From mboxrd@z Thu Jan 1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org
X-Spam-Level:
X-Spam-Status: No, score=-1.1 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
DKIM_VALID_AU,MAILING_LIST_MULTI,T_SCC_BODY_TEXT_LINE,
UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.4
Received: (qmail 16876 invoked from network); 24 Mar 2022 10:48:33 -0000
Received: from zero.zsh.org (2a02:898:31:0:48:4558:7a:7368)
by inbox.vuxu.org with ESMTPUTF8; 24 Mar 2022 10:48:33 -0000
ARC-Seal: i=1; cv=none; a=rsa-sha256; d=zsh.org; s=rsa-20210803; t=1648118913;
b=hT67cEJU3ooZl8NjXhD/5IaRH9ExealC+JL70/kweJw7n+/xK4KVO7tuTaXFfusTEuxa6PDfsf
d7aqctQvwL+o/F/m2mZl+e0XGJPZLBLd/uxyroABmsfUKssea7PM1SdQc/GZrUkD2c0Jlk79vs
9JiV6VVRo2V6fLc3g+dumVLBvzonMpBlx4730U4Oe6VPtChdyyVKdnQyV5Zm9l7aQYDwef5iY3
/GJ67Cjt3o+seAcOI+BkPaRNE/vS/UV0FNH8gGPonjTHE0f1xpUNuczxf9ZR2ASoYhMx083dMo
FqVBhEb8L+IItcVTUXRu1O08qtpm+dqBGC+CjGQl4PKamQ==;
ARC-Authentication-Results: i=1; zsh.org;
iprev=pass (smtpq2.tb.ukmail.iss.as9143.net) smtp.remote-ip=212.54.57.97;
dkim=pass header.d=ntlworld.com header.s=meg.feb2017 header.a=rsa-sha256;
dmarc=pass header.from=ntlworld.com;
arc=none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed; d=zsh.org; s=rsa-20210803; t=1648118913;
bh=mOgru/DRMkumY1++sb44qC9nODwgfFIgjVAyMjmj1B0=;
h=List-Archive:List-Owner:List-Post:List-Unsubscribe:List-Subscribe:List-Help:
List-Id:Sender:Content-Transfer-Encoding:Content-Type:MIME-Version:Subject:
References:In-Reply-To:Message-ID:To:From:Date:DKIM-Signature:
DKIM-Signature;
b=KGEJSe8ueOwArOaBL2fRYxRyiCaYHowLOPFyY4YOv/AodRY6clsvydPS9ZJW9aXgxxnR4ymO9i
kfni4q2azfOee9urouY0CqcPW1IShwgxi0lUpOwJP7fNC/hUPdE77DktVS46zrk7GAwkNs5R0v
DV8ZkPFjs1yhJOBoj/j6RLB4r/gr4z97Z6VyCfjdGP6rJVbnugQvgIPgirLgu+OP6DwWVPI+hy
SxGKUAaM+OqBg1oiiw7X347m0uy4V7lotX90mGfHuXANoP2nmYOWtFmFjyBhyZGGfRqm4rgW8P
Ctz/F8lOFnxhw5oc8XjMJwAyY/jk9NZ1MOW+8o6NA8Mk+g==;
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=zsh.org;
s=rsa-20210803; h=List-Archive:List-Owner:List-Post:List-Unsubscribe:
List-Subscribe:List-Help:List-Id:Sender:Content-Transfer-Encoding:
Content-Type:MIME-Version:Subject:References:In-Reply-To:Message-ID:To:From:
Date:Reply-To:Cc:Content-ID:Content-Description:Resent-Date:Resent-From:
Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID;
bh=L70ik0a7R3SdKOGOd3aKxR+OXcgiiZ/R0w57+ZSqTQE=; b=Qfh1lEjptP3flpjQOa+xj3u+LD
yTW8RMeOAWUwHRsdCfv66sQsZhS90gBtL54uwmyL+ahwURPmn8eS/dF9EoQc8QeOKubzlEK9zf6OJ
eKkx52PZOS+ZQZXnd5HCsOnt7/ifSOsaMsT0HlPZrG4PJRzKmEl62kPYqb9SopYiNYqlr1y2NADcx
eyJpA2Tz3MkRuCpN7Q0g5zwmYhmoyuUWVptdbZQYYJuVoXYzDVVACbzVgyanVhWyKX1q0ioX3/CDg
xGRDlLis6I8BiZJeeUFK//EDH8DSIXlWGAZ/NClGjUNx46wPo1IbUZYPbWu0xF1jmTXUEIFi7derA
UjK5atlQ==;
Received: from authenticated user by zero.zsh.org with local
id 1nXL15-000IYZ-Qe; Thu, 24 Mar 2022 10:48:31 +0000
Authentication-Results: zsh.org;
iprev=pass (smtpq2.tb.ukmail.iss.as9143.net) smtp.remote-ip=212.54.57.97;
dkim=pass header.d=ntlworld.com header.s=meg.feb2017 header.a=rsa-sha256;
dmarc=pass header.from=ntlworld.com;
arc=none
Received: from smtpq2.tb.ukmail.iss.as9143.net ([212.54.57.97]:32926)
by zero.zsh.org with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256)
id 1nXL0X-000IDC-J6; Thu, 24 Mar 2022 10:47:57 +0000
Received: from [212.54.57.80] (helo=smtp1.tb.ukmail.iss.as9143.net)
by smtpq2.tb.ukmail.iss.as9143.net with esmtp (Exim 4.90_1)
(envelope-from
)
id 1nXL0W-0000X5-Rt
for zsh-workers@zsh.org; Thu, 24 Mar 2022 11:47:57 +0100
Received: from oxbe25.tb.ukmail.iss.as9143.net ([172.25.160.156])
by smtp1.tb.ukmail.iss.as9143.net with ESMTP
id XL0Wn7IeHBAYNXL0WnGAGo; Thu, 24 Mar 2022 11:47:56 +0100
X-Env-Mailfrom: p.w.stephenson@ntlworld.com
X-Env-Rcptto: zsh-workers@zsh.org
X-SourceIP: 172.25.160.156
X-CNFS-Analysis: v=2.4 cv=IZSU5Ema c=1 sm=1 tr=0 ts=623c4c5c cx=a_exe
a=NA7IgXeTfPXpJV+SL5V8Rw==:117 a=wbvTLvLwOfMA:10 a=IkcTkHD0fZMA:10
a=7H6ixmLU1AQA:10 a=gBqgrgrTv8hlrusHH_cA:9 a=QEXdDO2ut3YA:10
X-Authenticated-Sender: p.w.stephenson@ntlworld.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ntlworld.com;
s=meg.feb2017; t=1648118876;
bh=mOgru/DRMkumY1++sb44qC9nODwgfFIgjVAyMjmj1B0=;
h=Date:From:To:In-Reply-To:References:Subject;
b=lcDshe14y/kSdkom9/EkCj9oRH3MZjwP1dqEO0YdXtsFDR/BA+cYbcTwJO4ezNBBp
/Lp7EX6bNznXX8t3XHG0gR6Fr1jjy3QeqI+xSG3WZ9TJsUgfyOPsSubCNl3+P0yYA4
YM6Euue0mEbWMcwPWna2rOKSpXaqHMycltRkNQ/JR9puy9v+J1xi4YZ2SoYjxJDF2r
686RZFdBHqVY25omqWPW/fd04SzGPZsy+/MGEKKDirmWCNl7nGmnmWPsY499t3fujl
l2J88enFGfKBGq+JPcxkzyyM5gnD9olt0C74sK522gD6WCU0/u5qnPay07TuEuyEIq
x4WVZycURjkfw==
Date: Thu, 24 Mar 2022 10:47:56 +0000 (GMT)
From: Peter Stephenson
To: =?UTF-8?Q?Johan_Str=C3=B6m?= , zsh-workers@zsh.org
Message-ID: <1950010726.626226.1648118876781@mail2.virginmedia.com>
In-Reply-To: <87c0f1d5-84cb-e459-7009-aff69da3bdb8@stromnet.se>
References:
<96788bd2-783a-920e-1b6b-ea20ae2683f4@stromnet.se>
<785894966.624349.1648115917719@mail2.virginmedia.com>
<87c0f1d5-84cb-e459-7009-aff69da3bdb8@stromnet.se>
Subject: Re: "crash: free invalid next size (fast)" on completion
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-Priority: 3
Importance: Medium
X-Mailer: Open-Xchange Mailer v7.8.4-Rev72
X-Originating-IP: 147.161.167.85
X-Originating-Client: open-xchange-appsuite
X-CMAE-Envelope: MS4xfM/YJhx1jZVOTE52AVOId24WJCrbhdpHKmq4ccuq9asHr/IyYIn2ARCl0XrvK2f9ZZTDvZKRunxSCLgWdVvStOFmmiRkJn2D1KmWfWYFFaV1HoTWHiR7
UUA76kpr980zPexLx34oosQboZkLCSHe1c0hrW1OOtd5YbwMIiOOMyXxo2cn8yeECzgubaz6VadAlEI2a1EtR/0y2JV8lXL6HH/ULFWynqzzCLiXnCRNCK82
0L6e0leoCDzvD5PrZWIyYw==
X-Seq: 49890
Archived-At:
X-Loop: zsh-workers@zsh.org
Errors-To: zsh-workers-owner@zsh.org
Precedence: list
Precedence: bulk
Sender: zsh-workers-request@zsh.org
X-no-archive: yes
List-Id:
List-Help:
List-Subscribe:
List-Unsubscribe:
List-Post:
List-Owner:
List-Archive:
> On 24 March 2022 at 10:12 Johan Str=C3=B6m wrote:
> Launched one now. Quickly noticed this:
>=20
> 1. Execute ls
> 2. Use up-arrow, triggers warning:
> =C2=A0=3D=3D2157023=3D=3D Invalid read of size 32
> =3D=3D2157023=3D=3D=C2=A0=C2=A0=C2=A0 at 0x4B7709D: __wmemcmp_avx2_movbe =
(in /usr/lib/libc.so.6)
> =3D=3D2157023=3D=3D=C2=A0=C2=A0=C2=A0 by 0x5863FDC: mkundoent (in /usr/li=
b/zsh/5.8.1/zsh/zle.so)
>...
> =3D=3D2157023=3D=3D=C2=A0 Address 0x5c2de50 is 0 bytes inside a block of =
size 8 alloc'd
> =3D=3D2157023=3D=3D=C2=A0=C2=A0=C2=A0 at 0x484ACD3: realloc (in=20
> /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
> =3D=3D2157023=3D=3D=C2=A0=C2=A0=C2=A0 by 0x586404F: setlastline (in /usr/=
lib/zsh/5.8.1/zsh/zle.so)
>From circumstantial evidence, I'm guessing that might go away with the foll=
owing?
Unless there's some reason lastlinesz would not be as long as the allocatio=
n of
lastline, it's hard to see how this could be wrong (famous last words).
pws
diff --git a/Src/Zle/zle_utils.c b/Src/Zle/zle_utils.c
index c85f8450d..526216fa7 100644
--- a/Src/Zle/zle_utils.c
+++ b/Src/Zle/zle_utils.c
@@ -1530,7 +1530,7 @@ mkundoent(void)
struct change *ch;
=20
UNMETACHECK();
- if(lastll =3D=3D zlell && !ZS_memcmp(lastline, zleline, zlell)) {
+ if(lastll =3D=3D zlell && lastlinesz >=3D zlell && !ZS_memcmp(lastline=
, zleline, zlell)) {
=09lastcs =3D zlecs;
=09return;
}