From: Andrew Waldron <a.a.w@gmx.us>
To: zsh workers <zsh-workers@zsh.org>
Subject: SegFault in stringsubst
Date: Wed, 16 Apr 2014 14:46:12 +1000 [thread overview]
Message-ID: <20140416044612.GB24565@ewok> (raw)
Hi workers,
I'm getting a segfault in stringsubst when using process substitution
with anonymous functions.
I tried this with 5.0.5 and the head of git:
"() (print $1) <(:)" segfaults
"() {print $1} <(:)" works correctly.
There is also a segfault if you accidentally use process substitution
for a function name:
"function <(:) print" segfaults
"function <(:) {:}" does not segfault.
The segfault is on "restlen = strlen(rest);" when rest is uninitialised.
I made the changes below and it seemed to fix the issue.
Hope this helps,
Andrew.
diff --git a/Src/exec.c b/Src/exec.c
index f16cfd3..bf784bc 100644
--- a/Src/exec.c
+++ b/Src/exec.c
@@ -3867,8 +3867,10 @@ getoutputfile(char *cmd, char **eptr)
int fd;
char *s;
- if (thisjob == -1)
+ if (thisjob == -1){
+ zerr("process substitution %s cannot be used here", cmd);
return NULL;
+ }
if (!(prog = parsecmd(cmd, eptr)))
return NULL;
if (!(nam = gettempname(NULL, 0)))
@@ -3939,11 +3941,13 @@ namedpipe(void)
char *tnam = gettempname(NULL, 1);
# ifdef HAVE_MKFIFO
- if (mkfifo(tnam, 0600) < 0)
+ if (mkfifo(tnam, 0600) < 0){
# else
- if (mknod(tnam, 0010600, 0) < 0)
+ if (mknod(tnam, 0010600, 0) < 0){
# endif
+ zerr("failed to create named pipe: %s, %e", tnam, errno);
return NULL;
+ }
return tnam;
}
#endif /* ! PATH_DEV_FD && HAVE_FIFOS */
@@ -3966,9 +3970,10 @@ getproc(char *cmd, char **eptr)
#ifndef PATH_DEV_FD
int fd;
-
- if (thisjob == -1)
+ if (thisjob == -1) {
+ zerr("process substitution %s cannot be used here", cmd);
return NULL;
+ }
if (!(pnam = namedpipe()))
return NULL;
if (!(prog = parsecmd(cmd, eptr)))
@@ -3993,8 +3998,10 @@ getproc(char *cmd, char **eptr)
#else /* PATH_DEV_FD */
int pipes[2], fd;
- if (thisjob == -1)
+ if (thisjob == -1) {
+ zerr("process substitution %s cannot be used here", cmd);
return NULL;
+ }
pnam = hcalloc(strlen(PATH_DEV_FD) + 6);
if (!(prog = parsecmd(cmd, eptr)))
return NULL;
diff --git a/Src/parse.c b/Src/parse.c
index f0d0855..530a070 100644
--- a/Src/parse.c
+++ b/Src/parse.c
@@ -1471,7 +1471,6 @@ par_funcdef(int *complex)
if (num == 0) {
/* Anonymous function, possibly with arguments */
incmdpos = 0;
- *complex = 1;
}
zshlex();
} else if (unset(SHORTLOOPS)) {
@@ -1503,6 +1502,7 @@ par_funcdef(int *complex)
num++;
zshlex();
}
+ *complex = (num > 0);
ecbuf[parg] = ecused - parg; /*?*/
ecbuf[parg+1] = num;
}
@@ -1736,7 +1736,6 @@ par_simple(int *complex, int nr)
if (argc == 0) {
/* Anonymous function, possibly with arguments */
incmdpos = 0;
- *complex = 1;
}
zshlex();
} else {
@@ -1776,6 +1775,7 @@ par_simple(int *complex, int nr)
argc++;
zshlex();
}
+ *complex = (argc > 0);
ecbuf[parg] = ecused - parg; /*?*/
ecbuf[parg+1] = argc;
}
diff --git a/Src/subst.c b/Src/subst.c
index cc5df3f..4713502 100644
--- a/Src/subst.c
+++ b/Src/subst.c
@@ -169,7 +169,7 @@ stringsubst(LinkList list, LinkNode node, int pf_flags, int asssub)
if (errflag)
return NULL;
if (!subst)
- subst = "";
+ rest = subst = "";
sublen = strlen(subst);
restlen = strlen(rest);
diff --git a/Test/C04funcdef.ztst b/Test/C04funcdef.ztst
index 706aa28..a266031 100644
--- a/Test/C04funcdef.ztst
+++ b/Test/C04funcdef.ztst
@@ -208,6 +208,11 @@
>Da de da
>Do be do
+ () (cat $1 $2) <(print process expanded) =(print expanded to file)
+0:Process substitution with anonymous functions
+>process expanded
+>expanded to file
+
() { print This has arguments $*; } of all sorts; print After the function
function { print More stuff $*; } and why not; print Yet more
0:Anonymous function with arguments
next reply other threads:[~2014-04-16 4:51 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-04-16 4:46 Andrew Waldron [this message]
2014-04-16 5:15 ` Bart Schaefer
2014-04-16 6:19 ` Andrew Waldron
2014-04-16 16:13 ` Bart Schaefer
2014-04-17 8:58 ` Peter Stephenson
2014-04-17 18:42 ` Bart Schaefer
2014-04-18 16:03 ` Andrew Waldron
2014-04-18 17:02 ` Bart Schaefer
2014-04-19 17:54 ` Bart Schaefer
2014-04-20 18:00 ` Sanity of lastval ($?) in for/select loops Bart Schaefer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140416044612.GB24565@ewok \
--to=a.a.w@gmx.us \
--cc=zsh-workers@zsh.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/zsh/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).