/ 
perl-5.14.3
⭐ Starred 2013
/ CPerlBase
Security Advisories (18)
CVE-2020-12723 (2020-06-05)

regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls.

CVE-2020-10878 (2020-06-05)

Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.

CVE-2020-10543 (2020-06-05)

Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow.

CVE-2018-6913 (2018-04-17)

Heap-based buffer overflow in the pack function in Perl before 5.26.2 allows context-dependent attackers to execute arbitrary code via a large item count.

CVE-2018-18314 (2018-12-07)

Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations.

CVE-2018-18313 (2018-12-07)

Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory.

CVE-2018-18312 (2018-12-05)

Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.

CVE-2018-18311 (2018-12-07)

Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.

CVE-2015-8853 (2016-05-25)

The (1) S_reghop3, (2) S_reghop4, and (3) S_reghopmaybe3 functions in regexec.c in Perl before 5.24.0 allow context-dependent attackers to cause a denial of service (infinite loop) via crafted utf-8 data, as demonstrated by "a\x80."

CVE-2013-1667 (2013-03-14)

The rehash mechanism in Perl 5.8.2 through 5.16.x allows context-dependent attackers to cause a denial of service (memory consumption and crash) via a crafted hash key.

CVE-2012-5195 (2012-12-18)

Heap-based buffer overflow in the Perl_repeatcpy function in util.c in Perl 5.12.x before 5.12.5, 5.14.x before 5.14.3, and 5.15.x before 15.15.5 allows context-dependent attackers to cause a denial of service (memory consumption and crash) or possibly execute arbitrary code via the 'x' string repeat operator.

CVE-2016-2381 (2016-04-08)

Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child process via duplicate environment variables in envp.

CVE-2013-7422 (2015-08-16)

Integer underflow in regcomp.c in Perl before 5.20, as used in Apple OS X before 10.10.5 and other products, allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via a long digit string associated with an invalid backreference within a regular expression.

CVE-2023-47100

In Perl before 5.38.2, S_parse_uniprop_string in regcomp.c can write to unallocated space because a property name associated with a \p{...} regular expression construct is mishandled. The earliest affected version is 5.30.0.

CVE-2024-56406 (2025-04-13)

A heap buffer overflow vulnerability was discovered in Perl. When there are non-ASCII bytes in the left-hand-side of the `tr` operator, `S_do_trans_invmap` can overflow the destination pointer `d`.    $ perl -e '$_ = "\x{FF}" x 1000000; tr/\xFF/\x{100}/;'    Segmentation fault (core dumped) It is believed that this vulnerability can enable Denial of Service and possibly Code Execution attacks on platforms that lack sufficient defenses.

CVE-2023-47039 (2023-10-30)

Perl for Windows relies on the system path environment variable to find the shell (cmd.exe). When running an executable which uses Windows Perl interpreter, Perl attempts to find and execute cmd.exe within the operating system. However, due to path search order issues, Perl initially looks for cmd.exe in the current working directory. An attacker with limited privileges can exploit this behavior by placing cmd.exe in locations with weak permissions, such as C:\ProgramData. By doing so, when an administrator attempts to use this executable from these compromised locations, arbitrary code can be executed.

CVE-2016-1238 (2016-08-02)

(1) cpan/Archive-Tar/bin/ptar, (2) cpan/Archive-Tar/bin/ptardiff, (3) cpan/Archive-Tar/bin/ptargrep, (4) cpan/CPAN/scripts/cpan, (5) cpan/Digest-SHA/shasum, (6) cpan/Encode/bin/enc2xs, (7) cpan/Encode/bin/encguess, (8) cpan/Encode/bin/piconv, (9) cpan/Encode/bin/ucmlint, (10) cpan/Encode/bin/unidump, (11) cpan/ExtUtils-MakeMaker/bin/instmodsh, (12) cpan/IO-Compress/bin/zipdetails, (13) cpan/JSON-PP/bin/json_pp, (14) cpan/Test-Harness/bin/prove, (15) dist/ExtUtils-ParseXS/lib/ExtUtils/xsubpp, (16) dist/Module-CoreList/corelist, (17) ext/Pod-Html/bin/pod2html, (18) utils/c2ph.PL, (19) utils/h2ph.PL, (20) utils/h2xs.PL, (21) utils/libnetcfg.PL, (22) utils/perlbug.PL, (23) utils/perldoc.PL, (24) utils/perlivp.PL, and (25) utils/splain.PL in Perl 5.x before 5.22.3-RC2 and 5.24 before 5.24.1-RC2 do not properly remove . (period) characters from the end of the includes directory array, which might allow local users to gain privileges via a Trojan horse module under the current working directory.

CVE-2015-8608 (2017-02-07)

The VDir::MapPathA and VDir::MapPathW functions in Perl 5.22 allow remote attackers to cause a denial of service (out-of-bounds read) and possibly execute arbitrary code via a crafted (1) drive letter or (2) pInName argument.

NAME

CPerlBase - a C++ base class encapsulating a Perl interpreter in Symbian

SYNOPSIS

// in your App.mmp
USERINCLUDE	\symbian\perl\x.y.z\include
LIBRARY		perlXYZ.lib

// in your App
#include "PerlBase.h" // includes also EXTERN.h and perl.h
CPerlBase* perl = CPerlBase::NewInterpreterLC();
...
delete perl;

DESCRIPTION

CPerlBase is a simple Symbian C++ class that wraps a Perl interpreter; its creation, use, and destroying. To understand what this is doing, and how to use the interpreter, a fair knowledge of perlapi, perlguts, and perlembed is recommended.

One useful thing CPerlBase does compared with just using the raw Perl C API is that it redirects the "std streams" (STDOUT et alia) to a text console implementation which while being very basic is marginally more usable than the Symbian basic text console.

The Basics

  • CPerlBase* NewInterpreterL();

    The constructor that does not keep the object in the Symbian "cleanup stack". perl_alloc() and perl_construct() are called behind the curtains.

    Accepts the same arguments as NewInterpreterLC().

  • CPerlBase* NewInterpreterLC();

    The constructor that keeps the object in the Symbian "cleanup stack". perl_alloc() and perl_construct() are called behind the curtains.

    Can have three arguments:

    • TBool aCloseStdlib = ETrue

      Should a CPerlBase close the Symbian POSIX STDLIB when closing down. Good for one-shot script execution, probably less good for longer term embedded interpreter.

    • void (*aStdioInitFunc)(void*) = NULL

      If set, called with aStdioInitCookie, and the default console is not created. You may want to set the iReadFunc() and iWriteFunc().

    • void *aStdioInitCookie = NULL

      Used as the argument for aStdioInitFunc().

  • void Destroy();

    The destructor of the interpreter. The class destructor calls first this and then the Symbian CloseSTDLIB().

    perl_destruct(), perl_free(), and PERL_SYS_TERM() are called behind the curtains.

Utility functions

  • int Parse(int argc = 0, char *argv[] = 0, char *envp[] = 0);

    Prepare an interpreter for executing by parsing input as if a C main() had been called. For example to parse a script, use argc of 2 and argv of { "perl", script_name }.

    All arguments are optional: in case either argc or argv are zero, argc of 3 and argv of { "perl", "-e", "0" } is assumed.

    PERL_SYS_INIT() and perl_parse() are called behind the curtains.

    Note that a call to Parse() is required before Run().

    Returns zero if parsing was successful, non-zero if not (and the stderr will get the error).

  • int Run()

    Start executing an interpreter. A Parse() must have been called before a Run(): use 3 and { "", "-e", 0 } if you do not have an argv.

    Note that a call to Parse() is required before Run().

    perl_run() is called behind the curtains.

    Returns zero if execution was successful, non-zero if not (and the stderr will get the error).

  • int ParseAndRun(int argc, char *argv[], char *envp[]);

    Combined Parse() and Run(). The Run() is not run if the Parse() fails.

    Returns zero if parsing and execution were successful, non-zero if not.

  • TInt RunScriptL(TDesC& aFileName, int argc, char **argv, char *envp[])

    Like ParseAndRun() but works for Symbian filenames (UTF-16LE). The UTF-8 version of aFileName is always argv[argc-1], and argv[0] is always "perl".

Macros

  • diTHX

    Set up my_perl from the current object (like dTHX).

  • diVAR

    Set up my_vars from the current object (like dVAR).

Extending CPerlBase (subclassing, deriving from)

Note that it probably isn't worth the trouble to try to wrap the whole, rather large, Perl C API into a C++ API. Just use the C API.

The protected members of the class are:

  • PerlInterpreter* iPerl

    The Perl interpreter.

  • struct perl_vars* iVars

    The global variables of the interpreter.

  • TPerlState iState

    The state of the Perl interpreter. TPerlState is one of EPerlNone, EPerlAllocated, EPerlConstructed, EPerlParsed, EPerlRunning, EPerlTerminated, EPerlPaused (these two are currently unused but in the future they might be used to indicate that the interpreter was stopped either non-resumably or resumably for some reason), EPerlSuccess (perl_run() succeeded), EPerlFailure (perl_run() failed), EPerlDestroying.

COPYRIGHT

Copyright (c) 2004-2005 Nokia. All rights reserved.

LICENSE

The CPerlBase class is licensed under the same terms as Perl itself.