From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <zsh-workers-return-26603-mason-zsh=primenet.com.au@sunsite.dk>
Received: (qmail 8492 invoked from network); 25 Feb 2009 11:39:50 -0000
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on f.primenet.com.au
X-Spam-Level: 
X-Spam-Status: No, score=-1.2 required=5.0 tests=BAYES_00,PLING_QUERY
	autolearn=no version=3.2.5
Received: from news.dotsrc.org (HELO a.mx.sunsite.dk) (130.225.247.88)
  by ns1.primenet.com.au with SMTP; 25 Feb 2009 11:39:50 -0000
Received-SPF: none (ns1.primenet.com.au: domain at sunsite.dk does not designate permitted sender hosts)
Received: (qmail 91178 invoked from network); 25 Feb 2009 11:39:45 -0000
Received: from sunsite.dk (130.225.247.90)
  by a.mx.sunsite.dk with SMTP; 25 Feb 2009 11:39:45 -0000
Received: (qmail 6125 invoked by alias); 25 Feb 2009 11:39:40 -0000
Mailing-List: contact zsh-workers-help@sunsite.dk; run by ezmlm
Precedence: bulk
X-No-Archive: yes
X-Seq: 26603
Received: (qmail 6112 invoked from network); 25 Feb 2009 11:39:39 -0000
Received: from bifrost.dotsrc.org (130.225.254.106)
  by sunsite.dk with SMTP; 25 Feb 2009 11:39:39 -0000
Received: from mail-fx0-f166.google.com (mail-fx0-f166.google.com [209.85.220.166])
	by bifrost.dotsrc.org (Postfix) with ESMTP id D69608058F83
	for <zsh-workers@sunsite.dk>; Wed, 25 Feb 2009 12:39:36 +0100 (CET)
Received: by fxm10 with SMTP id 10so5225176fxm.21
        for <zsh-workers@sunsite.dk>; Wed, 25 Feb 2009 03:39:36 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=gamma;
        h=domainkey-signature:mime-version:received:in-reply-to:references
         :date:message-id:subject:from:to:cc:content-type
         :content-transfer-encoding;
        bh=1Nqm0/PpPWWNVP6hpVDS9PjeVBkszxRLlsHvkkCt6/0=;
        b=XOvFiJdImmUyjiyn2QWX3U1MXvwVCnLrgAgjlFDfQBi1JW3bnyAX5lfjiIOCf6LsdJ
         7dwsBLVN7mOfC5RHmPz+NbSfTWESVtV9TaAcq0e+uC5NB2kmJxN0eycUYmwSAQ/iZ4mA
         SLkbfEmcGWAyUi9l0MM+JU9zvQUX2hluw6TMg=
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=gmail.com; s=gamma;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :cc:content-type:content-transfer-encoding;
        b=pv8E1bwHuwNLJUM69TCych+4CHx2GzHgWoxteOjmq6+LG3col8eey3T28ON47Ughjx
         3+WELWLmd+jq6NDWJidvszW290q0C/t+mf6oL1npFqNQW8A2YLsNBmgOdMhpndlop45T
         aWp0RDBcdamfGxOmhobbw/cHKuBkPqM+n76o0=
MIME-Version: 1.0
Received: by 10.181.199.11 with SMTP id b11mr6248bkq.127.1235561976250; Wed, 
	25 Feb 2009 03:39:36 -0800 (PST)
In-Reply-To: <20090225102603.089bc856@news01>
References: <8fa12ca90902250142s171605bekd87885e3dbc5c4a6@mail.gmail.com>
	 <20090225102603.089bc856@news01>
Date: Wed, 25 Feb 2009 13:39:36 +0200
Message-ID: <8fa12ca90902250339n10d7ee9qecd03b0097b3d9a5@mail.gmail.com>
Subject: Re: Buffer overflow in "!" handling?
From: DragonK <dragonk@gmail.com>
To: Peter Stephenson <pws@csr.com>
Cc: zsh-workers@sunsite.dk
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
X-Virus-Scanned: ClamAV 0.92.1/9047/Wed Feb 25 11:59:41 2009 on bifrost
X-Virus-Status: Clean

>
> You're right, that's nasty. =A0See if you can get it to happen with this.=
..
>

I've applied the patch and it seems to work now; as far as I
understand from the comments in mem.c, memory allocated with zhalloc()
doesn't need to be explicitly free()d, right?