Segfault copying an emulated function outside of emulation

zsh-workers
 help / color / mirror / code / Atom feed

From: Matthew Martin <phy1729@gmail.com>
To: zsh-workers@zsh.org
Subject: Segfault copying an emulated function outside of emulation
Date: Thu, 9 Jun 2022 12:29:13 -0500	[thread overview]
Message-ID: <YqIt6R7CoRIgcY0/@CptOrmolo.darkstar> (raw)

ahmubashshir on IRC reported the following causes zsh to segfault

    zsh -c 'emulate sh -c "foo(){ :; }"; functions -c foo bar'

This seems to be because bin_functions calls sticky_emulation_dup with
sticky which is NULL outside of emulation. The below patch fixes the
segfault, but I can't claim to be terribly familiar with the code.


diff --git a/Src/builtin.c b/Src/builtin.c
index 1cef7cce8..4a220ccd7 100644
--- a/Src/builtin.c
+++ b/Src/builtin.c
@@ -3304,7 +3304,7 @@ bin_functions(char *name, char **argv, Options ops, int func)
 	if (newsh->redir)
 	    newsh->redir->nref++;
 	if (shf->sticky)
-	    newsh->sticky = sticky_emulation_dup(sticky, 0);
+	    newsh->sticky = sticky_emulation_dup(shf->sticky, 0);
 	shfunctab->addnode(shfunctab, ztrdup(argv[1]), &newsh->node);
 	return 0;
     }

next             reply	other threads:[~2022-06-09 17:30 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-06-09 17:29 Matthew Martin [this message]
2022-06-09 20:37 ` Bart Schaefer

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=YqIt6R7CoRIgcY0/@CptOrmolo.darkstar \
    --to=phy1729@gmail.com \
    --cc=zsh-workers@zsh.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

Code repositories for project(s) associated with this public inbox

	https://git.vuxu.org/mirror/zsh/

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).