From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 14427 invoked from network); 11 Jul 2005 09:05:40 -0000 Received: from news.dotsrc.org (HELO a.mx.sunsite.dk) (130.225.247.88) by ns1.primenet.com.au with SMTP; 11 Jul 2005 09:05:40 -0000 Received: (qmail 72962 invoked from network); 11 Jul 2005 09:05:26 -0000 Received: from sunsite.dk (130.225.247.90) by a.mx.sunsite.dk with SMTP; 11 Jul 2005 09:05:26 -0000 Received: (qmail 15709 invoked by alias); 11 Jul 2005 09:05:22 -0000 Mailing-List: contact zsh-workers-help@sunsite.dk; run by ezmlm Precedence: bulk X-No-Archive: yes X-Seq: 21428 Received: (qmail 15697 invoked from network); 11 Jul 2005 09:05:21 -0000 Received: from news.dotsrc.org (HELO a.mx.sunsite.dk) (130.225.247.88) by sunsite.dk with SMTP; 11 Jul 2005 09:05:21 -0000 Received: (qmail 72609 invoked from network); 11 Jul 2005 09:05:20 -0000 Received: from lead.cat.pdx.edu (131.252.208.91) by a.mx.sunsite.dk with SMTP; 11 Jul 2005 09:05:16 -0000 Received: from ruby.cat.pdx.edu (ruby.cat.pdx.edu [131.252.208.85]) by lead.cat.pdx.edu (8.13.1/8.13.1) with ESMTP id j6B9531L020491 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 11 Jul 2005 02:05:04 -0700 (PDT) Received: from ruby.cat.pdx.edu (localhost.localdomain [127.0.0.1]) by ruby.cat.pdx.edu (8.13.1/8.12.10) with ESMTP id j6B952LK019968 for ; Mon, 11 Jul 2005 02:05:02 -0700 Received: (from tspencer@localhost) by ruby.cat.pdx.edu (8.13.1/8.13.1/Submit) id j6B952hG019966 for zsh-workers@sunsite.dk; Mon, 11 Jul 2005 02:05:02 -0700 Date: Mon, 11 Jul 2005 02:05:02 -0700 From: Travis Spencer To: zsh-workers@sunsite.dk Subject: PATCH: computil.c segfaults when _values called with too few arguments Message-ID: <20050711090502.GF12208@ruby.cat.pdx.edu> Reply-To: zsh-workers@sunsite.dk Mail-Followup-To: zsh-workers@sunsite.dk Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: All mail clients sucks. This one just sucks less. X-Virus-Scanned: by amavisd-new X-Spam-Checker-Version: SpamAssassin 3.0.2 on a.mx.sunsite.dk X-Spam-Level: X-Spam-Status: No, score=-2.3 required=6.0 tests=AWL,BAYES_00 autolearn=ham version=3.0.2 X-Spam-Hits: -2.3 Given this completion definition: #compdef testvalues _arguments "-n:foo bar:_values -s , -S ''" After entering the `-n' flag and then hitting tab, zsh will segfault every time as demonstrated in the following typescript: Script started on Mon Jul 11 01:05:49 2005 murzim% stash/opt/bin/zsh -f murzim% fpath=( .zsh/functions $fpath ) murzim% autoload compinit murzim% compinit murzim% testvalues -n zsh: segmentation fault (core dumped) stash/opt/bin/zsh -f murzim% exit script done on Mon Jul 11 01:06:38 2005 Script started on Mon Jul 11 01:54:21 2005 murzim% stash/opt/bin/zsh --version zsh 4.3.0-dev-1 (sparc-sun-solaris2.9) murzim% exit script done on Mon Jul 11 01:54:46 2005 The problem was caused by dereferencing a NULL pointer in parse_cvdef. Here is a patch to fix the problem. Index: Src/Zle/computil.c =================================================================== RCS file: /cvsroot/zsh/zsh/Src/Zle/computil.c,v retrieving revision 1.88 diff -u -p -r1.88 computil.c --- Src/Zle/computil.c 7 Dec 2004 16:55:12 -0000 1.88 +++ Src/Zle/computil.c 11 Jul 2005 08:58:06 -0000 @@ -2660,7 +2660,8 @@ parse_cvdef(char *nam, char **args) char **oargs = args, sep = '\0', asep = '=', *name, *descr, *p, *q, **xor, c; int xnum, multi, vtype, hassep = 0, words = 0; - while (args[0][0] == '-' && + while (args && args[0] && args[1] && + args[0][0] == '-' && (args[0][1] == 's' || args[0][1] == 'S' || args[0][1] == 'w') && !args[0][2]) {