projects / p5sagit/Devel-Size.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw (parent: 811a099)
Don't recurse into op_size() on op->pmnext.
Nicholas Clark [Sun, 8 May 2011 07:38:02 +0000 (09:38 +0200)]
It doesn't point to an OP owned by the current OP - it is used to form a linked
list that reset uses to find regexps to reset. Moreover, prior to 5.8.0 it can
end up pointing to freed memory, which results in much jollity.
[Bug 20010301.005, a.k.a. RT #5935, fixed in cb55de95c99e4650]

Size.xs patch | blob | blame | history

diff --git a/Size.xs b/Size.xs
index fa0673f..a2e30b1 100644 (file)
--- a/Size.xs
+++ b/Size.xs
@@ -414,7 +414,6 @@ op_size(pTHX_ const OP * const baseop, struct state *st)
 #if PERL_VERSION < 9 || (PERL_VERSION == 9 && PERL_SUBVERSION < 5)
            op_size(aTHX_ cPMOPx(baseop)->op_pmreplroot, st);
            op_size(aTHX_ cPMOPx(baseop)->op_pmreplstart, st);
-           op_size(aTHX_ (OP *)cPMOPx(baseop)->op_pmnext, st);
 #endif
            /* This is defined away in perl 5.8.x, but it is in there for
               5.6.x */
Unnamed repository; edit this file 'description' to name the repository.