* zsh-mem & prompt
@ 1996-08-02 14:58 Louis Granboulan
1996-08-02 18:26 ` Zoltan Hidvegi
0 siblings, 1 reply; 3+ messages in thread
From: Louis Granboulan @ 1996-08-02 14:58 UTC (permalink / raw)
To: zsh-workers
This is zsh-3.0-pre5 on a SPARCstation-5 with SunOS 4.1.4
When it is configured with --enable-zsh-mem, I have the following
message : attempt to free more than allocated
The problem is that the prompt buffer `lpptbuf' does not terminate with '\0'.
Here is a patch that solves this:
*** zle_misc.c.orig Wed Jul 31 17:43:13 1996
--- zle_misc.c Fri Aug 2 16:55:55 1996
***************
*** 1279,1280 ****
--- 1279,1285 ----
}
+ /* Terminate the string */
+ if (! *fm) {
+ addbufspc(1);
+ pputc(*fm);
+ }
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: zsh-mem & prompt
1996-08-02 14:58 zsh-mem & prompt Louis Granboulan
@ 1996-08-02 18:26 ` Zoltan Hidvegi
1996-08-02 18:51 ` Bill Pemberton
0 siblings, 1 reply; 3+ messages in thread
From: Zoltan Hidvegi @ 1996-08-02 18:26 UTC (permalink / raw)
To: Louis Granboulan; +Cc: zsh-workers, wfp5p
> This is zsh-3.0-pre5 on a SPARCstation-5 with SunOS 4.1.4
> When it is configured with --enable-zsh-mem, I have the following
> message : attempt to free more than allocated
> The problem is that the prompt buffer `lpptbuf' does not terminate with '\0'.
That's not really a problem. The problem is that zsfree used. The patch
below fixes that. It allso changes mem.c to fill the freed memory with
0xff insted of zero. Dereferencing ~0 should also cause SEGV and after
this patch newly allocated string buffers will not be automatically null
terminated so it may bring up some bugs (of course only if zsh is
configured using ./configure --enable-zsh-{mem,{mem-,}debug,secure-free}).
I did not see this prompt bug exacly because of this automatic zero-fill.
Btw. it may fix those mysterious core dumps reported by Bill. Bill, would
you try it?
Zoltan
*** Src/zle_refresh.c 1996/07/31 15:45:25 2.11
--- Src/zle_refresh.c 1996/08/02 15:47:04
***************
*** 996,1003 ****
void
genprompts(void)
{
! zsfree(lpptbuf);
! zsfree(rpptbuf);
lpptbuf = putprompt(lpmpt, &lpptlen, &pptw, 1);
pmpt_attr = txtchange;
rpptbuf = putprompt(rpmpt, &rpptlen, &rpw, 1);
--- 996,1003 ----
void
genprompts(void)
{
! zfree(lpptbuf, lpptlen);
! zfree(rpptbuf, rpptlen);
lpptbuf = putprompt(lpmpt, &lpptlen, &pptw, 1);
pmpt_attr = txtchange;
rpptbuf = putprompt(rpmpt, &rpptlen, &rpw, 1);
*** Src/mem.c 1996/07/29 23:44:19 2.8
--- Src/mem.c 1996/08/02 15:40:37
***************
*** 831,837 ****
#ifdef ZSH_MEM_DEBUG
m_f[M_BSLEN(mt->len) / M_ISIZE]++;
! memset(sh, 0, M_BSLEN(mt->len));
#endif
/* put the block onto the free list */
--- 831,837 ----
#ifdef ZSH_MEM_DEBUG
m_f[M_BSLEN(mt->len) / M_ISIZE]++;
! memset(sh, 0xff, M_BSLEN(mt->len));
#endif
/* put the block onto the free list */
***************
*** 904,910 ****
}
DPUTS(m->len < osz, "attempt to free more than allocated.");
#ifdef ZSH_MEM_DEBUG
! memset(p, 0, m->len);
#endif
if (mt && ((char *)mt) == (((char *)m) + M_ISIZE + m->len)) {
/* the block after the one we are freeing is free, we put them
--- 904,910 ----
}
DPUTS(m->len < osz, "attempt to free more than allocated.");
#ifdef ZSH_MEM_DEBUG
! memset(p, 0xff, m->len);
#endif
if (mt && ((char *)mt) == (((char *)m) + M_ISIZE + m->len)) {
/* the block after the one we are freeing is free, we put them
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: zsh-mem & prompt
1996-08-02 18:26 ` Zoltan Hidvegi
@ 1996-08-02 18:51 ` Bill Pemberton
0 siblings, 0 replies; 3+ messages in thread
From: Bill Pemberton @ 1996-08-02 18:51 UTC (permalink / raw)
To: Zoltan Hidvegi; +Cc: zsh-workers
Zoltan Hidvegi writes:
>
> Btw. it may fix those mysterious core dumps reported by Bill. Bill, would
> you try it?
>
That's better, but doesn't stop the crashes.
It now takes a little work (feeding it a couple of command lines) before it
crashes, it now crashes line 593 of mem.c:
m->free = sh->next;
--
Bill Pemberton wfp5p@virginia.edu
ITC/Unix Systems flash@virginia.edu
University of Virginia uunet!virginia!wfp5p
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~1996-08-02 18:57 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
1996-08-02 14:58 zsh-mem & prompt Louis Granboulan
1996-08-02 18:26 ` Zoltan Hidvegi
1996-08-02 18:51 ` Bill Pemberton
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/zsh/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).