From: Sven Wischnowsky <wischnow@informatik.hu-berlin.de>
To: zsh-workers@sunsite.auc.dk
Subject: Re: PATCH: Re: Seg fault in matcher-list matching
Date: Mon, 15 May 2000 13:52:17 +0200 (MET DST) [thread overview]
Message-ID: <200005151152.NAA18780@beta.informatik.hu-berlin.de> (raw)
In-Reply-To: "Bart Schaefer"'s message of Mon, 15 May 2000 11:44:55 +0000
Bart Schaefer wrote:
> ...
>
> It doesn't dump for me any more, but I'm still nervous about line 1767 of
> compcore.c:
>
> #1 0x80bd798 in addmatches (dat=0xbfffa854, argv=0xbfffa8d8)
> at ../../../zsh-3.1.6/Src/Zle/compcore.c:1768
> 1768 if ((ml = match_str(lsuf, s, &bsl, 0, NULL, 1, 0, 1)) >= 0) {
> (gdb) l
> 1763 else
> 1764 *argv = NULL;
> 1765 bcp = lpl;
> 1766 }
> 1767 s = dat->psuf ? dat->psuf : "";
> 1768 if ((ml = match_str(lsuf, s, &bsl, 0, NULL, 1, 0, 1)) >= 0) {
> 1769 if (matchsubs) {
> 1770 Cline tmp = get_cline(NULL, 0, NULL, 0, NULL, 0, CLF_SUF);
> 1771
> 1772 tmp->suffix = matchsubs;
>
> The reported core dump was caused because match_str() wrote a '\0' byte into
> the string pointed to by its second argument [`s' above, `w' in match_str()]
> which is being passed as a string constant when dat->psuf == 0.
Yes, I know.
> Is that a
> potential bug, still?
I'm pretty sure I made sure that we don't try to write into strings we
can't write into with the patch I sent. But I'll also commit the one
below for some extra savety.
Bye
Sven
Index: Src/Zle/compcore.c
===================================================================
RCS file: /cvsroot/zsh/zsh/Src/Zle/compcore.c,v
retrieving revision 1.19
diff -u -r1.19 compcore.c
--- Src/Zle/compcore.c 2000/05/12 07:03:41 1.19
+++ Src/Zle/compcore.c 2000/05/15 11:52:03
@@ -1739,7 +1739,7 @@
llpl -= gfl;
}
}
- s = dat->ppre ? dat->ppre : "";
+ s = dat->ppre ? dat->ppre : dupstring("");
if ((ml = match_str(lpre, s, &bpl, 0, NULL, 0, 0, 1)) >= 0) {
if (matchsubs) {
Cline tmp = get_cline(NULL, 0, NULL, 0, NULL, 0, 0);
@@ -1757,14 +1757,14 @@
bpadd = strlen(s) - ml;
} else {
if (llpl <= lpl && strpfx(lpre, s))
- lpre = "";
+ lpre = dupstring("");
else if (llpl > lpl && strpfx(s, lpre))
lpre += lpl;
else
*argv = NULL;
bcp = lpl;
}
- s = dat->psuf ? dat->psuf : "";
+ s = dat->psuf ? dat->psuf : dupstring("");
if ((ml = match_str(lsuf, s, &bsl, 0, NULL, 1, 0, 1)) >= 0) {
if (matchsubs) {
Cline tmp = get_cline(NULL, 0, NULL, 0, NULL, 0, CLF_SUF);
@@ -1782,7 +1782,7 @@
bsadd = strlen(s) - ml;
} else {
if (llsl <= lsl && strsfx(lsuf, s))
- lsuf = "";
+ lsuf = dupstring("");
else if (llsl > lsl && strsfx(s, lsuf))
lsuf[llsl - lsl] = '\0';
else
--
Sven Wischnowsky wischnow@informatik.hu-berlin.de
next reply other threads:[~2000-05-15 11:52 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2000-05-15 11:52 Sven Wischnowsky [this message]
-- strict thread matches above, loose matches on Subject: below --
2000-05-16 10:48 Sven Wischnowsky
2000-05-16 16:03 ` Tanaka Akira
2000-05-15 10:43 Sven Wischnowsky
2000-05-15 9:26 Sven Wischnowsky
2000-05-15 11:44 ` Bart Schaefer
2000-05-15 22:57 ` Tanaka Akira
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200005151152.NAA18780@beta.informatik.hu-berlin.de \
--to=wischnow@informatik.hu-berlin.de \
--cc=zsh-workers@sunsite.auc.dk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/zsh/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).