summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTodd C. Miller <millert@cvs.openbsd.org>2012-10-26 18:56:50 +0000
committerTodd C. Miller <millert@cvs.openbsd.org>2012-10-26 18:56:50 +0000
commitc6e994ee3aee6111a8a777022604f0c6a3cf3eab (patch)
tree8e11a2331ed4906af07a77b057e33264fece8b5f
parenteede246ec0ec0264b94ef0d8fbaf8bd3c99ebf85 (diff)
Fix for CVE-2012-5195; ok miod@
-rw-r--r--gnu/usr.bin/perl/patchlevel.h1
-rw-r--r--gnu/usr.bin/perl/util.c3
2 files changed, 4 insertions, 0 deletions
diff --git a/gnu/usr.bin/perl/patchlevel.h b/gnu/usr.bin/perl/patchlevel.h
index da35efdffc0..46b370f1bb6 100644
--- a/gnu/usr.bin/perl/patchlevel.h
+++ b/gnu/usr.bin/perl/patchlevel.h
@@ -134,6 +134,7 @@ static const char * const local_patches[] = {
,"CVE-2011-1487"
,"Updated Digest to 1.17"
,"CVE-2011-2939"
+ ,"CVE-2012-5195"
#ifdef PERL_GIT_UNCOMMITTED_CHANGES
,"uncommitted-changes"
#endif
diff --git a/gnu/usr.bin/perl/util.c b/gnu/usr.bin/perl/util.c
index 89fea231a6a..83e048dde17 100644
--- a/gnu/usr.bin/perl/util.c
+++ b/gnu/usr.bin/perl/util.c
@@ -3033,6 +3033,9 @@ Perl_repeatcpy(register char *to, register const char *from, I32 len, register I
{
PERL_ARGS_ASSERT_REPEATCPY;
+ if (count < 0)
+ Perl_croak_nocontext("%s",PL_memory_wrap);
+
if (len == 1)
memset(to, *from, count);
else if (count) {