From: Father Chrysostomos Date: Tue, 13 Nov 2012 17:10:09 +0000 (-0800) Subject: regexec.c: Safer stack handling for re-evals X-Git-Tag: upstream/5.20.0~4832 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=7f87a4de1805b005b66302addfebbc9749b7a1d9;p=platform%2Fupstream%2Fperl.git regexec.c: Safer stack handling for re-evals I don’t believe there is an actual bug here (only a theoretical one), but comparing pointers into an array that has been reallocated meanwhile is not a good idea. --- diff --git a/regexec.c b/regexec.c index ecf8f87..4940641 100644 --- a/regexec.c +++ b/regexec.c @@ -4732,7 +4732,7 @@ S_regmatch(pTHX_ regmatch_info *reginfo, char *startpos, regnode *prog) /* execute the code in the {...} */ dSP; - SV ** before; + PADOFFSET before; OP * const oop = PL_op; COP * const ocurcop = PL_curcop; OP *nop; @@ -4851,11 +4851,11 @@ S_regmatch(pTHX_ regmatch_info *reginfo, char *startpos, regnode *prog) /* we don't use MULTICALL here as we want to call the * first op of the block of interest, rather than the * first op of the sub */ - before = SP; + before = SP-PL_stack_base; PL_op = nop; CALLRUNOPS(aTHX); /* Scalar context. */ SPAGAIN; - if (SP == before) + if (SP-PL_stack_base == before) ret = &PL_sv_undef; /* protect against empty (?{}) blocks. */ else { ret = POPs;