* Re: zsh-mem & prompt
1996-08-02 14:58 zsh-mem & prompt Louis Granboulan
@ 1996-08-02 18:26 ` Zoltan Hidvegi
1996-08-02 18:51 ` Bill Pemberton
0 siblings, 1 reply; 3+ messages in thread
From: Zoltan Hidvegi @ 1996-08-02 18:26 UTC (permalink / raw)
To: Louis Granboulan; +Cc: zsh-workers, wfp5p
> This is zsh-3.0-pre5 on a SPARCstation-5 with SunOS 4.1.4
> When it is configured with --enable-zsh-mem, I have the following
> message : attempt to free more than allocated
> The problem is that the prompt buffer `lpptbuf' does not terminate with '\0'.
That's not really a problem. The problem is that zsfree used. The patch
below fixes that. It allso changes mem.c to fill the freed memory with
0xff insted of zero. Dereferencing ~0 should also cause SEGV and after
this patch newly allocated string buffers will not be automatically null
terminated so it may bring up some bugs (of course only if zsh is
configured using ./configure --enable-zsh-{mem,{mem-,}debug,secure-free}).
I did not see this prompt bug exacly because of this automatic zero-fill.
Btw. it may fix those mysterious core dumps reported by Bill. Bill, would
you try it?
Zoltan
*** Src/zle_refresh.c 1996/07/31 15:45:25 2.11
--- Src/zle_refresh.c 1996/08/02 15:47:04
***************
*** 996,1003 ****
void
genprompts(void)
{
! zsfree(lpptbuf);
! zsfree(rpptbuf);
lpptbuf = putprompt(lpmpt, &lpptlen, &pptw, 1);
pmpt_attr = txtchange;
rpptbuf = putprompt(rpmpt, &rpptlen, &rpw, 1);
--- 996,1003 ----
void
genprompts(void)
{
! zfree(lpptbuf, lpptlen);
! zfree(rpptbuf, rpptlen);
lpptbuf = putprompt(lpmpt, &lpptlen, &pptw, 1);
pmpt_attr = txtchange;
rpptbuf = putprompt(rpmpt, &rpptlen, &rpw, 1);
*** Src/mem.c 1996/07/29 23:44:19 2.8
--- Src/mem.c 1996/08/02 15:40:37
***************
*** 831,837 ****
#ifdef ZSH_MEM_DEBUG
m_f[M_BSLEN(mt->len) / M_ISIZE]++;
! memset(sh, 0, M_BSLEN(mt->len));
#endif
/* put the block onto the free list */
--- 831,837 ----
#ifdef ZSH_MEM_DEBUG
m_f[M_BSLEN(mt->len) / M_ISIZE]++;
! memset(sh, 0xff, M_BSLEN(mt->len));
#endif
/* put the block onto the free list */
***************
*** 904,910 ****
}
DPUTS(m->len < osz, "attempt to free more than allocated.");
#ifdef ZSH_MEM_DEBUG
! memset(p, 0, m->len);
#endif
if (mt && ((char *)mt) == (((char *)m) + M_ISIZE + m->len)) {
/* the block after the one we are freeing is free, we put them
--- 904,910 ----
}
DPUTS(m->len < osz, "attempt to free more than allocated.");
#ifdef ZSH_MEM_DEBUG
! memset(p, 0xff, m->len);
#endif
if (mt && ((char *)mt) == (((char *)m) + M_ISIZE + m->len)) {
/* the block after the one we are freeing is free, we put them
^ permalink raw reply [flat|nested] 3+ messages in thread