Re: Fwd: Bug#924736: zsh 5.7.1 segfaults when three setopt options are in play [origin: wesley@schwengle.net]

zsh-workers
 help / color / mirror / code / Atom feed

From: Peter Stephenson <p.stephenson@samsung.com>
To: <zsh-workers@zsh.org>
Subject: Re: Fwd: Bug#924736: zsh 5.7.1 segfaults when three setopt options are in play [origin: wesley@schwengle.net]
Date: Mon, 18 Mar 2019 10:18:22 +0000	[thread overview]
Message-ID: <1552904302.5658.6.camel@samsung.com> (raw)
In-Reply-To: <20190316214155.GH10429@sym.noone.org>

On Sat, 2019-03-16 at 22:41 +0100, Axel Beckert wrote:
> Have a zshrc with the following setopts:
> 
> setopt hist_reduce_blanks
> setopt hist_ignore_space
> setopt interactivecomments
> 
> * Run zsh -f
> * Now enter `     #`
> * You get a command not found error
> * Now source your zshrc
> * Again entery `     #`
> * Segfault

Yes, that's completely reproducible.

I think it's the logic within histreduceblanks() that's flaky in this
case, where there's a comment at the end of a line with no commands and
hence no words.  The final comment is a special case because the
positions of words aren't marked.  It can't possibly be correct to do
that copy at the end if the destination pointer is after the source
pointer, can it?  So I think the following ought to be safe.

If anyone else thinks the code here is trying to do something cleverer that this
may stop --- your guess is as good as mine at this point --- let me know
(but I think that's a much lesser problem).

pws

diff --git a/Src/hist.c b/Src/hist.c
index f7e53de..901cd3b 100644
--- a/Src/hist.c
+++ b/Src/hist.c
@@ -1198,8 +1198,9 @@ histreduceblanks(void)
 	chline[pos] = '\0';
     } else {
 	ptr = chline + pos;
-	while ((*ptr++ = *lastptr++))
-	    ;
+	if (ptr < lastptr)
+	    while ((*ptr++ = *lastptr++))
+		;
     }
 }

     prev parent reply	other threads:[~2019-03-18 10:19 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <CGME20190316214308epcas4p4470c8cac303dbbcdcec8e62a593e3ceb@epcas4p4.samsung.com>
2019-03-16 21:41 ` Axel Beckert
2019-03-16 22:28   ` Wesley Schwengle
2019-03-18 10:18   ` Peter Stephenson [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1552904302.5658.6.camel@samsung.com \
    --to=p.stephenson@samsung.com \
    --cc=zsh-workers@zsh.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

Code repositories for project(s) associated with this public inbox

	https://git.vuxu.org/mirror/zsh/

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).