Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

perl crashes when utf8::upgrade($offsetOK_scalar) #7189

Closed
p5pRT opened this issue Mar 20, 2004 · 5 comments
Closed

perl crashes when utf8::upgrade($offsetOK_scalar) #7189

p5pRT opened this issue Mar 20, 2004 · 5 comments
Labels
distro-mswin32 type-core

Comments

@p5pRT
Copy link

p5pRT commented Mar 20, 2004

Migrated from rt.perl.org#27803 (status was 'resolved')

Searchable as RT27803$
@p5pRT
Copy link
Author

p5pRT commented Mar 20, 2004

From BQW10602@nifty.com

Created by bqw10602@nifty.com

Perl crashes at utf8​::upgrade($a) when $a is OOK.
I think Safefree(s) in sv_utf8_upgrade tries to free old SvPVX(sv)
but this is not a pointer to the string buffer.
Is SvOOK_off(sv) necessary somewhere before Safefree?

$a = "123456\xFF";
$a =~ s/^...//;
utf8​::upgrade($a);
print $a eq "456\xFF" ? "ok" : "not ok";
__END__
Free to wrong pool 1660db0 not 33323101 at test.pl line 6.

Regards,
SADAHIRO Tomoyuki

Perl Info 

Flags:
    category=core
    severity=medium

Site configuration information for perl v5.8.3:

Summary of my perl5 (revision 5 version 8 subversion 3) configuration:
  Platform:
    osname=MSWin32, osvers=4.0, archname=MSWin32-x86-multi-thread
    uname=''
    config_args='undef'
    hint=recommended, useposix=true, d_sigaction=undef
    usethreads=undef use5005threads=undef useithreads=define usemultiplicity=define
    useperlio=define d_sfio=undef uselargefiles=define usesocks=undef
    use64bitint=undef use64bitall=undef uselongdouble=undef
    usemymalloc=n, bincompat5005=undef
  Compiler:
    cc='cl', ccflags ='-nologo -Gf -W3 -MD -DNDEBUG -O1 -DWIN32 -D_CONSOLE -DNO_STRICT -DHAVE_DES_FCRYPT  -DPERL_IMPLICIT_CONTEXT -DPERL_IMPLICIT_SYS -DUSE_PERLIO -DPERL_MSVCRT_READFIX',
    optimize='-MD -DNDEBUG -O1',
    cppflags='-DWIN32'
    ccversion='', gccversion='', gccosandvers=''
    intsize=4, longsize=4, ptrsize=4, doublesize=8, byteorder=1234
    d_longlong=undef, longlongsize=8, d_longdbl=define, longdblsize=10
    ivtype='long', ivsize=4, nvtype='double', nvsize=8, Off_t='__int64', lseeksize=8
    alignbytes=8, prototype=define
  Linker and Libraries:
    ld='link', ldflags ='-nologo -nodefaultlib -release  -libpath:"c:\usr\perl\lib\CORE"  -machine:x86'
    libpth=C:\PROGRA~1\MICROS~4\VC98\lib
    libs=  oldnames.lib kernel32.lib user32.lib gdi32.lib winspool.lib  comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib  netapi32.lib uuid.lib wsock32.lib mpr.lib winmm.lib  version.lib odbc32.lib odbccp32.lib msvcrt.lib
    perllibs=  oldnames.lib kernel32.lib user32.lib gdi32.lib winspool.lib  comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib  netapi32.lib uuid.lib wsock32.lib mpr.lib winmm.lib  version.lib odbc32.lib odbccp32.lib msvcrt.lib
    libc=msvcrt.lib, so=dll, useshrplib=yes, libperl=perl58.lib
    gnulibc_version='undef'
  Dynamic Linking:
    dlsrc=dl_win32.xs, dlext=dll, d_dlsymun=undef, ccdlflags=' '
    cccdlflags=' ', lddlflags='-dll -nologo -nodefaultlib -release  -libpath:"c:\usr\perl\lib\CORE"  -machine:x86'

Locally applied patches:
    


@INC for perl v5.8.3:
    C:/usr/perl/lib
    C:/usr/perl/site/lib
    .


Environment for perl v5.8.3:
    HOME (unset)
    LANG (unset)
    LANGUAGE (unset)
    LD_LIBRARY_PATH (unset)
    LOGDIR (unset)
    PATH=C:\PROGRA~1\MICROS~4\COMMON\MSDEV98\BIN;C:\PROGRA~1\MICROS~4\VC98\BIN;C:\PROGRA~1\MICROS~4\COMMON\TOOLS\WIN95;C:\PROGRA~1\MICROS~4\COMMON\TOOLS;\SYSTEM;C:\FJUTY;C:\WINDOWS;C:\WINDOWS\COMMAND;;C:\USR\BIN;C:\USR\PERL\BIN;;C:\USR\EXPAT\LIBS;;C:\USR\ICU\BIN;C:\USR\ICU\LIB;
    PERL_BADLANG (unset)
    SHELL (unset)

@p5pRT
Copy link
Author

p5pRT commented Mar 21, 2004

From BQW10602@nifty.com

On 20 Mar 2004 16​:52​:22 -0000
SADAHIRO Tomoyuki (via RT) <perlbug-followup@​perl.org> wrote​:

# New Ticket Created by SADAHIRO Tomoyuki
# Please include the string​: [perl #27803]
# in the subject line of all future correspondence about this issue.
# <URL​: http​://rt.perl.org​:80/rt3/Ticket/Display.html?id=27803 >

This is a bug report for perl from bqw10602@​nifty.com,
generated with the help of perlbug 1.34 running under perl v5.8.3.

-----------------------------------------------------------------
[Please enter your report here]

Perl crashes at utf8​::upgrade($a) when $a is OOK.
I think Safefree(s) in sv_utf8_upgrade tries to free old SvPVX(sv)
but this is not a pointer to the string buffer.
Is SvOOK_off(sv) necessary somewhere before Safefree?

$a = "123456\xFF";
$a =~ s/^...//;
utf8​::upgrade($a);
print $a eq "456\xFF" ? "ok" : "not ok";
__END__
Free to wrong pool 1660db0 not 33323101 at test.pl line 6.

Here is a patch.

Inline Patch 
diff -urN perl~/lib/utf8.t perl/lib/utf8.t
--- perl~/lib/utf8.t	Mon Mar 08 06:56:46 2004
+++ perl/lib/utf8.t	Sun Mar 21 13:48:40 2004
@@ -37,7 +37,7 @@
 #
 #
 
-plan tests => 144;
+plan tests => 145;
 
 {
     # bug id 20001009.001
@@ -414,4 +414,14 @@
     eval {utf8::encode("£")};
     like($@, qr/^Modification of a read-only value attempted/,
 	 "utf8::encode should refuse to touch read-only values");
+}
+
+{
+    my $a = "456\xb6";
+    utf8::upgrade($a);
+
+    my $b = "123456\xb6";
+    $b =~ s/^...//;
+    utf8::upgrade($b);
+    is($b, $a, "utf8::upgrade OffsetOK");
 }
diff -urN perl~/sv.c perl/sv.c
--- perl~/sv.c	Wed Mar 17 03:42:24 2004
+++ perl/sv.c	Sun Mar 21 13:34:42 2004
@@ -3494,7 +3494,8 @@
 	 }
 	 if (hibit) {
 	      STRLEN len;
-	
+	      SvOOK_off(sv);
+	      s = (U8 *) SvPVX(sv);
 	      len = SvCUR(sv) + 1; /* Plus the \0 */
 	      SvPVX(sv) = (char*)bytes_to_utf8((U8*)s, &len);
 	      SvCUR(sv) = len - 1;
End of Patch.

regards,
SADAHIRO Tomoyuki

@p5pRT
Copy link
Author

p5pRT commented Mar 21, 2004

From @rgs

SADAHIRO Tomoyuki wrote​:

Perl crashes at utf8​::upgrade($a) when $a is OOK.
I think Safefree(s) in sv_utf8_upgrade tries to free old SvPVX(sv)
but this is not a pointer to the string buffer.
Is SvOOK_off(sv) necessary somewhere before Safefree?

$a = "123456\xFF";
$a =~ s/^...//;
utf8​::upgrade($a);
print $a eq "456\xFF" ? "ok" : "not ok";
__END__
Free to wrong pool 1660db0 not 33323101 at test.pl line 6.

Here is a patch.

Thanks, applied to bleadperl as #22545.

@p5pRT
Copy link
Author

p5pRT commented Mar 21, 2004

The RT System itself - Status changed from 'new' to 'open'

@p5pRT
Copy link
Author

p5pRT commented Mar 21, 2004

@rgs - Status changed from 'open' to 'resolved'

@p5pRT p5pRT closed this as completed Mar 21, 2004
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
distro-mswin32 type-core
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@p5pRT