perl/perl-5.18.2-overflow.diff
Stephan Kulow a47e3f1af9 Accepting request 494775 from home:coolo:branches:openSUSE:Factory
- Fix building with zlib-1.2.10 (RT#119762):
  * Compress-Raw-Zlib-2.071-Adapt-tests-to-zlib-1.2.11.patch

- Update to perl-5.24.1
  -Di switch is now required for PerlIO debugging output
    Previously PerlIO debugging output would be sent to the file specified
    by the "PERLIO_DEBUG" environment variable if perl wasn't running setuid
    and the -T or -t switches hadn't been parsed yet.
    If perl performed output at a point where it hadn't yet parsed its
    switches this could result in perl creating or overwriting the file
    named by "PERLIO_DEBUG" even when the -T switch had been supplied.
    Perl now requires the -Di switch to produce PerlIO debugging output. By
    default this is written to "stderr", but can optionally be redirected to
    a file by setting the "PERLIO_DEBUG" environment variable.
    If perl is running setuid or the -T switch was supplied "PERLIO_DEBUG"
    is ignored and the debugging output is sent to "stderr" as for any other
    -D switch.
  Core modules and tools no longer search "." for optional modules
    The tools and many modules supplied in core no longer search the default
    current directory entry in @INC for optional modules. For example,
    Storable will remove the final "." from @INC before trying to load
    Log::Agent.
    This prevents an attacker injecting an optional module into a process
    run by another user where the current directory is writable by the
    attacker, e.g. the /tmp directory.
- Refresh patches

OBS-URL: https://build.opensuse.org/request/show/494775
OBS-URL: https://build.opensuse.org/package/show/devel:languages:perl/perl?expand=0&rev=148
2017-05-17 10:00:29 +00:00

14 lines
596 B
Diff

Index: sv.c
===================================================================
--- sv.c.orig
+++ sv.c
@@ -2153,7 +2153,7 @@ S_sv_2iuv_common(pTHX_ SV *const sv)
#ifndef NV_PRESERVES_UV
&& SvIVX(sv) != IV_MIN /* avoid negating IV_MIN below */
&& (((UV)1 << NV_PRESERVES_UV_BITS) >
- (UV)(SvIVX(sv) > 0 ? SvIVX(sv) : -SvIVX(sv)))
+ (UV)(SvIVX(sv) > 0 ? (UV)SvIVX(sv) : -(UV)SvIVX(sv)))
/* Don't flag it as "accurately an integer" if the number
came from a (by definition imprecise) NV operation, and
we're outside the range of NV integer precision */