diff options
| author | Karl Williamson <khw@cpan.org> | 2014-10-16 22:24:13 -0600 |
|---|---|---|
| committer | Karl Williamson <khw@cpan.org> | 2014-10-21 09:26:50 -0600 |
| commit | 5333b64c49d92edaebcba2a634f2cb1d4edc5920 (patch) | |
| tree | 7cc2096432152ec8ef875c0ac936a06b579caaa9 /toke.c | |
| parent | aae773bbd74e39596c3ed0ed403f36b245b6d687 (diff) | |
| download | perl-5333b64c49d92edaebcba2a634f2cb1d4edc5920.tar.gz | |
toke.c: Fix potential buffer overflow
Malformed UTF-8 input could have potentially caused a read off the end
of the buffer here until this commit.
Diffstat (limited to 'toke.c')
| -rw-r--r-- | toke.c | 4 |
1 files changed, 3 insertions, 1 deletions
@@ -8564,7 +8564,9 @@ S_scan_ident(pTHX_ char *s, char *dest, STRLEN destlen, I32 ck_uni) || (((U8)(d)) <= 8 && (d) != 0) \ || (((U8)(d)) == 13)))) \ || (((U8)(d)) == toCTRL('?'))) - if (s < PL_bufend + if ((s <= PL_bufend - (is_utf8) + ? UTF8SKIP(s) + : 1) && (isIDFIRST_lazy_if(s, is_utf8) || VALID_LEN_ONE_IDENT(*s, is_utf8))) { if ( isCNTRL_A((U8)*s) ) { |