From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 12634 invoked from network); 21 May 2005 18:42:44 -0000 Received: from news.dotsrc.org (HELO a.mx.sunsite.dk) (130.225.247.88) by ns1.primenet.com.au with SMTP; 21 May 2005 18:42:44 -0000 Received: (qmail 68403 invoked from network); 21 May 2005 18:42:38 -0000 Received: from sunsite.dk (130.225.247.90) by a.mx.sunsite.dk with SMTP; 21 May 2005 18:42:38 -0000 Received: (qmail 20956 invoked by alias); 21 May 2005 18:42:36 -0000 Mailing-List: contact zsh-workers-help@sunsite.dk; run by ezmlm Precedence: bulk X-No-Archive: yes X-Seq: 21269 Received: (qmail 20946 invoked from network); 21 May 2005 18:42:36 -0000 Received: from news.dotsrc.org (HELO a.mx.sunsite.dk) (130.225.247.88) by sunsite.dk with SMTP; 21 May 2005 18:42:36 -0000 Received: (qmail 68120 invoked from network); 21 May 2005 18:42:36 -0000 Received: from vms044pub.verizon.net (206.46.252.44) by a.mx.sunsite.dk with SMTP; 21 May 2005 18:42:32 -0000 Received: from candle.brasslantern.com ([4.11.1.68]) by vms044.mailsrvcs.net (Sun Java System Messaging Server 6.2 HotFix 0.04 (built Dec 24 2004)) with ESMTPA id <0IGU00KXMRYTPD1D@vms044.mailsrvcs.net> for zsh-workers@sunsite.dk; Sat, 21 May 2005 13:42:30 -0500 (CDT) Received: from candle.brasslantern.com (IDENT:schaefer@localhost [127.0.0.1]) by candle.brasslantern.com (8.12.11/8.12.11) with ESMTP id j4LIgSNq009440 for ; Sat, 21 May 2005 11:42:29 -0700 Received: (from schaefer@localhost) by candle.brasslantern.com (8.12.11/8.12.11/Submit) id j4LIgSLB009439 for zsh-workers@sunsite.dk; Sat, 21 May 2005 11:42:28 -0700 Date: Sat, 21 May 2005 18:42:27 +0000 From: Bart Schaefer Subject: Re: Obscure overflow with very long path; completion In-reply-to: <20050508004115.GA11683@primenet.com.au> To: zsh-workers@sunsite.dk Message-id: <1050521184227.ZM9438@candle.brasslantern.com> MIME-version: 1.0 X-Mailer: Z-Mail (5.0.0 30July97) Content-type: text/plain; charset=us-ascii References: <200505031026.j43AQwBE014903@news01.csr.com> <1050507162306.ZM1184@candle.brasslantern.com> <20050508004115.GA11683@primenet.com.au> Comments: In reply to Geoff Wing "Re: Obscure overflow with very long path; completion" (May 8, 10:41am) X-Spam-Checker-Version: SpamAssassin 3.0.2 on a.mx.sunsite.dk X-Spam-Level: X-Spam-Status: No, score=-2.6 required=6.0 tests=AWL,BAYES_00 autolearn=ham version=3.0.2 X-Spam-Hits: -2.6 On May 8, 10:41am, Geoff Wing wrote: } Subject: Re: Obscure overflow with very long path; completion } } On Saturday 2005-05-07 16:23 +1000, Bart Schaefer output: } :Try this patch? } } Quick response. Haven't investigated. } } % cd /tmp } % for I in {1..100}; mkdir aaaaaaaaaaaaaaaaaaaa && cd aaaaaaaaaaaaaaaaaaaa } MEM: allocation error at sbrk. } zsh: fatal error: out of memory Hmm. I finally had a chance to gdb-trace this, and although I only get it to crash -- in finddir() -- with 500 levels of directory and only when I "setopt chaselinks", I think my patch is incomplete even for xsymlinks(). Potential problems are in: zexecve exec.c 357 via exec.c 590 execute exec.c 560 findcmd exec.c 643 (if $path contains a long path) xsymlinks utils.c 340 finddir utils.c 500 There are a number of other places that use PATH_MAX, but they all seem (from examination, not rigorous testing) to check for overflow.