ensure locale_name_on_entry isn't clobbered

tonycoz · Leont · commit d1c851a0069e · 2020-07-31T21:02:45.000+02:00
If the return value of setlocale() is static storage, the call to
setlocale(LC_NUMERIC, "C"); could overwrite it.

If the return value of setlocale() is malloced, the call to
setlocale(LC_NUMERIC, "C"); could free it.

Either way, we need to copy it.
diff --git a/vutil/vutil.c b/vutil/vutil.c
@@ -638,6 +638,8 @@ Perl_upg_version(pTHX_ SV *ver, bool qv)
             if (   strNE(locale_name_on_entry, "C")
                 && strNE(locale_name_on_entry, "POSIX"))
             {
+                /* the setlocale() call might free or overwrite the name */
+                locale_name_on_entry = savepv(locale_name_on_entry);
                 setlocale(LC_NUMERIC, "C");
             }
             else {  /* This value indicates to the restore code that we didn't
@@ -661,6 +663,8 @@ Perl_upg_version(pTHX_ SV *ver, bool qv)
                 if (   strNE(locale_name_on_entry, "C")
                     && strNE(locale_name_on_entry, "POSIX"))
                 {
+                    /* the setlocale() call might free or overwrite the name */
+                    locale_name_on_entry = savepv(locale_name_on_entry);
                     setlocale(LC_NUMERIC, "C");
                 }
                 else {  /* This value indicates to the restore code that we
@@ -710,6 +714,7 @@ Perl_upg_version(pTHX_ SV *ver, bool qv)
 
             if (locale_name_on_entry) {
                 setlocale(LC_NUMERIC, locale_name_on_entry);
+                Safefree(locale_name_on_entry);
             }
 
             LC_NUMERIC_UNLOCK;  /* End critical section */
@@ -718,6 +723,7 @@ Perl_upg_version(pTHX_ SV *ver, bool qv)
 
             if (locale_name_on_entry) {
                 setlocale(LC_NUMERIC, locale_name_on_entry);
+                Safefree(locale_name_on_entry);
                 LC_NUMERIC_UNLOCK;
             }
             else if (locale_obj_on_entry == PL_underlying_numeric_obj) {

Original file line number	Diff line number	Diff line change
`@@ -638,6 +638,8 @@ Perl_upg_version(pTHX_ SV *ver, bool qv)`
`638`	`638`	`if ( strNE(locale_name_on_entry, "C")`
`639`	`639`	`&& strNE(locale_name_on_entry, "POSIX"))`
`640`	`640`	`{`
	`641`	`+ /* the setlocale() call might free or overwrite the name */`
	`642`	`+ locale_name_on_entry = savepv(locale_name_on_entry);`
`641`	`643`	`setlocale(LC_NUMERIC, "C");`
`642`	`644`	`}`
`643`	`645`	`else { /* This value indicates to the restore code that we didn't`
`@@ -661,6 +663,8 @@ Perl_upg_version(pTHX_ SV *ver, bool qv)`
`661`	`663`	`if ( strNE(locale_name_on_entry, "C")`
`662`	`664`	`&& strNE(locale_name_on_entry, "POSIX"))`
`663`	`665`	`{`
	`666`	`+ /* the setlocale() call might free or overwrite the name */`
	`667`	`+ locale_name_on_entry = savepv(locale_name_on_entry);`
`664`	`668`	`setlocale(LC_NUMERIC, "C");`
`665`	`669`	`}`
`666`	`670`	`else { /* This value indicates to the restore code that we`
`@@ -710,6 +714,7 @@ Perl_upg_version(pTHX_ SV *ver, bool qv)`
`710`	`714`
`711`	`715`	`if (locale_name_on_entry) {`
`712`	`716`	`setlocale(LC_NUMERIC, locale_name_on_entry);`
	`717`	`+ Safefree(locale_name_on_entry);`
`713`	`718`	`}`
`714`	`719`
`715`	`720`	`LC_NUMERIC_UNLOCK; /* End critical section */`
`@@ -718,6 +723,7 @@ Perl_upg_version(pTHX_ SV *ver, bool qv)`
`718`	`723`
`719`	`724`	`if (locale_name_on_entry) {`
`720`	`725`	`setlocale(LC_NUMERIC, locale_name_on_entry);`
	`726`	`+ Safefree(locale_name_on_entry);`
`721`	`727`	`LC_NUMERIC_UNLOCK;`
`722`	`728`	`}`
`723`	`729`	`else if (locale_obj_on_entry == PL_underlying_numeric_obj) {`