From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 10170 invoked by alias); 27 Mar 2011 11:37:07 -0000 Mailing-List: contact zsh-workers-help@zsh.org; run by ezmlm Precedence: bulk X-No-Archive: yes List-Id: Zsh Workers List List-Post: List-Help: X-Seq: 28941 Received: (qmail 20770 invoked from network); 27 Mar 2011 11:37:05 -0000 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on f.primenet.com.au X-Spam-Level: X-Spam-Status: No, score=-2.7 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.1 Received-SPF: pass (ns1.primenet.com.au: SPF record at _spf.google.com designates 209.85.212.43 as permitted sender) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:date :message-id:subject:from:to:content-type:content-transfer-encoding; bh=s5jycFar0XQ0i305ewKSUytORDDbNxDbBHU1YmZ2tG0=; b=uRMD61brWTL7SLZ5+lJnmGqkiTOLK6C8sKZUjBr0sQDnvSrWcZ7sk0Quo7tkIBNoiB /Nblhq7FvckPHyx7IU5KlzYRWiw5QwN0q3kzAuQzF5b8zUgnS96CEIPF6PzoC4w3E8dU UF7mrUDxmybh8JkP3iAwqu87fsBokNNu0mM8w= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; b=m8W7yzWfI6rZ+cWGJli3Z1B4Lvj+0WggJpkWHXbyhpINZSBIjxQJhgYAQf3nps6WWA BU52f9y2uyf2t+oK3GFIg9pDOFJ/BcDRRXv0sAOUJC23QbvWM+JbxASNC4n9p3gm8tuR RkyCIC2uYlH+1UUpJ/5gdEySSQi+5NycBy9RI= MIME-Version: 1.0 In-Reply-To: References: Date: Sun, 27 Mar 2011 13:37:01 +0200 Message-ID: Subject: Re: crash/memory corruption when completing dynamic named directory From: Mikael Magnusson To: zsh workers Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On 27 March 2011 13:32, Mikael Magnusson wrote: > 2011/3/26 Benjamin R. Haskell : >> On Sat, 26 Mar 2011, Johan Sundstr=C3=B6m wrote: >> >>> On Sat, Mar 26, 2011 at 05:54, Mikael Magnusson wrote: >>> >>>> I can't reproduce this in zsh -f yet, all that happens is that the >>>> completion just fails quietly without doing anything. >>>> % echo =E3=83=8D=E3=83=8D=E3=83=8D=E3=83=8D=E3=83=8D ~[ >>>> results in >>>> % echo ~[ >>>> >>>> any idea what could be wrong or what I can try to narrow it down? >> >> The problem is that the string of 'ne's is being unmetafy'ed when it >> shouldn't be. I don't know where. But that's what's happening. > > calling stringaszleline with zlemetaline only occurs in one other > place: unmetafy_line :). > > pws, afaict, only the first little bit of zlemetaline is needed for > this, ie the outcs calculation. Would it be okay to split this out to > a separate function and call that from get_cursor and stringaszleline? > Otherwise we have to copy zlemetaline first and then run > stringaszleline, and discard all that work, which seems silly. Or does > outcs actually depend on the conversion too? There's a comment that > suggests it doesn't, but there are some assignments to it further > down. Here's a patch for copying the string and doing all the work, which I've confirmed fixes the issue. diff --git a/Src/Zle/zle_params.c b/Src/Zle/zle_params.c index 98091b2..2c35874 100644 --- a/Src/Zle/zle_params.c +++ b/Src/Zle/zle_params.c @@ -233,8 +233,10 @@ get_cursor(UNUSED(Param pm)) /* A lot of work for one number, but still... */ ZLE_STRING_T tmpline; int tmpcs, tmpll, tmpsz; - tmpline =3D stringaszleline(zlemetaline, zlemetacs, + char *tmpmetaline =3D ztrdup(zlemetaline); + tmpline =3D stringaszleline(tmpmetaline, zlemetacs, &tmpll, &tmpsz, &tmpcs); + free(tmpmetaline); free(tmpline); return tmpcs; } --=20 Mikael Magnusson