From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.1 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
	DKIM_VALID_AU,MAILING_LIST_MULTI,T_SCC_BODY_TEXT_LINE,
	UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.4
Received: (qmail 16876 invoked from network); 24 Mar 2022 10:48:33 -0000
Received: from zero.zsh.org (2a02:898:31:0:48:4558:7a:7368)
  by inbox.vuxu.org with ESMTPUTF8; 24 Mar 2022 10:48:33 -0000
ARC-Seal: i=1; cv=none; a=rsa-sha256; d=zsh.org; s=rsa-20210803; t=1648118913;
	 b=hT67cEJU3ooZl8NjXhD/5IaRH9ExealC+JL70/kweJw7n+/xK4KVO7tuTaXFfusTEuxa6PDfsf
	  d7aqctQvwL+o/F/m2mZl+e0XGJPZLBLd/uxyroABmsfUKssea7PM1SdQc/GZrUkD2c0Jlk79vs
	  9JiV6VVRo2V6fLc3g+dumVLBvzonMpBlx4730U4Oe6VPtChdyyVKdnQyV5Zm9l7aQYDwef5iY3
	  /GJ67Cjt3o+seAcOI+BkPaRNE/vS/UV0FNH8gGPonjTHE0f1xpUNuczxf9ZR2ASoYhMx083dMo
	  FqVBhEb8L+IItcVTUXRu1O08qtpm+dqBGC+CjGQl4PKamQ==;
ARC-Authentication-Results: i=1; zsh.org;
	iprev=pass (smtpq2.tb.ukmail.iss.as9143.net) smtp.remote-ip=212.54.57.97;
	dkim=pass header.d=ntlworld.com header.s=meg.feb2017 header.a=rsa-sha256;
	dmarc=pass header.from=ntlworld.com;
	arc=none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed; d=zsh.org; s=rsa-20210803; t=1648118913;
	bh=mOgru/DRMkumY1++sb44qC9nODwgfFIgjVAyMjmj1B0=;
	h=List-Archive:List-Owner:List-Post:List-Unsubscribe:List-Subscribe:List-Help:
	  List-Id:Sender:Content-Transfer-Encoding:Content-Type:MIME-Version:Subject:
	  References:In-Reply-To:Message-ID:To:From:Date:DKIM-Signature:
	  DKIM-Signature;
	b=KGEJSe8ueOwArOaBL2fRYxRyiCaYHowLOPFyY4YOv/AodRY6clsvydPS9ZJW9aXgxxnR4ymO9i
	  kfni4q2azfOee9urouY0CqcPW1IShwgxi0lUpOwJP7fNC/hUPdE77DktVS46zrk7GAwkNs5R0v
	  DV8ZkPFjs1yhJOBoj/j6RLB4r/gr4z97Z6VyCfjdGP6rJVbnugQvgIPgirLgu+OP6DwWVPI+hy
	  SxGKUAaM+OqBg1oiiw7X347m0uy4V7lotX90mGfHuXANoP2nmYOWtFmFjyBhyZGGfRqm4rgW8P
	  Ctz/F8lOFnxhw5oc8XjMJwAyY/jk9NZ1MOW+8o6NA8Mk+g==;
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=zsh.org;
	s=rsa-20210803; h=List-Archive:List-Owner:List-Post:List-Unsubscribe:
	List-Subscribe:List-Help:List-Id:Sender:Content-Transfer-Encoding:
	Content-Type:MIME-Version:Subject:References:In-Reply-To:Message-ID:To:From:
	Date:Reply-To:Cc:Content-ID:Content-Description:Resent-Date:Resent-From:
	Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID;
	bh=L70ik0a7R3SdKOGOd3aKxR+OXcgiiZ/R0w57+ZSqTQE=; b=Qfh1lEjptP3flpjQOa+xj3u+LD
	yTW8RMeOAWUwHRsdCfv66sQsZhS90gBtL54uwmyL+ahwURPmn8eS/dF9EoQc8QeOKubzlEK9zf6OJ
	eKkx52PZOS+ZQZXnd5HCsOnt7/ifSOsaMsT0HlPZrG4PJRzKmEl62kPYqb9SopYiNYqlr1y2NADcx
	eyJpA2Tz3MkRuCpN7Q0g5zwmYhmoyuUWVptdbZQYYJuVoXYzDVVACbzVgyanVhWyKX1q0ioX3/CDg
	xGRDlLis6I8BiZJeeUFK//EDH8DSIXlWGAZ/NClGjUNx46wPo1IbUZYPbWu0xF1jmTXUEIFi7derA
	UjK5atlQ==;
Received: from authenticated user by zero.zsh.org with local 
	id 1nXL15-000IYZ-Qe; Thu, 24 Mar 2022 10:48:31 +0000
Authentication-Results: zsh.org;
	iprev=pass (smtpq2.tb.ukmail.iss.as9143.net) smtp.remote-ip=212.54.57.97;
	dkim=pass header.d=ntlworld.com header.s=meg.feb2017 header.a=rsa-sha256;
	dmarc=pass header.from=ntlworld.com;
	arc=none
Received: from smtpq2.tb.ukmail.iss.as9143.net ([212.54.57.97]:32926)
	by zero.zsh.org with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256)
	id 1nXL0X-000IDC-J6; Thu, 24 Mar 2022 10:47:57 +0000
Received: from [212.54.57.80] (helo=smtp1.tb.ukmail.iss.as9143.net)
	by smtpq2.tb.ukmail.iss.as9143.net with esmtp (Exim 4.90_1)
	(envelope-from <p.w.stephenson@ntlworld.com>)
	id 1nXL0W-0000X5-Rt
	for zsh-workers@zsh.org; Thu, 24 Mar 2022 11:47:57 +0100
Received: from oxbe25.tb.ukmail.iss.as9143.net ([172.25.160.156])
	by smtp1.tb.ukmail.iss.as9143.net with ESMTP
	id XL0Wn7IeHBAYNXL0WnGAGo; Thu, 24 Mar 2022 11:47:56 +0100
X-Env-Mailfrom: p.w.stephenson@ntlworld.com
X-Env-Rcptto: zsh-workers@zsh.org
X-SourceIP: 172.25.160.156
X-CNFS-Analysis: v=2.4 cv=IZSU5Ema c=1 sm=1 tr=0 ts=623c4c5c cx=a_exe
 a=NA7IgXeTfPXpJV+SL5V8Rw==:117 a=wbvTLvLwOfMA:10 a=IkcTkHD0fZMA:10
 a=7H6ixmLU1AQA:10 a=gBqgrgrTv8hlrusHH_cA:9 a=QEXdDO2ut3YA:10
X-Authenticated-Sender: p.w.stephenson@ntlworld.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ntlworld.com;
	s=meg.feb2017; t=1648118876;
	bh=mOgru/DRMkumY1++sb44qC9nODwgfFIgjVAyMjmj1B0=;
	h=Date:From:To:In-Reply-To:References:Subject;
	b=lcDshe14y/kSdkom9/EkCj9oRH3MZjwP1dqEO0YdXtsFDR/BA+cYbcTwJO4ezNBBp
	 /Lp7EX6bNznXX8t3XHG0gR6Fr1jjy3QeqI+xSG3WZ9TJsUgfyOPsSubCNl3+P0yYA4
	 YM6Euue0mEbWMcwPWna2rOKSpXaqHMycltRkNQ/JR9puy9v+J1xi4YZ2SoYjxJDF2r
	 686RZFdBHqVY25omqWPW/fd04SzGPZsy+/MGEKKDirmWCNl7nGmnmWPsY499t3fujl
	 l2J88enFGfKBGq+JPcxkzyyM5gnD9olt0C74sK522gD6WCU0/u5qnPay07TuEuyEIq
	 x4WVZycURjkfw==
Date: Thu, 24 Mar 2022 10:47:56 +0000 (GMT)
From: Peter Stephenson <p.w.stephenson@ntlworld.com>
To: =?UTF-8?Q?Johan_Str=C3=B6m?= <johan@stromnet.se>, zsh-workers@zsh.org
Message-ID: <1950010726.626226.1648118876781@mail2.virginmedia.com>
In-Reply-To: <87c0f1d5-84cb-e459-7009-aff69da3bdb8@stromnet.se>
References: <df2ea61b-d0ea-ba95-98e0-d0fe84b800d0@stromnet.se>
 <CAH+w=7Yn_jyvHiOtpMAmq8rFESM16LgEdzgGx7t0E+c2ctS1fg@mail.gmail.com>
 <96788bd2-783a-920e-1b6b-ea20ae2683f4@stromnet.se>
 <785894966.624349.1648115917719@mail2.virginmedia.com>
 <87c0f1d5-84cb-e459-7009-aff69da3bdb8@stromnet.se>
Subject: Re: "crash: free invalid next size (fast)" on completion
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-Priority: 3
Importance: Medium
X-Mailer: Open-Xchange Mailer v7.8.4-Rev72
X-Originating-IP: 147.161.167.85
X-Originating-Client: open-xchange-appsuite
X-CMAE-Envelope: MS4xfM/YJhx1jZVOTE52AVOId24WJCrbhdpHKmq4ccuq9asHr/IyYIn2ARCl0XrvK2f9ZZTDvZKRunxSCLgWdVvStOFmmiRkJn2D1KmWfWYFFaV1HoTWHiR7
 UUA76kpr980zPexLx34oosQboZkLCSHe1c0hrW1OOtd5YbwMIiOOMyXxo2cn8yeECzgubaz6VadAlEI2a1EtR/0y2JV8lXL6HH/ULFWynqzzCLiXnCRNCK82
 0L6e0leoCDzvD5PrZWIyYw==
X-Seq: 49890
Archived-At: <https://zsh.org/workers/49890>
X-Loop: zsh-workers@zsh.org
Errors-To: zsh-workers-owner@zsh.org
Precedence: list
Precedence: bulk
Sender: zsh-workers-request@zsh.org
X-no-archive: yes
List-Id: <zsh-workers.zsh.org>
List-Help: <mailto:sympa@zsh.org?subject=help>
List-Subscribe: <mailto:sympa@zsh.org?subject=subscribe%20zsh-workers>
List-Unsubscribe: <mailto:sympa@zsh.org?subject=unsubscribe%20zsh-workers>
List-Post: <mailto:zsh-workers@zsh.org>
List-Owner: <mailto:zsh-workers-request@zsh.org>
List-Archive: <http://www.zsh.org/sympa/arc/zsh-workers>

> On 24 March 2022 at 10:12 Johan Str=C3=B6m <johan@stromnet.se> wrote:
> Launched one now. Quickly noticed this:
>=20
> 1. Execute ls
> 2. Use up-arrow, triggers warning:
>  =C2=A0=3D=3D2157023=3D=3D Invalid read of size 32
> =3D=3D2157023=3D=3D=C2=A0=C2=A0=C2=A0 at 0x4B7709D: __wmemcmp_avx2_movbe =
(in /usr/lib/libc.so.6)
> =3D=3D2157023=3D=3D=C2=A0=C2=A0=C2=A0 by 0x5863FDC: mkundoent (in /usr/li=
b/zsh/5.8.1/zsh/zle.so)
>...
> =3D=3D2157023=3D=3D=C2=A0 Address 0x5c2de50 is 0 bytes inside a block of =
size 8 alloc'd
> =3D=3D2157023=3D=3D=C2=A0=C2=A0=C2=A0 at 0x484ACD3: realloc (in=20
> /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
> =3D=3D2157023=3D=3D=C2=A0=C2=A0=C2=A0 by 0x586404F: setlastline (in /usr/=
lib/zsh/5.8.1/zsh/zle.so)

>From circumstantial evidence, I'm guessing that might go away with the foll=
owing?
Unless there's some reason lastlinesz would not be as long as the allocatio=
n of
lastline, it's hard to see how this could be wrong (famous last words).

pws

diff --git a/Src/Zle/zle_utils.c b/Src/Zle/zle_utils.c
index c85f8450d..526216fa7 100644
--- a/Src/Zle/zle_utils.c
+++ b/Src/Zle/zle_utils.c
@@ -1530,7 +1530,7 @@ mkundoent(void)
     struct change *ch;
=20
     UNMETACHECK();
-    if(lastll =3D=3D zlell && !ZS_memcmp(lastline, zleline, zlell)) {
+    if(lastll =3D=3D zlell && lastlinesz >=3D zlell && !ZS_memcmp(lastline=
, zleline, zlell)) {
 =09lastcs =3D zlecs;
 =09return;
     }