Created attachment 337691 [details] Test script that segfaults Description of problem: Perl segfaults when processing very long strings. The root problem is that S_regmatch is recursive and will eventually exhaust stack space after many recursions. The stack trace after the segfault looks like: Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 48002166805024 (LWP 32224)] 0x0000003957cde875 in S_regmatch (my_perl=0xdf97010, prog=0xfeae84) at regexec.c:2305 2305 { (gdb) bt #0 0x0000003957cde875 in S_regmatch (my_perl=0xdf97010, prog=0xfeae84) at regexec.c:2305 #1 0x0000003957cdea87 in S_regmatch (my_perl=0xdf97010, prog=<value optimized out>) at regexec.c:3908 #2 0x0000003957ce16ce in S_regmatch (my_perl=0xdf97010, prog=<value optimized out>) at regexec.c:3332 #3 0x0000003957ce16ce in S_regmatch (my_perl=0xdf97010, prog=<value optimized out>) at regexec.c:3332 #4 0x0000003957ce16ce in S_regmatch (my_perl=0xdf97010, prog=<value optimized out>) at regexec.c:3332 [...] #22456 0x0000003957cdfe41 in S_regmatch (my_perl=0xdf97010, prog=<value optimized out>) at regexec.c:3160 #22457 0x0000003957cdfe41 in S_regmatch (my_perl=0xdf97010, prog=<value optimized out>) at regexec.c:3160 #22458 0x0000003957cdfe41 in S_regmatch (my_perl=0xdf97010, prog=<value optimized out>) at regexec.c:3160 #22459 0x0000003957ce2908 in S_regtry (my_perl=0xdf97010, prog=0xdfbfdb0, startpos=0xe033b09 "\" word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word wor"...) at regexec.c:2204 #22460 0x0000003957ce6c20 in Perl_regexec_flags (my_perl=0xdf97010, prog=0xdfbfdb0, stringarg=<value optimized out>, strend=0xe039cb3 "", strbeg=0xe033b09 "\" word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word word wor"..., minend=<value optimized out>, sv=0xdfe2da0, data=0x0, flags=<value optimized out>) at regexec.c:2031 #22461 0x0000003957c91fdc in Perl_pp_subst (my_perl=0xdf97010) at pp_hot.c:2107 #22462 0x0000003957c8a0ae in Perl_runops_standard (my_perl=0xdf97010) at run.c:37 #22463 0x0000003957c37f1a in perl_run (my_perl=0xdf97010) at perl.c:2372 #22464 0x000000000040179c in main (argc=3, argv=0x7fff7927aca8, env=<value optimized out>) at perlmain.c:99 Version-Release number of selected component (if applicable): perl-5.8.8-40 How reproducible: 100% Steps to Reproduce: 1. run attached sample script: "perl test-it281146.pl 5000" Actual results: Segfault Expected results: No segfault Additional info: This issue has been documented in Debian bug 320727[1], and has been fixed upstream[2]. This problem does not occur with perl-5.10.0-56 in Fedora 10. I've been attempting to backport the upstream patch, but would like some guidance on whether or not this would be considered too invasive a change for a RHEL update. [1]http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=320727 [2]http://perl5.git.perl.org/perl.git/commit/95b244405438253236d34c3edcbd0892a86c2dd1
I'm sorry for so long response time. Does it impact our customers or our servers? This is invasive change because you can easily overlook some consequence. I didn't look at the differences between upstream version and our version of this file yet, but there would be probably many. The main problem is that you usually need backport also other preceding patches and you can easily miss something important or change something else unintentionally.
This is impacting one of our customers. I've requested additional details.
This request was evaluated by Red Hat Product Management for inclusion in the current release of Red Hat Enterprise Linux. Because the affected component is not scheduled to be updated in the current release, Red Hat is unfortunately unable to address this request at this time. Red Hat invites you to ask your support representative to propose this request, if appropriate and relevant, in the next release of Red Hat Enterprise Linux.