[comp.lang.perl] Bug in Perl 4.0

darrylo@hpnmdla.hp.com (Darryl Okahata) (03/22/91)

		    ***** Perl 4.0 bug report *****

Version:	Perl 4.0 (released version)
Machine:	HP9000 Series 380 (MC68040-based)
OS:		HP-UX 7.05

     The perl "make tests" fails with several failed tests (e.g.,
"comp/cmdopt.t").  The problem seems to be in consarg.c:

-------------------------------------------------------------------------------
553:	 	    break;
554:		}
555:		if (str) {
556:		    arg->arg_type = O_ITEM;	/* note arg1 type is already SINGLE */
557:		    str_free(s1);
558:		    str_free(s2);
559:		    arg[1].arg_ptr.arg_str = str;
560:		    arg[2].arg_ptr.arg_str = Nullstr;
561:		    arg[2].arg_type = A_NULL;
562:		}
563:	    }
564:	}
-------------------------------------------------------------------------------

Here, lines 560/561 are clearing arg[2], which may not exist.  As a
result, memory gets trashed, eventually causing a core dump.

     My fix for this is the patch at the end of this message, where
arg[2] is cleared only if "s2" is not "Nullstr".  Note that I have very
little idea if this is the best fix, as I don't know much about the perl
innards.

     -- Darryl Okahata
	UUCP: {hplabs!, hpcea!, hpfcla!} hpnmd!darrylo
	Internet: darrylo%hpnmd@relay.hp.com

DISCLAIMER: this message is the author's personal opinion and does not
constitute the support, opinion or policy of Hewlett-Packard or of the
little green men that have been following him all day.

-------------------------------------------------------------------------------
*** consarg.c.~1~	Thu Mar 21 15:01:35 1991
--- consarg.c	Thu Mar 21 20:33:52 1991
***************
*** 555,561
  	if (str) {
  	    arg->arg_type = O_ITEM;	/* note arg1 type is already SINGLE */
  	    str_free(s1);
- 	    str_free(s2);
  	    arg[1].arg_ptr.arg_str = str;
  	    arg[2].arg_ptr.arg_str = Nullstr;
  	    arg[2].arg_type = A_NULL;

--- 555,560 -----
  	if (str) {
  	    arg->arg_type = O_ITEM;	/* note arg1 type is already SINGLE */
  	    str_free(s1);
  	    arg[1].arg_ptr.arg_str = str;
  	    if (s2 != Nullstr) {
  		str_free(s2);
***************
*** 557,564
  	    str_free(s1);
  	    str_free(s2);
  	    arg[1].arg_ptr.arg_str = str;
! 	    arg[2].arg_ptr.arg_str = Nullstr;
! 	    arg[2].arg_type = A_NULL;
  	}
      }
  }

--- 556,566 -----
  	    arg->arg_type = O_ITEM;	/* note arg1 type is already SINGLE */
  	    str_free(s1);
  	    arg[1].arg_ptr.arg_str = str;
! 	    if (s2 != Nullstr) {
! 		str_free(s2);
! 		arg[2].arg_ptr.arg_str = Nullstr;
! 		arg[2].arg_type = A_NULL;
! 	    }
  	}
      }
  }
-------------------------------------------------------------------------------