1PERL5243DELTA(1) Perl Programmers Reference Guide PERL5243DELTA(1)
2
6 perl5243delta - what is new for perl v5.24.3
7
9 This document describes differences between the 5.24.2 release and the
10 5.24.3 release.
11 If you are upgrading from an earlier release such as 5.24.1, first read
13 perl5242delta, which describes differences between 5.24.1 and 5.24.2.
14
16 [CVE-2017-12837] Heap buffer overflow in regular expression compiler
17 Compiling certain regular expression patterns with the case-insensitive
18 modifier could cause a heap buffer overflow and crash perl. This has
19 now been fixed. [GH #16021]
20 <https://github.com/Perl/perl5/issues/16021>
21 [CVE-2017-12883] Buffer over-read in regular expression parser
23 For certain types of syntax error in a regular expression pattern, the
24 error message could either contain the contents of a random, possibly
25 large, chunk of memory, or could crash perl. This has now been fixed.
26 [GH #16025] <https://github.com/Perl/perl5/issues/16025>
27 [CVE-2017-12814] $ENV{$key} stack buffer overflow on Windows
29 A possible stack buffer overflow in the %ENV code on Windows has been
30 fixed by removing the buffer completely since it was superfluous
31 anyway. [GH #16051] <https://github.com/Perl/perl5/issues/16051>
32
34 There are no changes intentionally incompatible with 5.24.2. If any
35 exist, they are bugs, and we request that you submit a report. See
36 "Reporting Bugs" below.
37
39 Updated Modules and Pragmata
40 • Module::CoreList has been upgraded from version 5.20170715_24 to
41 5.20170922_24.
42 • POSIX has been upgraded from version 1.65 to 1.65_01.
44 • Time::HiRes has been upgraded from version 1.9733 to 1.9741.
46 [GH #15396] <https://github.com/Perl/perl5/issues/15396> [GH
48 #15401] <https://github.com/Perl/perl5/issues/15401> [GH #15524]
49 <https://github.com/Perl/perl5/issues/15524> [cpan #120032]
50 <https://rt.cpan.org/Public/Bug/Display.html?id=120032>
51
53 • When building with GCC 6 and link-time optimization (the -flto
54 option to gcc), Configure was treating all probed symbols as
55 present on the system, regardless of whether they actually exist.
56 This has been fixed. [GH #15322]
57 <https://github.com/Perl/perl5/issues/15322>
58 • Configure now aborts if both "-Duselongdouble" and "-Dusequadmath"
60 are requested. [GH #14944]
61 <https://github.com/Perl/perl5/issues/14944>
62 • Fixed a bug in which Configure could append "-quadmath" to the
64 archname even if it was already present. [GH #15423]
65 <https://github.com/Perl/perl5/issues/15423>
66 • Clang builds with "-DPERL_GLOBAL_STRUCT" or
68 "-DPERL_GLOBAL_STRUCT_PRIVATE" have been fixed (by disabling Thread
69 Safety Analysis for these configurations).
70
72 Platform-Specific Notes
73 VMS
74 • "configure.com" now recognizes the VSI-branded C compiler.
75 Windows
77 • Building XS modules with GCC 6 in a 64-bit build of Perl failed
78 due to incorrect mapping of "strtoll" and "strtoull". This has
79 now been fixed. [GH #16074]
80 <https://github.com/Perl/perl5/issues/16074> [cpan #121683]
81 <https://rt.cpan.org/Public/Bug/Display.html?id=121683> [cpan
82 #122353]
83 <https://rt.cpan.org/Public/Bug/Display.html?id=122353>
84
86 • "/@0{0*->@*/*0" and similar contortions used to crash, but no
87 longer do, but merely produce a syntax error. [GH #15333]
88 <https://github.com/Perl/perl5/issues/15333>
89 • "do" or "require" with an argument which is a reference or typeglob
91 which, when stringified, contains a null character, started
92 crashing in Perl 5.20, but has now been fixed. [GH #15337]
93 <https://github.com/Perl/perl5/issues/15337>
94 • Expressions containing an "&&" or "||" operator (or their synonyms
96 "and" and "or") were being compiled incorrectly in some cases. If
97 the left-hand side consisted of either a negated bareword constant
98 or a negated "do {}" block containing a constant expression, and
99 the right-hand side consisted of a negated non-foldable expression,
100 one of the negations was effectively ignored. The same was true of
101 "if" and "unless" statement modifiers, though with the left-hand
102 and right-hand sides swapped. This long-standing bug has now been
103 fixed. [GH #15285] <https://github.com/Perl/perl5/issues/15285>
104 • "reset" with an argument no longer crashes when encountering stash
106 entries other than globs. [GH #15314]
107 <https://github.com/Perl/perl5/issues/15314>
108 • Assignment of hashes to, and deletion of, typeglobs named *::::::
110 no longer causes crashes. [GH #15307]
111 <https://github.com/Perl/perl5/issues/15307>
112 • Assignment variants of any bitwise ops under the "bitwise" feature
114 would crash if the left-hand side was an array or hash. [GH
115 #15346] <https://github.com/Perl/perl5/issues/15346>
116 • "socket" now leaves the error code returned by the system in $! on
118 failure. [GH #15383] <https://github.com/Perl/perl5/issues/15383>
119 • Parsing bad POSIX charclasses no longer leaks memory. [GH #15382]
121 <https://github.com/Perl/perl5/issues/15382>
122 • Since Perl 5.20, line numbers have been off by one when perl is
124 invoked with the -x switch. This has been fixed. [GH #15413]
125 <https://github.com/Perl/perl5/issues/15413>
126 • Some obscure cases of subroutines and file handles being freed at
128 the same time could result in crashes, but have been fixed. The
129 crash was introduced in Perl 5.22. [GH #15435]
130 <https://github.com/Perl/perl5/issues/15435>
131 • Some regular expression parsing glitches could lead to assertion
133 failures with regular expressions such as "/(?<=/" and "/(?<!/".
134 This has now been fixed. [GH #15332]
135 <https://github.com/Perl/perl5/issues/15332>
136 • "gethostent" and similar functions now perform a null check
138 internally, to avoid crashing with the torsocks library. This was
139 a regression from Perl 5.22. [GH #15478]
140 <https://github.com/Perl/perl5/issues/15478>
141 • Mentioning the same constant twice in a row (which is a syntax
143 error) no longer fails an assertion under debugging builds. This
144 was a regression from Perl 5.20. [GH #15017]
145 <https://github.com/Perl/perl5/issues/15017>
146 • In Perl 5.24 "fchown" was changed not to accept negative one as an
148 argument because in some platforms that is an error. However, in
149 some other platforms that is an acceptable argument. This change
150 has been reverted. [GH #15523]
151 <https://github.com/Perl/perl5/issues/15523>.
152 • "@{x" followed by a newline where "x" represents a control or non-
154 ASCII character no longer produces a garbled syntax error message
155 or a crash. [GH #15518]
156 <https://github.com/Perl/perl5/issues/15518>
157 • A regression in Perl 5.24 with "tr/\N{U+...}/foo/" when the code
159 point was between 128 and 255 has been fixed. [GH #15475]
160 <https://github.com/Perl/perl5/issues/15475>.
161 • Many issues relating to "printf "%a"" of hexadecimal floating point
163 were fixed. In addition, the "subnormals" (formerly known as
164 "denormals") floating point numbers are now supported both with the
165 plain IEEE 754 floating point numbers (64-bit or 128-bit) and the
166 x86 80-bit "extended precision". Note that subnormal hexadecimal
167 floating point literals will give a warning about "exponent
168 underflow". [GH #15495]
169 <https://github.com/Perl/perl5/issues/15495> [GH #15502]
170 <https://github.com/Perl/perl5/issues/15502> [GH #15503]
171 <https://github.com/Perl/perl5/issues/15503> [GH #15504]
172 <https://github.com/Perl/perl5/issues/15504> [GH #15505]
173 <https://github.com/Perl/perl5/issues/15505> [GH #15510]
174 <https://github.com/Perl/perl5/issues/15510> [GH #15512]
175 <https://github.com/Perl/perl5/issues/15512>
176 • The parser could sometimes crash if a bareword came after
178 "evalbytes". [GH #15586]
179 <https://github.com/Perl/perl5/issues/15586>
180 • Fixed a place where the regex parser was not setting the syntax
182 error correctly on a syntactically incorrect pattern. [GH #15565]
183 <https://github.com/Perl/perl5/issues/15565>
184 • A vulnerability in Perl's "sprintf" implementation has been fixed
186 by avoiding a possible memory wrap. [GH #15970]
187 <https://github.com/Perl/perl5/issues/15970>
188
190 Perl 5.24.3 represents approximately 2 months of development since Perl
191 5.24.2 and contains approximately 3,200 lines of changes across 120
192 files from 23 authors.
193 Excluding auto-generated files, documentation and release tools, there
195 were approximately 1,600 lines of changes to 56 .pm, .t, .c and .h
196 files.
197 Perl continues to flourish into its third decade thanks to a vibrant
199 community of users and developers. The following people are known to
200 have contributed the improvements that became Perl 5.24.3:
201 Aaron Crane, Craig A. Berry, Dagfinn Ilmari Mannsåker, Dan Collins,
203 Daniel Dragan, Dave Cross, David Mitchell, Eric Herman, Father
204 Chrysostomos, H.Merijn Brand, Hugo van der Sanden, James E Keenan,
205 Jarkko Hietaniemi, John SJ Anderson, Karl Williamson, Ken Brown, Lukas
206 Mai, Matthew Horsfall, Stevan Little, Steve Hay, Steven Humphrey, Tony
207 Cook, Yves Orton.
208 The list above is almost certainly incomplete as it is automatically
210 generated from version control history. In particular, it does not
211 include the names of the (very much appreciated) contributors who
212 reported issues to the Perl bug tracker.
213 Many of the changes included in this version originated in the CPAN
215 modules included in Perl's core. We're grateful to the entire CPAN
216 community for helping Perl to flourish.
217 For a more complete list of all of Perl's historical contributors,
219 please see the AUTHORS file in the Perl source distribution.
220
222 If you find what you think is a bug, you might check the articles
223 recently posted to the comp.lang.perl.misc newsgroup and the perl bug
224 database at <https://rt.perl.org/> . There may also be information at
225 <http://www.perl.org/> , the Perl Home Page.
226 If you believe you have an unreported bug, please run the perlbug
228 program included with your release. Be sure to trim your bug down to a
229 tiny but sufficient test case. Your bug report, along with the output
230 of "perl -V", will be sent off to perlbug@perl.org to be analysed by
231 the Perl porting team.
232 If the bug you are reporting has security implications which make it
234 inappropriate to send to a publicly archived mailing list, then see
235 "SECURITY VULNERABILITY CONTACT INFORMATION" in perlsec for details of
236 how to report the issue.
237
239 The Changes file for an explanation of how to view exhaustive details
240 on what changed.
241 The INSTALL file for how to build Perl.
243 The README file for general stuff.
245 The Artistic and Copying files for copyright information.
247perl v5.38.2 2023-11-30 PERL5243DELTA(1)