Headline
CVE-2019-20919: Fix a NULL profile dereference in dbi_profile() · perl5-dbi/dbi@eca7d7c
An issue was discovered in the DBI module before 1.643 for Perl. The hv_fetch() documentation requires checking for NULL and the code does that. But, shortly thereafter, it calls SvOK(profile), causing a NULL pointer dereference.
@@ -2888,8 +2888,12 @@ dbi_profile(SV *h, imp_xxh_t *imp_xxh, SV *statement_sv, SV *method, NV t1, NV t
mg_get(profile); /* FETCH */
if (!profile || !SvROK(profile)) {
DBIc_set(imp_xxh, DBIcf_Profile, 0); /* disable */
if (SvOK(profile) && !PL_dirty)
warn("Profile attribute isn’t a hash ref (%s,%ld)", neatsvpv(profile,0), (long)SvTYPE(profile));
if (!PL_dirty) {
if (!profile)
warn(“Profile attribute does not exist”);
else if (SvOK(profile))
warn("Profile attribute isn’t a hash ref (%s,%ld)", neatsvpv(profile,0), (long)SvTYPE(profile));
}
return &PL_sv_undef;
}