From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on dcvr.yhbt.net X-Spam-Level: X-Spam-ASN: X-Spam-Status: No, score=-4.0 required=3.0 tests=ALL_TRUSTED,BAYES_00 shortcircuit=no autolearn=ham autolearn_force=no version=3.4.2 Received: from localhost (dcvr.yhbt.net [127.0.0.1]) by dcvr.yhbt.net (Postfix) with ESMTP id C3BBA1F9F3 for ; Tue, 12 Oct 2021 10:59:40 +0000 (UTC) Date: Tue, 12 Oct 2021 10:59:40 +0000 From: Eric Wong To: meta@public-inbox.org Subject: Encode.pm leak in v2.87..v3.12 Message-ID: <20211012105940.GA19169@dcvr> References: <20210904235305.GA22009@dcvr> <20211004000717.18965-1-e@80x24.org> <20211004225131.GA726@dcvr> <20211005112531.13664-1@dcvr> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20211005112531.13664-1@dcvr> List-Id: Eric Wong wrote: > The leak's been there for a while, but I couldn't find > other reports of it: > > https://rt.cpan.org/Public/Bug/Display.html?id=139622 So this got fixed in Encode 3.13, and 3.15 (3.14 segfaulted :P). Perl v5.36 will have 3.15 (or possibly a newer version). This has been a leak since 2016 (2.87), so there might be lot of people affected... CentOS 7.x has Encode 2.51 so it's probably not affected by this particular bug... > In the meantime, I may need to put in my own workaround for it > PublicInbox::Eml because distros are slow moving... It's tracked for Debian, at least https://bugs.debian.org/995804 Our "eval { $eml->body_str }" usage is kinda dumb, so maybe it could be done better w/o needing eval at all...