.1-sap2-SNAPSHOT-darwinintel64-release-c/lib /Users/d026948/SAPDevelop/hmexternals/perl/gen/out/perl-5.26.1-sap2-SNAPSHOT-darwinintel64-release-c/lib --- Environment for perl 5.26.1: DYLD_LIBRARY_PATH=/Users/d026948/SAPDevelop/hmexternals/perl/gen/out/perl-5.26.1-sap2-SNAPSHOT-darwinintel64-release-c/lib/CORE HOME=/Users/d026948 LANG=en_GB.UTF-8 LANGUAGE (unset) LD_LIBRARY_PATH (unset) LOGDIR (unset) PATH=/Users/d026948/SAPDevelop/hmexternals/perl/gen/out/perl-5.26.1-sap2-SNAPSHOT-darwinintel64-release-c/bin:/Users/d026948/SAPDevelop/xmake-0.9.3-8/bin:/opt/local/bin:/opt/local/sbin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/opt/X11/bin PERL_BADLANG (unset) SHELL=/bin/csh

Message body is not shown because sender requested not to inline it.

RT-Send-CC: perl5-porters [...] perl.org
Download (untitled) / with headers
text/plain 121b
Thanks for the report and patch. Applied to blead as commit 62e6b70574842d7f2c547d33c85c50228522f685 -- Karl Williamson
Subject: Re: [perl #133074] uninitialized variable and integer overrun in pp.c and toke.c
To: perl5-porters [...] perl.org
From: Karl Williamson <public [...] khwilliamson.com>
Date: Sun, 8 Apr 2018 12:30:33 -0600
Download (untitled) / with headers
text/plain 1.1k
On 04/05/2018 09:35 PM, Marc-Philip (via RT) wrote: Show quoted text
> # New Ticket Created by Marc-Philip > # Please include the string: [perl #133074] > # in the subject line of all future correspondence about this issue. > # <URL: https://rt.perl.org/Ticket/Display.html?id=133074 > > > > From: marc-philip.werner@sap.com > To: perlbug@perl.org > Message-Id: <5.26.1_51638_1512643179@WDFM33972517A> > Reply-To: marc-philip.werner@sap.com > Subject: uninitialized variable and integer overrun in pp.c and toke.c > > > This is a bug report for perl from marc-philip.werner@sap.com, > generated with the help of perlbug 1.40 running under perl 5.26.1. > > > ----------------------------------------------------------------- > Hi, > we have some coverity code scans here. They have found this uninitialized variable in pp.c and the integer overrun in toke.c. > Though it might be possible that these are false positives (no reasonable control path gets there), it's good to mute the scan here to better see other (possibly real) problems. > > I'm attaching a patchfile. > > Best Regards > Marc-Philip >
This is a duplicate of #133073, I merged this into that


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

For issues related to this RT instance (aka "perlbug"), please contact perlbug-admin at perl.org