Re: Bug#452915: zsh segfaults when doing: export TERM=dumb; export TERM=xterm; export TERM=dumb

zsh-workers
 help / color / mirror / code / Atom feed

* Re: Bug#452915: zsh segfaults when doing: export TERM=dumb; export TERM=xterm; export TERM=dumb
       [not found] <20071126031203.11847.39822.reportbug@itchy>
@ 2007-11-26  3:25 ` Clint Adams
  2007-11-26 10:20   ` Peter Stephenson
  0 siblings, 1 reply; 2+ messages in thread
From: Clint Adams @ 2007-11-26  3:25 UTC (permalink / raw)
  To: zsh-workers; +Cc: Niv Sardi, 452915-forwarded

Lovely stack stomp.

On Mon, Nov 26, 2007 at 02:12:03PM +1100, Niv Sardi wrote:
> zsh-test@itchy:~$ gdb zsh4
> GNU gdb 6.6.90.20070912-debian
> Copyright (C) 2007 Free Software Foundation, Inc.
> License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
> This is free software: you are free to change and redistribute it.
> There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
> and "show warranty" for details.
> This GDB was configured as "i486-linux-gnu"...
> Using host libthread_db library "/lib/i686/cmov/libthread_db.so.1".
> (gdb) r
> Starting program: /bin/zsh4
> itchy% export TERM=dumb; export TERM=xterm; export TERM=dumb
> %
> Program received signal SIGSEGV, Segmentation fault.
> 0xb7e0fae0 in ?? () from /lib/i686/cmov/libc.so.6
> (gdb) bt
> #0  0xb7e0fae0 in ?? () from /lib/i686/cmov/libc.so.6
> #1  0x00000001 in ?? ()
> #2  0x00000001 in ?? ()
> #3  0x080d2fe0 in ?? ()
> #4  0xb7dc3ca0 in ?? () from /lib/i686/cmov/libc.so.6
> #5  0xbfea7948 in ?? ()
> #6  0xb7ed28da in ?? () from /lib/i686/cmov/libc.so.6
> #7  0xbfea7908 in ?? ()
> #8  0xb7ef0140 in ?? () from /lib/i686/cmov/libc.so.6
> #9  0x00000000 in ?? ()
> 
> zsh-test@itchy:~$ gdb zsh4
> GNU gdb 6.6.90.20070912-debian
> Copyright (C) 2007 Free Software Foundation, Inc.
> License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
> This is free software: you are free to change and redistribute it.
> There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
> and "show warranty" for details.
> This GDB was configured as "i486-linux-gnu"...
> Using host libthread_db library "/lib/i686/cmov/libthread_db.so.1".
> (gdb) r
> Starting program: /bin/zsh4
> itchy% export TERM=dumb; export TERM=dumb
> itchy% export TERM=dumb; export TERM=xterm; export TERM=dumb
> *** glibc detected *** /bin/zsh4: double free or corruption (fasttop): 0x080e30a0 ***
> ======= Backtrace: =========
> /lib/i686/cmov/libc.so.6[0xb7e70765]
> /lib/i686/cmov/libc.so.6(cfree+0x90)[0xb7e741e0]
> /bin/zsh4(init_term+0x118)[0x807b648]
> /bin/zsh4(setstrvalue+0x38d)[0x809276d]
> /bin/zsh4(assignsparam+0xd7)[0x8095d87]
> /bin/zsh4[0x805a0a9]
> /bin/zsh4(bin_typeset+0x509)[0x805ad79]
> /bin/zsh4(execbuiltin+0x50d)[0x805d07d]
> /bin/zsh4[0x806aa22]
> /bin/zsh4[0x806acd8]
> /bin/zsh4[0x806b0aa]
> /bin/zsh4(execlist+0x415)[0x806be05]
> /bin/zsh4(execode+0x3a)[0x806bffa]
> /bin/zsh4(loop+0xac)[0x807c1bc]
> /bin/zsh4(zsh_main+0x1e4)[0x807ce34]
> /bin/zsh4(main+0x22)[0x8054822]
> /lib/i686/cmov/libc.so.6(__libc_start_main+0xe0)[0xb7e1b450]
> /bin/zsh4[0x8054791]
> ======= Memory map: ========
> 08048000-080c0000 r-xp 00000000 08:0a 6087       /bin/zsh4
> 080c0000-080c4000 rw-p 00077000 08:0a 6087       /bin/zsh4
> 080c4000-080fc000 rw-p 080c4000 00:00 0          [heap]
> b7b00000-b7b21000 rw-p b7b00000 00:00 0
> b7b21000-b7c00000 ---p b7b21000 00:00 0
> b7c38000-b7c44000 r-xp 00000000 08:0a 30168      /lib/libgcc_s.so.1
> b7c44000-b7c45000 rw-p 0000b000 08:0a 30168      /lib/libgcc_s.so.1
> b7c5b000-b7c78000 r-xp 00000000 08:09 296917     /usr/lib/zsh/4.3.4/zsh/complete.so
> b7c78000-b7c79000 rw-p 0001d000 08:09 296917     /usr/lib/zsh/4.3.4/zsh/complete.so
> b7c79000-b7ca6000 r-xp 00000000 08:09 296921     /usr/lib/zsh/4.3.4/zsh/zle.so
> b7ca6000-b7cab000 rw-p 0002d000 08:09 296921     /usr/lib/zsh/4.3.4/zsh/zle.so
> b7cab000-b7cb4000 r-xp 00000000 08:0a 32303      /lib/i686/cmov/libnss_files-2.7.so
> b7cb4000-b7cb6000 rw-p 00008000 08:0a 32303      /lib/i686/cmov/libnss_files-2.7.so
> b7cb6000-b7cbe000 r-xp 00000000 08:0a 32305      /lib/i686/cmov/libnss_nis-2.7.so
> b7cbe000-b7cc0000 rw-p 00007000 08:0a 32305      /lib/i686/cmov/libnss_nis-2.7.so
> b7cc0000-b7cc7000 r-xp 00000000 08:0a 32301      /lib/i686/cmov/libnss_compat-2.7.so
> b7cc7000-b7cc9000 rw-p 00006000 08:0a 32301      /lib/i686/cmov/libnss_compat-2.7.so
> b7cc9000-b7e04000 r--p 00000000 08:09 312529     /usr/lib/locale/locale-archive
> b7e04000-b7e05000 rw-p b7e04000 00:00 0
> b7e05000-b7f4c000 r-xp 00000000 08:0a 32294      /lib/i686/cmov/libc-2.7.so
> b7f4c000-b7f4d000 r--p 00147000 08:0a 32294      /lib/i686/cmov/libc-2.7.so
> b7f4d000-b7f4f000 rw-p 00148000 08:0a 32294      /lib/i686/cmov/libc-2.7.so
> b7f4f000-b7f52000 rw-p b7f4f000 00:00 0
> b7f52000-b7f75000 r-xp 00000000 08:0a 32298      /lib/i686/cmov/libm-2.7.so
> b7f75000-b7f77000 rw-p 00023000 08:0a 32298      /lib/i686/cmov/libm-2.7.so
> b7f77000-b7fa5000 r-xp 00000000 08:0a 30204      /lib/libncurses.so.5.6
> b7fa5000-b7fa8000 rw-p 0002d000 08:0a 30204      /lib/libncurses.so.5.6
> b7fa8000-b7fa9000 rw-p b7fa8000 00:00 0
> b7fa9000-b7fbd000 r-xp 00000000 08:0a 32300      /lib/i686/cmov/libnsl-2.7.so
> b7fbd000-b7fbf000 rw-p 00013000 08:0a 32300      /lib/i686/cmov/libnsl-2.7.so
> b7fbf000-b7fc1000 rw-p b7fbf000 00:00 0
> b7fc1000-b7fc3000 r-xp 00000000 08:0a 32297      /lib/i686/cmov/libdl-2.7.so
> b7fc3000-b7fc5000 rw-p 00001000 08:0a 32297      /lib/i686/cmov/libdl-2.7.so
> b7fc5000-b7fcb000 r-xp 00000000 08:09 296915     /usr/lib/zsh/4.3.4/zsh/zutil.so
> b7fcb000-b7fcc000 rw-p 00005000 08:09 296915     /usr/lib/zsh/4.3.4/zsh/zutil.so
> b7fcc000-b7fce000 r-xp 00000000 08:09 296910     /usr/lib/zsh/4.3.4/zsh/terminfo.so
> b7fce000-b7fcf000 rw-p 00001000 08:09 296910     /usr/lib/zsh/4.3.4/zsh/terminfo.so
> b7fd0000-b7fd4000 rw-p b7fd0000 00:00 0
> b7fd4000-b7fdb000 r--s 00000000 08:09 309855     /usr/lib/gconv/gconv-modules.cache
> b7fdb000-b7fdd000 rw-p b7fdb000 00:00 0
> b7fdd000-b7ff9000 r-xp 00000000 08:0a 30144      /lib/ld-2.7.so
> b7ff9000-b7ffb000 rw-p 0001b000 08:0a 30144      /lib/ld-2.7.so
> bfc50000-bfc66000 rw-p bfc50000 00:00 0          [stack]
> ffffe000-fffff000 r-xp 00000000 00:00 0          [vdso]
> 
> Program received signal SIGABRT, Aborted.
> 0xffffe410 in __kernel_vsyscall ()
> 
> 
> 
> -- System Information:
> Debian Release: lenny/sid
>   APT prefers unstable
>   APT policy: (500, 'unstable'), (500, 'stable'), (1, 'experimental')
> Architecture: i386 (i686)
> 
> Kernel: Linux 2.6.22-3-686 (SMP w/1 CPU core)
> Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/bash
> 
> Versions of packages zsh depends on:
> ii  debconf [debconf-2.0]     1.5.17         Debian configuration management sy
> ii  libc6                     2.7-1          GNU C Library: Shared libraries
> ii  libncurses5               5.6+20071103-1 Shared libraries for terminal hand
> 
> Versions of packages zsh recommends:
> ii  libcap1                       1:1.10-14  support for getting/setting POSIX.
> ii  libpcre3                      7.3-2      Perl 5 Compatible Regular Expressi
> 
> -- no debconf information
> 


^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: Bug#452915: zsh segfaults when doing: export TERM=dumb; export TERM=xterm; export TERM=dumb
  2007-11-26  3:25 ` Bug#452915: zsh segfaults when doing: export TERM=dumb; export TERM=xterm; export TERM=dumb Clint Adams
@ 2007-11-26 10:20   ` Peter Stephenson
  0 siblings, 0 replies; 2+ messages in thread
From: Peter Stephenson @ 2007-11-26 10:20 UTC (permalink / raw)
  To: zsh-workers; +Cc: 452915-forwarded

I think this should fix it.  Three quarters of this is paranoia.

Index: Src/init.c
===================================================================
RCS file: /cvsroot/zsh/zsh/Src/init.c,v
retrieving revision 1.78
diff -u -r1.78 init.c
--- Src/init.c	26 Sep 2007 10:28:35 -0000	1.78
+++ Src/init.c	26 Nov 2007 10:17:26 -0000
@@ -598,19 +598,22 @@
 	if (tccan(TCUP))
 	    termflags &= ~TERM_NOUP;
 	else {
+	    zsfree(tcstr[TCUP]);
 	    tcstr[TCUP] = NULL;
 	    termflags |= TERM_NOUP;
 	}
 
 	/* most termcaps don't define "bc" because they use \b. */
 	if (!tccan(TCBACKSPACE)) {
+	    zsfree(tcstr[TCBACKSPACE]);
 	    tcstr[TCBACKSPACE] = ztrdup("\b");
 	    tclen[TCBACKSPACE] = 1;
 	}
 
 	/* if there's no termcap entry for cursor left, use backspace. */
 	if (!tccan(TCLEFT)) {
-	    tcstr[TCLEFT] = tcstr[TCBACKSPACE];
+	    zsfree(tcstr[TCLEFT]);
+	    tcstr[TCLEFT] = ztrdup(tcstr[TCBACKSPACE]);
 	    tclen[TCLEFT] = tclen[TCBACKSPACE];
 	}
 
@@ -629,6 +632,7 @@
 
 	/* if there's no termcap entry for clear, use ^L. */
 	if (!tccan(TCCLEARSCREEN)) {
+	    zsfree(tcstr[TCCLEARSCREEN]);
 	    tcstr[TCCLEARSCREEN] = ztrdup("\14");
 	    tclen[TCCLEARSCREEN] = 1;
 	}



-- 
Peter Stephenson <pws@csr.com>                  Software Engineer
CSR PLC, Churchill House, Cambridge Business Park, Cowley Road
Cambridge, CB4 0WZ, UK                          Tel: +44 (0)1223 692070


^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2007-11-26 10:21 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
     [not found] <20071126031203.11847.39822.reportbug@itchy>
2007-11-26  3:25 ` Bug#452915: zsh segfaults when doing: export TERM=dumb; export TERM=xterm; export TERM=dumb Clint Adams
2007-11-26 10:20   ` Peter Stephenson

Code repositories for project(s) associated with this public inbox

	https://git.vuxu.org/mirror/zsh/

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).