[PATCH] Re: Perl PR: "Security holes in Sys::Syslog"

Date: 01 Dec 2005 06:20:14 -0800
Message-ID: <lroe406grl.fsf_-_@caliper.activestate.com>

Subject: [PATCH] Suppress "0b" prefix for sprintf("%#b", 0)
From: Gisle Aas <gisle@ActiveState.com>
Date: 01 Dec 2005 06:11:44 -0800
Message-ID: <lrsltc6h5r.fsf_-_@caliper.activestate.com>

p4raw-id: //depot/perl@26237

diff --git a/sv.c b/sv.c
index 10aecd5..14a5fab 100644 (file)
--- a/sv.c
+++ b/sv.c
@@ -8593,6 +8593,8 @@ Perl_sv_vcatpvfn(pTHX_ SV *sv, const char *pat, STRLEN patlen, va_list *args, SV
                        *--ptr = '0';
                    break;
                case 2:
+                   if (!uv)
+                       alt = FALSE;
                    do {
                        dig = uv & 1;
                        *--ptr = '0' + dig;
@@ -8889,6 +8891,8 @@ Perl_sv_vcatpvfn(pTHX_ SV *sv, const char *pat, STRLEN patlen, va_list *args, SV
 
        /* calculate width before utf8_upgrade changes it */
        have = esignlen + zeros + elen;
+       if (have < zeros)
+           Perl_croak_nocontext(PL_memory_wrap);
 
        if (is_utf8 != has_utf8) {
             if (is_utf8) {

diff --git a/t/op/sprintf.t b/t/op/sprintf.t
index 0b9e94e..35bb8e6 100755 (executable)
--- a/t/op/sprintf.t
+++ b/t/op/sprintf.t
@@ -418,3 +418,6 @@ __END__
 >%4$K %d<      >[45, 67]<      >%4$K 45 INVALID<
 >%d %K %d<     >[23, 45]<      >23 %K 45 INVALID<
 >%*v*999\$d %d %d<     >[11, 22, 33]<  >%*v*999\$d 11 22 INVALID<
+>%#b<          >0<     >0<
+>%#o<          >0<     >0<
+>%#x<          >0<     >0<