[perl/f16] Fix leak with non-matching named captures

Petr Pisar ppisar at fedoraproject.org
Wed Dec 14 14:50:48 UTC 2011 

commit 0570c0a6cfe5b1b31d91d7db6ce505c67f2821dd
Author: Petr Písař <ppisar at redhat.com>
Date:   Wed Dec 14 15:28:03 2011 +0100

    Fix leak with non-matching named captures

 ...n-t-leak-memory-when-accessing-named-capt.patch |   52 ++++++++++++++++++++
 perl.spec                                          |   11 ++++-
 2 files changed, 62 insertions(+), 1 deletions(-)
---
diff --git a/perl-5.14.2-Don-t-leak-memory-when-accessing-named-capt.patch b/perl-5.14.2-Don-t-leak-memory-when-accessing-named-capt.patch
new file mode 100644
index 0000000..a3aabb2
--- /dev/null
+++ b/perl-5.14.2-Don-t-leak-memory-when-accessing-named-capt.patch
@@ -0,0 +1,52 @@
+From 7402016d87474403eea5c52dc2c071f68cbbe25c Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?=C3=86var=20Arnfj=C3=B6r=C3=B0=20Bjarmason?= <avar at cpan.org>
+Date: Tue, 13 Dec 2011 14:43:12 +0000
+Subject: [PATCH] [RT #78266] Don't leak memory when accessing named captures
+ that didn't match
+
+Since 5.10 (probably 44a2ac759e) named captures have been leaking
+memory when they're used, don't actually match, but are later
+accessed. E.g.:
+
+    $ perl -wle 'for (1..10_000_000) { if ("foo" =~ /(foo|(?<capture>bar))?/) { my $capture = $+{capture} } } system "ps -o rss $$"'
+      RSS
+    238524
+
+Here we match the "foo" branch of our regex, but since we've used a
+name capture we'll end up running the code in
+Perl_reg_named_buff_fetch, which allocates a newSVsv(&PL_sv_undef) but
+never uses it unless it's trying to return an array.
+
+Just change that code not to allocate scalars we don't plan to
+return. With this fix we don't leak any memory since there's nothing
+to leak anymore.
+
+    $ ./perl -Ilib -wle 'for (1..10_000_000) { if ("foo" =~ /(foo|(?<capture>bar))?/) { my $capture = $+{capture} } } system "ps -o rss $$"'
+      RSS
+     3528
+
+This reverts commit b28f4af8cf94eb18c0cfde71e9625081912499a8 ("Fix
+allocating something in the first place is a better solution than
+allocating it, not using it, and then freeing it.
+
+Petr Pisar: perldelta and wrong fix (commit b28f4af8cf) removed.
+---
+ regcomp.c         |    7 ++-----
+
+diff --git a/regcomp.c b/regcomp.c
+index 9e9fac4..56b2b9c 100644
+--- a/regcomp.c
++++ b/regcomp.c
+@@ -5409,7 +5409,8 @@ Perl_reg_named_buff_fetch(pTHX_ REGEXP * const r, SV * const namesv,
+                     if (!retarray)
+                         return ret;
+                 } else {
+-                    ret = newSVsv(&PL_sv_undef);
++                    if (retarray)
++                        ret = newSVsv(&PL_sv_undef);
+                 }
+                 if (retarray)
+                     av_push(retarray, ret);
+-- 
+1.7.7.4
+
diff --git a/perl.spec b/perl.spec
index 44ca85d..62d1aca 100644
--- a/perl.spec
+++ b/perl.spec
@@ -22,7 +22,7 @@
 Name:           perl
 Version:        %{perl_version}
 # release number must be even higher, because dual-lived modules will be broken otherwise
-Release:        191%{?dist}
+Release:        192%{?dist}
 Epoch:          %{perl_epoch}
 Summary:        Practical Extraction and Report Language
 Group:          Development/Languages
@@ -75,6 +75,10 @@ Patch9:         perl-5.14.2-digest_eval.patch
 # rhbz #720610, Perl RT#94560, accepted as v5.15.4-24-g26e1303.
 Patch10:        perl-5.14.2-large-repeat-heap-abuse.patch
 
+# Fix leak with non-matching named captures. rhbz#767597, RT#78266, fixed
+# after 5.14.2.
+Patch11:        perl-5.14.2-Don-t-leak-memory-when-accessing-named-capt.patch
+
 # Update some of the bundled modules
 # see http://fedoraproject.org/wiki/Perl/perl.spec for instructions
 
@@ -1102,6 +1106,7 @@ tarball from perl.org.
 %patch8 -p1
 %patch9 -p1
 %patch10 -p1
+%patch11 -p1
 
 #copy the example script
 cp -a %{SOURCE5} .
@@ -1293,6 +1298,7 @@ pushd %{build_archlib}/CORE/
     'Fedora Patch7: Dont run one io test due to random builder failures' \
     'Fedora Patch9: Fix code injection in Digest->new()' \
     'Fedora Patch10: Change Perl_repeatcpy() to allow count above 2^31' \
+    'Fedora Patch11: Fix leak with non-matching named captures' \
     %{nil}
 
 rm patchlevel.bak
@@ -2176,6 +2182,9 @@ sed \
 
 # Old changelog entries are preserved in CVS.
 %changelog
+* Wed Dec 14 2011 Petr Pisar <ppisar at redhat.com> - 4:5.14.2-192
+- Fix leak with non-matching named captures (bug #767597)
+
 * Fri Nov 18 2011 Petr Pisar <ppisar at redhat.com> - 4:5.14.2-191
 - Increase epoch of perl-Module-CoreList to overcome version regression in
   upstream (bug #754641)

More information about the scm-commits mailing list