diff options
author | Aaron Crane <arc@cpan.org> | 2016-01-12 00:05:40 +0000 |
---|---|---|
committer | Aaron Crane <arc@cpan.org> | 2016-01-12 00:41:24 +0000 |
commit | 2415a0a27e4707ca7be52f2a92148dcc8d517aa1 (patch) | |
tree | bc0873af7d5049b14f2792ae0a3bd4628d7598eb /MANIFEST | |
parent | 5dcc8417a3fe161282405373988b7a279bef500d (diff) | |
download | perl-2415a0a27e4707ca7be52f2a92148dcc8d517aa1.tar.gz |
Data::Dumper: handle huge inputs on 64-bit platforms
Several quantities relating to string escaping were being stored in 32-bit
variables. On a 64-bit system, pathological inputs could overflow the
available space and cause incorrect output.
The test for this requires about 10 GB of memory, so it is disabled except
when PERL_TEST_MEMORY is set to at least 10.
There are other questionable-looking uses of I32 in Dumper.xs, but they
don't seem to be exploitable. (It helps, for example, that the core hash API
restricts key lengths to 2**31-1.) That said, it may be worth auditing the
code rather more carefully for potential problems.
Diffstat (limited to 'MANIFEST')
-rw-r--r-- | MANIFEST | 1 |
1 files changed, 1 insertions, 0 deletions
@@ -3069,6 +3069,7 @@ dist/Data-Dumper/t/dumper.t See if Data::Dumper works dist/Data-Dumper/t/dumpperl.t See if Data::Dumper::Dumpperl works dist/Data-Dumper/t/freezer.t See if Data::Dumper::Freezer works dist/Data-Dumper/t/freezer_useperl.t See if Data::Dumper works +dist/Data-Dumper/t/huge.t See if Data::Dumper works on huge inputs dist/Data-Dumper/t/indent.t See if Data::Dumper::Indent works dist/Data-Dumper/t/lib/Testing.pm Functions used in testing Data-Dumper dist/Data-Dumper/t/misc.t Miscellaneous tests for Data-Dumper |