From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 25111 invoked by alias); 16 Feb 2015 12:57:58 -0000 Mailing-List: contact zsh-workers-help@zsh.org; run by ezmlm Precedence: bulk X-No-Archive: yes List-Id: Zsh Workers List List-Post: List-Help: X-Seq: 34552 Received: (qmail 24867 invoked from network); 16 Feb 2015 12:57:55 -0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on f.primenet.com.au X-Spam-Level: X-Spam-Status: No, score=-6.9 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_HI, SPF_HELO_PASS autolearn=ham version=3.3.2 X-AuditID: cbfec7f4-b7f126d000001e9a-a9-54e1e8be4c1b Date: Mon, 16 Feb 2015 12:57:49 +0000 From: Peter Stephenson To: zsh-workers@zsh.org Subject: Re: PATCH: Crash bug on garbage input (previously reported to Debian) Message-id: <20150216125749.7a26822c@pwslap01u.europe.root.pri> In-reply-to: <150215112622.ZM11584@torch.brasslantern.com> References: <150214102534.ZM4368@torch.brasslantern.com> <20150214214209.6d2f5e7e@ntlworld.com> <150215112622.ZM11584@torch.brasslantern.com> Organization: Samsung Cambridge Solution Centre X-Mailer: Claws Mail 3.7.9 (GTK+ 2.22.0; i386-redhat-linux-gnu) MIME-version: 1.0 Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7bit X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFlrOLMWRmVeSWpSXmKPExsVy+t/xa7r7XjwMMXhyxMLiYPNDJgdGj1UH PzAFMEZx2aSk5mSWpRbp2yVwZXz5uI+54CV3xdVja9gaGJdxdjFyckgImEhMa+9jhrDFJC7c W8/WxcjFISSwlFHi/+3r7BDOEiaJezefMEM42xglTm26zQ7SwiKgKtG6axsriM0mYCgxddNs RhBbREBc4uza8ywgtrCAv8SPq91g9bwC9hLfZm8Fq+EUsJI4svYk1LqJjBJPLraxgST4BfQl rv79xARxk73EzCtnGCGaBSV+TL4HNpRZQEti87YmVghbXmLzmrdgPwgJqEvcuLubfQKj0Cwk LbOQtMxC0rKAkXkVo2hqaXJBcVJ6rqFecWJucWleul5yfu4mRkjgftnBuPiY1SFGAQ5GJR7e DWEPQoRYE8uKK3MPMUpwMCuJ8DIefhgixJuSWFmVWpQfX1Sak1p8iJGJg1OqgbE0jX/Li8Mh TosCX/hZ7fwvxDjzl4vXq99nkopZS7c/2sRnWp64SFZ+6ddnp5LsJkqkNn76pf1FzSQpoClk sXhuIG/MLvvGE1GffmhlX9L/+W32+sDHF9RVKqdMEbgrYRN2XHXRhxkXbkeee8LYu4Jtrk7b /7cVqzO7I/i+GInI/Drlsqw9+4MSS3FGoqEWc1FxIgD1KCrDOgIAAA== On Sun, 15 Feb 2015 11:26:22 -0800 Bart Schaefer wrote: > torch% ${($((()$[(s: > braceparam mathsubst mathsubst> this ends up in the history)}})))} > Attempt to inungetc() at start of input. > zsh: Garbled input at \n (binary file as commands?) > zsh: parse error near `)' I see basically what's happening. Here's the simplest form --- and note that actually this isn't garbled input at all. % print $((echo foo mathsubst> ); echo bar) Attempt to inungetc() at start of input. zsh: Garbled input at \n (binary file as commands?) zsh: parse error near `)' We try to parse this as arithmetic, but we find out it isn't --- and we only find this out in the continuation line. Normally, when reading continuation lines we just forget the old line from the input, so we can't back up over it. Here, however, we need to back up to be able to parse again as a command string. The code for the lexer assumes we can do this but down below in the raw input layer we can't. It looks like we do allow newlines as whitespace in arithmetic, so I think we do need to allow the back up. That implies we somehow need to detect we're doing the tentative looking for math mode and if so add the new line as a continuation of the old one --- that's allowed by the input mechanism and I don't see why that wouldn't work here (largely because I haven't tried it yet). So it "only" remains working out where to detect this. This will need a test, too. pws