diff options
| author | Natanael Copa <ncopa@alpinelinux.org> | 2018-12-04 14:40:59 +0000 |
|---|---|---|
| committer | Natanael Copa <ncopa@alpinelinux.org> | 2018-12-04 17:27:53 +0100 |
| commit | 17a345542d7049381a2bafa85893bda2cfc61358 (patch) | |
| tree | eaab087fb82105f072a90cb22de6e0d08b1f61eb | |
| parent | a6a6bcff1f6b6dcf3aa2991d43f73b1948084d66 (diff) | |
| download | aports-17a345542d7049381a2bafa85893bda2cfc61358.tar.bz2 aports-17a345542d7049381a2bafa85893bda2cfc61358.tar.xz | |
main/perl: backport security fixes
| -rw-r--r-- | main/perl/APKBUILD | 17 | ||||
| -rw-r--r-- | main/perl/CVE-2018-18311.patch | 174 | ||||
| -rw-r--r-- | main/perl/CVE-2018-18312.patch | 47 | ||||
| -rw-r--r-- | main/perl/CVE-2018-18313.patch | 105 | ||||
| -rw-r--r-- | main/perl/CVE-2018-18314.patch | 267 |
5 files changed, 608 insertions, 2 deletions
diff --git a/main/perl/APKBUILD b/main/perl/APKBUILD index 71f61d19ec..316430908d 100644 --- a/main/perl/APKBUILD +++ b/main/perl/APKBUILD @@ -3,7 +3,7 @@ # Contributor: Valery Kartel <valery.kartel@gmail.com> pkgname=perl pkgver=5.24.4 -pkgrel=1 +pkgrel=2 pkgdesc="Larry Wall's Practical Extraction and Report Language" url="http://www.perl.org/" arch="all" @@ -15,9 +15,18 @@ makedepends="bzip2-dev zlib-dev" subpackages="$pkgname-doc $pkgname-dev $pkgname-utils::noarch miniperl" source="http://www.cpan.org/src/5.0/perl-$pkgver.tar.gz CVE-2018-12015.patch + CVE-2018-18311.patch + CVE-2018-18312.patch + CVE-2018-18313.patch + CVE-2018-18314.patch " # secfixes: +# 5.24.4-r2: +# - CVE-2018-18311 +# - CVE-2018-18312 +# - CVE-2018-18313 +# - CVE-2018-18314 # 5.24.4-r1: # - CVE-2018-12015 # 5.24.3-r0: @@ -140,4 +149,8 @@ utils() { } sha512sums="796d92f47860ac0e3a22d85eb129549c4251445b3cfa8687e305c95f6205ad32a670e0d680e20245e47f0c6567b313748bce1db04208b21ff10595196e37a40b perl-5.24.4.tar.gz -feda381bd3230443341b99135bac4d6010e9d28b619d9fb57f2dda2c29b8877f012f76d31631e5227ef79e73e0b2b162548fa24704752e61f10c05d015c68916 CVE-2018-12015.patch" +feda381bd3230443341b99135bac4d6010e9d28b619d9fb57f2dda2c29b8877f012f76d31631e5227ef79e73e0b2b162548fa24704752e61f10c05d015c68916 CVE-2018-12015.patch +c1af39d5f293cb83b5ce8cea0835a52470cc2aa67cf541bfc20fd25c815cd9124cb6d91df979235868223ba2244ceed1336e304e10df74b40b706268ffc2b8c1 CVE-2018-18311.patch +f785a9b94311a4a8dfdf811006c8eb540808d75922d7d5c48e567c949ebf0dc4fe2641163e1220db3a29d650c2d35ed278bb3867f8ebe626faad05bf75d32ad1 CVE-2018-18312.patch +bcc8438fc8bceef83b23dac2e788ceb5d70f645054b5d04c555004ccfe2f85a83f835b387ee318e1ca8668afb7601eeacfc4355e8a70e98549c15b1521555318 CVE-2018-18313.patch +df59c1cb4ca8d651d544524ae01c092f0451ec27f7d821bc7e61e1b7385161e241797e84ae85782b3869d432bca72a93bfe71590a1cf879f7c5a11b780d3c4dd CVE-2018-18314.patch" diff --git a/main/perl/CVE-2018-18311.patch b/main/perl/CVE-2018-18311.patch new file mode 100644 index 0000000000..02277e93e2 --- /dev/null +++ b/main/perl/CVE-2018-18311.patch @@ -0,0 +1,174 @@ +From 5737d31aac51360cc1eb412ef059e36147c9d6d6 Mon Sep 17 00:00:00 2001 +From: David Mitchell <davem@iabyn.com> +Date: Fri, 29 Jun 2018 13:37:03 +0100 +Subject: [PATCH] Perl_my_setenv(); handle integer wrap + +RT #133204 + +Wean this function off int/I32 and onto UV/Size_t. +Also, replace all malloc-ish calls with a wrapper that does +overflow checks, + +In particular, it was doing (nlen + vlen + 2) which could wrap when +the combined length of the environment variable name and value +exceeded around 0x7fffffff. + +The wrapper check function is probably overkill, but belt and braces... + +NB this function has several variant parts, #ifdef'ed by platform +type; I have blindly changed the parts that aren't compiled under linux. + +(cherry picked from commit 34716e2a6ee2af96078d62b065b7785c001194be) +--- + util.c | 76 ++++++++++++++++++++++++++++++++++++++++------------------ + 1 file changed, 53 insertions(+), 23 deletions(-) + +diff --git a/util.c b/util.c +index 2e053a7115f..ba5fb2ded8e 100644 +--- a/util.c ++++ b/util.c +@@ -2064,8 +2064,40 @@ Perl_new_warnings_bitfield(pTHX_ STRLEN *buffer, const char *const bits, + *(s+(nlen+1+vlen)) = '\0' + + #ifdef USE_ENVIRON_ARRAY +- /* VMS' my_setenv() is in vms.c */ ++ ++/* small wrapper for use by Perl_my_setenv that mallocs, or reallocs if ++ * 'current' is non-null, with up to three sizes that are added together. ++ * It handles integer overflow. ++ */ ++static char * ++S_env_alloc(void *current, Size_t l1, Size_t l2, Size_t l3, Size_t size) ++{ ++ void *p; ++ Size_t sl, l = l1 + l2; ++ ++ if (l < l2) ++ goto panic; ++ l += l3; ++ if (l < l3) ++ goto panic; ++ sl = l * size; ++ if (sl < l) ++ goto panic; ++ ++ p = current ++ ? safesysrealloc(current, sl) ++ : safesysmalloc(sl); ++ if (p) ++ return (char*)p; ++ ++ panic: ++ croak_memory_wrap(); ++} ++ ++ ++/* VMS' my_setenv() is in vms.c */ + #if !defined(WIN32) && !defined(NETWARE) ++ + void + Perl_my_setenv(pTHX_ const char *nam, const char *val) + { +@@ -2081,28 +2113,27 @@ Perl_my_setenv(pTHX_ const char *nam, const char *val) + #ifndef PERL_USE_SAFE_PUTENV + if (!PL_use_safe_putenv) { + /* most putenv()s leak, so we manipulate environ directly */ +- I32 i; +- const I32 len = strlen(nam); +- int nlen, vlen; ++ UV i; ++ Size_t vlen, nlen = strlen(nam); + + /* where does it go? */ + for (i = 0; environ[i]; i++) { +- if (strnEQ(environ[i],nam,len) && environ[i][len] == '=') ++ if (strnEQ(environ[i], nam, nlen) && environ[i][nlen] == '=') + break; + } + + if (environ == PL_origenviron) { /* need we copy environment? */ +- I32 j; +- I32 max; ++ UV j, max; + char **tmpenv; + + max = i; + while (environ[max]) + max++; +- tmpenv = (char**)safesysmalloc((max+2) * sizeof(char*)); ++ /* XXX shouldn't that be max+1 rather than max+2 ??? - DAPM */ ++ tmpenv = (char**)S_env_alloc(NULL, max, 2, 0, sizeof(char*)); + for (j=0; j<max; j++) { /* copy environment */ +- const int len = strlen(environ[j]); +- tmpenv[j] = (char*)safesysmalloc((len+1)*sizeof(char)); ++ const Size_t len = strlen(environ[j]); ++ tmpenv[j] = S_env_alloc(NULL, len, 1, 0, 1); + Copy(environ[j], tmpenv[j], len+1, char); + } + tmpenv[max] = NULL; +@@ -2121,15 +2152,15 @@ Perl_my_setenv(pTHX_ const char *nam, const char *val) + #endif + } + if (!environ[i]) { /* does not exist yet */ +- environ = (char**)safesysrealloc(environ, (i+2) * sizeof(char*)); ++ environ = (char**)S_env_alloc(environ, i, 2, 0, sizeof(char*)); + environ[i+1] = NULL; /* make sure it's null terminated */ + } + else + safesysfree(environ[i]); +- nlen = strlen(nam); ++ + vlen = strlen(val); + +- environ[i] = (char*)safesysmalloc((nlen+vlen+2) * sizeof(char)); ++ environ[i] = S_env_alloc(NULL, nlen, vlen, 2, 1); + /* all that work just for this */ + my_setenv_format(environ[i], nam, nlen, val, vlen); + } else { +@@ -2154,22 +2185,21 @@ Perl_my_setenv(pTHX_ const char *nam, const char *val) + if (environ) /* old glibc can crash with null environ */ + (void)unsetenv(nam); + } else { +- const int nlen = strlen(nam); +- const int vlen = strlen(val); +- char * const new_env = +- (char*)safesysmalloc((nlen + vlen + 2) * sizeof(char)); ++ const Size_t nlen = strlen(nam); ++ const Size_t vlen = strlen(val); ++ char * const new_env = S_env_alloc(NULL, nlen, vlen, 2, 1); + my_setenv_format(new_env, nam, nlen, val, vlen); + (void)putenv(new_env); + } + # else /* ! HAS_UNSETENV */ + char *new_env; +- const int nlen = strlen(nam); +- int vlen; ++ const Size_t nlen = strlen(nam); ++ Size_t vlen; + if (!val) { + val = ""; + } + vlen = strlen(val); +- new_env = (char*)safesysmalloc((nlen + vlen + 2) * sizeof(char)); ++ new_env = S_env_alloc(NULL, nlen, vlen, 2, 1); + /* all that work just for this */ + my_setenv_format(new_env, nam, nlen, val, vlen); + (void)putenv(new_env); +@@ -2192,14 +2222,14 @@ Perl_my_setenv(pTHX_ const char *nam, const char *val) + { + dVAR; + char *envstr; +- const int nlen = strlen(nam); +- int vlen; ++ const Size_t nlen = strlen(nam); ++ Size_t vlen; + + if (!val) { + val = ""; + } + vlen = strlen(val); +- Newx(envstr, nlen+vlen+2, char); ++ envstr = S_env_alloc(NULL, nlen, vlen, 2, 1); + my_setenv_format(envstr, nam, nlen, val, vlen); + (void)PerlEnv_putenv(envstr); + Safefree(envstr); diff --git a/main/perl/CVE-2018-18312.patch b/main/perl/CVE-2018-18312.patch new file mode 100644 index 0000000000..94a073e211 --- /dev/null +++ b/main/perl/CVE-2018-18312.patch @@ -0,0 +1,47 @@ +From df2858ea28eb2c7e00a4bd6a5ed95e4782f88333 Mon Sep 17 00:00:00 2001 +From: Karl Williamson <khw@cpan.org> +Date: Mon, 24 Sep 2018 11:54:41 -0600 +Subject: [PATCH 242/242] PATCH: [perl #133423] for 5.26 maint + +--- + regcomp.c | 1 - + t/re/reg_mesg.t | 4 ++++ + 2 files changed, 4 insertions(+), 1 deletion(-) + +diff --git a/regcomp.c b/regcomp.c +index ca47db7573..431006e855 100644 +--- a/regcomp.c ++++ b/regcomp.c +@@ -15109,7 +15109,6 @@ redo_curchar: + RExC_parse++; + assert(UCHARAT(RExC_parse) == ')'); + +- RExC_parse++; + RExC_flags = save_flags; + goto handle_operand; + } +diff --git a/t/re/reg_mesg.t b/t/re/reg_mesg.t +index 39cfcf7df1..d26a7caf37 100644 +--- a/t/re/reg_mesg.t ++++ b/t/re/reg_mesg.t +@@ -106,6 +106,8 @@ my $high_mixed_digit = ('A' lt '0') ? '0' : 'A'; + my $colon_hex = sprintf "%02X", ord(":"); + my $tab_hex = sprintf "%02X", ord("\t"); + ++my $bug133423 = "(?[(?^:(?[\\\x00]))\\]\x00|2[^^]\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80])R.\\670"; ++ + ## + ## Key-value pairs of code/error of code that should have fatal errors. + ## +@@ -269,6 +271,8 @@ my @death = + '/(?[()-!])/' => 'Incomplete expression within \'(?[ ])\' {#} m/(?[(){#}-!])/', # [perl #126204] + '/(?[!()])/' => 'Incomplete expression within \'(?[ ])\' {#} m/(?[!(){#}])/', # [perl #126404] + '/(?<=/' => 'Sequence (?... not terminated {#} m/(?<={#}/', # [perl #128170] ++ "/$bug133423/" => "Operand with no preceding operator {#} m/(?[(?^:(?[\\]))\\{#}]|2[^^]\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80\x80])R.\\670/", ++ + ); + + # These are messages that are warnings when not strict; death under 'use re +-- +2.17.1 + diff --git a/main/perl/CVE-2018-18313.patch b/main/perl/CVE-2018-18313.patch new file mode 100644 index 0000000000..dbd97ebf2b --- /dev/null +++ b/main/perl/CVE-2018-18313.patch @@ -0,0 +1,105 @@ +From ff4e2b11ab19d0c806a3dc09308d1b393971b8aa Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Dagfinn=20Ilmari=20Manns=C3=A5ker?= <ilmari@ilmari.org> +Date: Mon, 14 Nov 2016 20:05:31 +0100 +Subject: [PATCH] Fix error message for unclosed \N{ in regcomp + +An unclosed \N{ that made it through to the regex engine rather than +being handled by the lexer would erroneously trigger the error for +"\N{NAME} must be resolved by the lexer". + +This separates the check for the missing trailing } and issues the +correct error message for this. +--- + regcomp.c | 8 +++++--- + t/re/re_tests | 5 ++++- + 2 files changed, 9 insertions(+), 4 deletions(-) + +diff --git a/regcomp.c b/regcomp.c +index ac664326f01..332cf00482e 100644 +--- a/regcomp.c ++++ b/regcomp.c +@@ -12005,13 +12005,15 @@ S_grok_bslash_N(pTHX_ RExC_state_t *pRExC_state, + + RExC_parse++; /* Skip past the '{' */ + +- if (! (endbrace = strchr(RExC_parse, '}')) /* no trailing brace */ +- || ! (endbrace == RExC_parse /* nothing between the {} */ ++ if (! (endbrace = strchr(RExC_parse, '}'))) { /* no trailing brace */ ++ vFAIL2("Missing right brace on \\%c{}", 'N'); ++ } ++ else if(!(endbrace == RExC_parse /* nothing between the {} */ + || (endbrace - RExC_parse >= 2 /* U+ (bad hex is checked... */ + && strnEQ(RExC_parse, "U+", 2)))) /* ... below for a better + error msg) */ + { +- if (endbrace) RExC_parse = endbrace; /* position msg's '<--HERE' */ ++ RExC_parse = endbrace; /* position msg's '<--HERE' */ + vFAIL("\\N{NAME} must be resolved by the lexer"); + } + +diff --git a/t/re/re_tests b/t/re/re_tests +index 046beaa193b..1797ddc09d9 100644 +--- a/t/re/re_tests ++++ b/t/re/re_tests +@@ -1478,7 +1478,10 @@ abc\N abc\n n + [\N{U+}] - c - Invalid hexadecimal number + \N{U+4AG3} - c - Invalid hexadecimal number + [\N{U+4AG3}] - c - Invalid hexadecimal number +-abc\N{def - c - \\N{NAME} must be resolved by the lexer ++abc\N{def} - c - \\N{NAME} must be resolved by the lexer ++abc\N{U+4AG3 - c - Missing right brace on \\N{} ++abc\N{def - c - Missing right brace on \\N{} ++abc\N{ - c - Missing right brace on \\N{} + + # Verify that under /x that still cant have space before left brace + /abc\N {U+41}/x - c - Missing braces +From c1c28ce6ba90ee05aa96b11ad551a6063680f3b9 Mon Sep 17 00:00:00 2001 +From: Karl Williamson <khw@cpan.org> +Date: Sat, 25 Mar 2017 15:00:22 -0600 +Subject: [PATCH] regcomp.c: Convert some strchr to memchr + +This allows things to work properly in the face of embedded NULs. +See the branch merge message for more information. + +(cherry picked from commit 43b2f4ef399e2fd7240b4eeb0658686ad95f8e62) +--- + regcomp.c | 11 +++++++---- + 1 file changed, 7 insertions(+), 4 deletions(-) + +diff --git a/regcomp.c b/regcomp.c +index 431006e8551..4ee48ede423 100644 +--- a/regcomp.c ++++ b/regcomp.c +@@ -12023,7 +12023,8 @@ S_grok_bslash_N(pTHX_ RExC_state_t *pRExC_state, + + RExC_parse++; /* Skip past the '{' */ + +- if (! (endbrace = strchr(RExC_parse, '}'))) { /* no trailing brace */ ++ endbrace = (char *) memchr(RExC_parse, '}', RExC_end - RExC_parse); ++ if (! endbrace) { /* no trailing brace */ + vFAIL2("Missing right brace on \\%c{}", 'N'); + } + else if(!(endbrace == RExC_parse /* nothing between the {} */ +@@ -12692,9 +12693,11 @@ S_regatom(pTHX_ RExC_state_t *pRExC_state, I32 *flagp, U32 depth) + else { + STRLEN length; + char name = *RExC_parse; +- char * endbrace; ++ char * endbrace = NULL; + RExC_parse += 2; +- endbrace = strchr(RExC_parse, '}'); ++ if (RExC_parse < RExC_end) { ++ endbrace = (char *) memchr(RExC_parse, '}', RExC_end - RExC_parse); ++ } + + if (! endbrace) { + vFAIL2("Missing right brace on \\%c{}", name); +@@ -16228,7 +16231,7 @@ S_regclass(pTHX_ RExC_state_t *pRExC_state, I32 *flagp, U32 depth, + vFAIL2("Empty \\%c", (U8)value); + if (*RExC_parse == '{') { + const U8 c = (U8)value; +- e = strchr(RExC_parse, '}'); ++ e = (char *) memchr(RExC_parse, '}', RExC_end - RExC_parse); + if (!e) { + RExC_parse++; + vFAIL2("Missing right brace on \\%c{}", c); diff --git a/main/perl/CVE-2018-18314.patch b/main/perl/CVE-2018-18314.patch new file mode 100644 index 0000000000..3219dbf4af --- /dev/null +++ b/main/perl/CVE-2018-18314.patch @@ -0,0 +1,267 @@ +From dabe076af345ab4512ea80245b4e4cd7ec0996cd Mon Sep 17 00:00:00 2001 +From: Yves Orton <demerphq@gmail.com> +Date: Mon, 26 Jun 2017 13:19:55 +0200 +Subject: [PATCH] fix #131649 - extended charclass can trigger assert + +The extended charclass parser makes some assumptions during the +first pass which are only true on well structured input, and it +does not properly catch various errors. later on the code assumes +that things the first pass will let through are valid, when in +fact they should trigger errors. + +(cherry picked from commit 19a498a461d7c81ae3507c450953d1148efecf4f) +--- + pod/perldiag.pod | 27 ++++++++++++++++++++++++++- + pod/perlrecharclass.pod | 4 ++-- + regcomp.c | 28 ++++++++++++++++++---------- + t/lib/warnings/regcomp | 6 +++--- + t/re/reg_mesg.t | 29 ++++++++++++++++------------- + t/re/regex_sets.t | 6 +++--- + 6 files changed, 68 insertions(+), 32 deletions(-) + +diff --git a/pod/perldiag.pod b/pod/perldiag.pod +index 106fe41121f..c29925a2a4e 100644 +--- a/pod/perldiag.pod ++++ b/pod/perldiag.pod +@@ -5904,7 +5904,7 @@ yourself. + a perl4 interpreter, especially if the next 2 tokens are "use strict" + or "my $var" or "our $var". + +-=item Syntax error in (?[...]) in regex m/%s/ ++=item Syntax error in (?[...]) in regex; marked by <-- HERE in m/%s/ + + (F) Perl could not figure out what you meant inside this construct; this + notifies you that it is giving up trying. +@@ -6402,6 +6402,31 @@ to find out why that isn't happening. + (F) The unexec() routine failed for some reason. See your local FSF + representative, who probably put it there in the first place. + ++=item Unexpected ']' with no following ')' in (?[... in regex; marked by <-- HERE in m/%s/ ++ ++(F) While parsing an extended character class a ']' character was encountered ++at a point in the definition where the only legal use of ']' is to close the ++character class definition as part of a '])', you may have forgotten the close ++paren, or otherwise confused the parser. ++ ++=item Expecting close paren for nested extended charclass in regex; marked by <-- HERE in m/%s/ ++ ++(F) While parsing a nested extended character class like: ++ ++ (?[ ... (?flags:(?[ ... ])) ... ]) ++ ^ ++ ++we expected to see a close paren ')' (marked by ^) but did not. ++ ++=item Expecting close paren for wrapper for nested extended charclass in regex; marked by <-- HERE in m/%s/ ++ ++(F) While parsing a nested extended character class like: ++ ++ (?[ ... (?flags:(?[ ... ])) ... ]) ++ ^ ++ ++we expected to see a close paren ')' (marked by ^) but did not. ++ + =item Unexpected binary operator '%c' with no preceding operand in regex; + marked by S<<-- HERE> in m/%s/ + +diff --git a/pod/perlrecharclass.pod b/pod/perlrecharclass.pod +index 79480e41312..8c008507d1f 100644 +--- a/pod/perlrecharclass.pod ++++ b/pod/perlrecharclass.pod +@@ -1128,8 +1128,8 @@ hence both of the following work: + Any contained POSIX character classes, including things like C<\w> and C<\D> + respect the C<E<sol>a> (and C<E<sol>aa>) modifiers. + +-C<< (?[ ]) >> is a regex-compile-time construct. Any attempt to use +-something which isn't knowable at the time the containing regular ++Note that C<< (?[ ]) >> is a regex-compile-time construct. Any attempt ++to use something which isn't knowable at the time the containing regular + expression is compiled is a fatal error. In practice, this means + just three limitations: + +diff --git a/regcomp.c b/regcomp.c +index 4ee48ede423..ddac290d2bf 100644 +--- a/regcomp.c ++++ b/regcomp.c +@@ -14840,8 +14840,9 @@ S_handle_regex_sets(pTHX_ RExC_state_t *pRExC_state, SV** return_invlist, + TRUE /* Force /x */ ); + + switch (*RExC_parse) { +- case '?': +- if (RExC_parse[1] == '[') depth++, RExC_parse++; ++ case '(': ++ if (RExC_parse[1] == '?' && RExC_parse[2] == '[') ++ depth++, RExC_parse+=2; + /* FALLTHROUGH */ + default: + break; +@@ -14898,9 +14899,9 @@ S_handle_regex_sets(pTHX_ RExC_state_t *pRExC_state, SV** return_invlist, + } + + case ']': +- if (depth--) break; +- RExC_parse++; +- if (*RExC_parse == ')') { ++ if (RExC_parse[1] == ')') { ++ RExC_parse++; ++ if (depth--) break; + node = reganode(pRExC_state, ANYOF, 0); + RExC_size += ANYOF_SKIP; + nextchar(pRExC_state); +@@ -14912,20 +14913,25 @@ S_handle_regex_sets(pTHX_ RExC_state_t *pRExC_state, SV** return_invlist, + + return node; + } +- goto no_close; ++ /* We output the messages even if warnings are off, because we'll fail ++ * the very next thing, and these give a likely diagnosis for that */ ++ if (posix_warnings && av_tindex_nomg(posix_warnings) >= 0) { ++ output_or_return_posix_warnings(pRExC_state, posix_warnings, NULL); ++ } ++ RExC_parse++; ++ vFAIL("Unexpected ']' with no following ')' in (?[..."); + } + + RExC_parse += UTF ? UTF8SKIP(RExC_parse) : 1; + } + +- no_close: + /* We output the messages even if warnings are off, because we'll fail + * the very next thing, and these give a likely diagnosis for that */ + if (posix_warnings && av_tindex_nomg(posix_warnings) >= 0) { + output_or_return_posix_warnings(pRExC_state, posix_warnings, NULL); + } + +- FAIL("Syntax error in (?[...])"); ++ vFAIL("Syntax error in (?[...])"); + } + + /* Pass 2 only after this. */ +@@ -15105,12 +15111,14 @@ S_handle_regex_sets(pTHX_ RExC_state_t *pRExC_state, SV** return_invlist, + * inversion list, and RExC_parse points to the trailing + * ']'; the next character should be the ')' */ + RExC_parse++; +- assert(UCHARAT(RExC_parse) == ')'); ++ if (UCHARAT(RExC_parse) != ')') ++ vFAIL("Expecting close paren for nested extended charclass"); + + /* Then the ')' matching the original '(' handled by this + * case: statement */ + RExC_parse++; +- assert(UCHARAT(RExC_parse) == ')'); ++ if (UCHARAT(RExC_parse) != ')') ++ vFAIL("Expecting close paren for wrapper for nested extended charclass"); + + RExC_flags = save_flags; + goto handle_operand; +diff --git a/t/lib/warnings/regcomp b/t/lib/warnings/regcomp +index 2b084c59b02..51ad57ccbe3 100644 +--- a/t/lib/warnings/regcomp ++++ b/t/lib/warnings/regcomp +@@ -59,21 +59,21 @@ Unmatched [ in regex; marked by <-- HERE in m/abc[ <-- HERE fi[.00./ at - line + qr/(?[[[:word]]])/; + EXPECT + Assuming NOT a POSIX class since there is no terminating ':' in regex; marked by <-- HERE in m/(?[[[:word <-- HERE ]]])/ at - line 2. +-syntax error in (?[...]) in regex m/(?[[[:word]]])/ at - line 2. ++Unexpected ']' with no following ')' in (?[... in regex; marked by <-- HERE in m/(?[[[:word]] <-- HERE ])/ at - line 2. + ######## + # NAME qr/(?[ [[:digit: ])/ + # OPTION fatal + qr/(?[[[:digit: ])/; + EXPECT + Assuming NOT a POSIX class since no blanks are allowed in one in regex; marked by <-- HERE in m/(?[[[:digit: ] <-- HERE )/ at - line 2. +-syntax error in (?[...]) in regex m/(?[[[:digit: ])/ at - line 2. ++syntax error in (?[...]) in regex; marked by <-- HERE in m/(?[[[:digit: ]) <-- HERE / at - line 2. + ######## + # NAME qr/(?[ [:digit: ])/ + # OPTION fatal + qr/(?[[:digit: ])/ + EXPECT + Assuming NOT a POSIX class since no blanks are allowed in one in regex; marked by <-- HERE in m/(?[[:digit: ] <-- HERE )/ at - line 2. +-syntax error in (?[...]) in regex m/(?[[:digit: ])/ at - line 2. ++syntax error in (?[...]) in regex; marked by <-- HERE in m/(?[[:digit: ]) <-- HERE / at - line 2. + ######## + # NAME [perl #126141] + # OPTION fatal +diff --git a/t/re/reg_mesg.t b/t/re/reg_mesg.t +index d26a7caf378..5194d937519 100644 +--- a/t/re/reg_mesg.t ++++ b/t/re/reg_mesg.t +@@ -215,8 +215,9 @@ my @death = + '/\b{gc}/' => "'gc' is an unknown bound type {#} m/\\b{gc{#}}/", + '/\B{gc}/' => "'gc' is an unknown bound type {#} m/\\B{gc{#}}/", + +- '/(?[[[::]]])/' => "Syntax error in (?[...]) in regex m/(?[[[::]]])/", +- '/(?[[[:w:]]])/' => "Syntax error in (?[...]) in regex m/(?[[[:w:]]])/", ++ ++ '/(?[[[::]]])/' => "Unexpected ']' with no following ')' in (?[... {#} m/(?[[[::]]{#}])/", ++ '/(?[[[:w:]]])/' => "Unexpected ']' with no following ')' in (?[... {#} m/(?[[[:w:]]{#}])/", + '/(?[[:w:]])/' => "", + '/([.].*)[.]/' => "", # [perl #127582] + '/[.].*[.]/' => "", # [perl #127604] +@@ -239,11 +240,12 @@ my @death = + '/(?[ \p{foo} ])/' => 'Can\'t find Unicode property definition "foo" {#} m/(?[ \p{foo}{#} ])/', + '/(?[ \p{ foo = bar } ])/' => 'Can\'t find Unicode property definition "foo = bar" {#} m/(?[ \p{ foo = bar }{#} ])/', + '/(?[ \8 ])/' => 'Unrecognized escape \8 in character class {#} m/(?[ \8{#} ])/', +- '/(?[ \t ]/' => 'Syntax error in (?[...]) in regex m/(?[ \t ]/', +- '/(?[ [ \t ]/' => 'Syntax error in (?[...]) in regex m/(?[ [ \t ]/', +- '/(?[ \t ] ]/' => 'Syntax error in (?[...]) in regex m/(?[ \t ] ]/', +- '/(?[ [ ] ]/' => 'Syntax error in (?[...]) in regex m/(?[ [ ] ]/', +- '/(?[ \t + \e # This was supposed to be a comment ])/' => 'Syntax error in (?[...]) in regex m/(?[ \t + \e # This was supposed to be a comment ])/', ++ '/(?[ \t ]/' => "Unexpected ']' with no following ')' in (?[... {#} m/(?[ \\t ]{#}/", ++ '/(?[ [ \t ]/' => "Syntax error in (?[...]) {#} m/(?[ [ \\t ]{#}/", ++ '/(?[ \t ] ]/' => "Unexpected ']' with no following ')' in (?[... {#} m/(?[ \\t ]{#} ]/", ++ '/(?[ [ ] ]/' => "Syntax error in (?[...]) {#} m/(?[ [ ] ]{#}/", ++ '/(?[ \t + \e # This was supposed to be a comment ])/' => ++ "Syntax error in (?[...]) {#} m/(?[ \\t + \\e # This was supposed to be a comment ]){#}/", + '/(?[ ])/' => 'Incomplete expression within \'(?[ ])\' {#} m/(?[ {#}])/', + 'm/(?[[a-\d]])/' => 'False [] range "a-\d" {#} m/(?[[a-\d{#}]])/', + 'm/(?[[\w-x]])/' => 'False [] range "\w-" {#} m/(?[[\w-{#}x]])/', +@@ -431,10 +433,10 @@ my @death_utf8 = mark_as_utf8( + + '/ネ\p{}ネ/' => 'Empty \p{} {#} m/ネ\p{{#}}ネ/', + +- '/ネ(?[[[:ネ]]])ネ/' => "Syntax error in (?[...]) in regex m/ネ(?[[[:ネ]]])ネ/", +- '/ネ(?[[[:ネ: ])ネ/' => "Syntax error in (?[...]) in regex m/ネ(?[[[:ネ: ])ネ/", +- '/ネ(?[[[::]]])ネ/' => "Syntax error in (?[...]) in regex m/ネ(?[[[::]]])ネ/", +- '/ネ(?[[[:ネ:]]])ネ/' => "Syntax error in (?[...]) in regex m/ネ(?[[[:ネ:]]])ネ/", ++ '/ネ(?[[[:ネ]]])ネ/' => "Unexpected ']' with no following ')' in (?[... {#} m/ネ(?[[[:ネ]]{#}])ネ/", ++ '/ネ(?[[[:ネ: ])ネ/' => "Syntax error in (?[...]) {#} m/ネ(?[[[:ネ: ])ネ{#}/", ++ '/ネ(?[[[::]]])ネ/' => "Unexpected ']' with no following ')' in (?[... {#} m/ネ(?[[[::]]{#}])ネ/", ++ '/ネ(?[[[:ネ:]]])ネ/' => "Unexpected ']' with no following ')' in (?[... {#} m/ネ(?[[[:ネ:]]{#}])ネ/", + '/ネ(?[[:ネ:]])ネ/' => "", + '/ネ(?[ネ])ネ/' => 'Unexpected character {#} m/ネ(?[ネ{#}])ネ/', + '/ネ(?[ + [ネ] ])/' => 'Unexpected binary operator \'+\' with no preceding operand {#} m/ネ(?[ +{#} [ネ] ])/', +@@ -447,8 +449,9 @@ my @death_utf8 = mark_as_utf8( + '/(?[ \x{ネ} ])ネ/' => 'Non-hex character {#} m/(?[ \x{ネ{#}} ])ネ/', + '/(?[ \p{ネ} ])/' => 'Can\'t find Unicode property definition "ネ" {#} m/(?[ \p{ネ}{#} ])/', + '/(?[ \p{ ネ = bar } ])/' => 'Can\'t find Unicode property definition "ネ = bar" {#} m/(?[ \p{ ネ = bar }{#} ])/', +- '/ネ(?[ \t ]/' => 'Syntax error in (?[...]) in regex m/ネ(?[ \t ]/', +- '/(?[ \t + \e # ネ This was supposed to be a comment ])/' => 'Syntax error in (?[...]) in regex m/(?[ \t + \e # ネ This was supposed to be a comment ])/', ++ '/ネ(?[ \t ]/' => "Unexpected ']' with no following ')' in (?[... {#} m/ネ(?[ \\t ]{#}/", ++ '/(?[ \t + \e # ネ This was supposed to be a comment ])/' => ++ "Syntax error in (?[...]) {#} m/(?[ \\t + \\e # ネ This was supposed to be a comment ]){#}/", + 'm/(*ネ)ネ/' => q<Unknown verb pattern 'ネ' {#} m/(*ネ){#}ネ/>, + '/\cネ/' => "Character following \"\\c\" must be printable ASCII", + '/\b{ネ}/' => "'ネ' is an unknown bound type {#} m/\\b{ネ{#}}/", +diff --git a/t/re/regex_sets.t b/t/re/regex_sets.t +index 6a79f9d6928..e9644bd4e61 100644 +--- a/t/re/regex_sets.t ++++ b/t/re/regex_sets.t +@@ -158,13 +158,13 @@ for my $char ("٠", "٥", "٩") { + eval { $_ = '/(?[(\c]) /'; qr/$_/ }; + like($@, qr/^Syntax error/, '/(?[(\c]) / should not panic'); + eval { $_ = '(?[\c#]' . "\n])"; qr/$_/ }; +- like($@, qr/^Syntax error/, '/(?[(\c]) / should not panic'); ++ like($@, qr/^Unexpected/, '/(?[(\c]) / should not panic'); + eval { $_ = '(?[(\c])'; qr/$_/ }; + like($@, qr/^Syntax error/, '/(?[(\c])/ should be a syntax error'); + eval { $_ = '(?[(\c]) ]\b'; qr/$_/ }; +- like($@, qr/^Syntax error/, '/(?[(\c]) ]\b/ should be a syntax error'); ++ like($@, qr/^Unexpected/, '/(?[(\c]) ]\b/ should be a syntax error'); + eval { $_ = '(?[\c[]](])'; qr/$_/ }; +- like($@, qr/^Syntax error/, '/(?[\c[]](])/ should be a syntax error'); ++ like($@, qr/^Unexpected/, '/(?[\c[]](])/ should be a syntax error'); + like("\c#", qr/(?[\c#])/, '\c# should match itself'); + like("\c[", qr/(?[\c[])/, '\c[ should match itself'); + like("\c\ ", qr/(?[\c\])/, '\c\ should match itself'); |