From: Thorsten Meinecke <kaefer@aglaia.snafu.de>
To: zsh-workers@math.gatech.edu
Subject: 2.6b11-t10: -fwritable-strings (and another completion bug)
Date: Mon, 23 Oct 1995 00:25:53 +0100 (MET) [thread overview]
Message-ID: <m0t79m5-00007BC@aglaia.snafu.DE> (raw)
Hi,
here's a patch for two bugs that were lurking in zle_tricky.c for quite
a while now. Both bugs caused SEGV core dumps occasionally when the
unsuspecting user requested completion.
1) COMPLETE_IN_WORD dumps core when completing reserved names
Fix from P.Stephenson, in: archive/latest/293
Peter had pointed out that the (gcc) flag `-fwritable-strings' isn't
the right approach and he had fixed the code instead.
If you don't want my second patch to go into baseline zsh, then at
least put his patch in, which still applies (with a little fuzz).
And please, remove `-fwritable-strings' from CFLAGS.
2) The code that detects if a completed filename is a directory, or
if a completed parameter's content refers to a directory (with
AUTO_PARAM_SLASH/GLOB_SUBST set), has arbitrary limits. Try comple-
tion on a parameter name with more than PATH_MAX chars in length.
Or try it (with AUTO_PARAM_SLASH on) when the parameter's content
is more than PATH_MAX in length: the buffer holding only PATH_MAX
chars will overflow and corrupt the stack.
I'm fixing that by ncalloc()'ing the buffer with a size sufficient
to hold the parameter, at least PATH_MAX chars. The expanded string,
although it may be longer, will then be truncated at PATH_MAX-1
chars. That shouldn't make any difference to stat().
Regards,
Thorsten
rcsdiff -qu4 -kk -r1.59 -r1.61 Src/zle_tricky.c
--- 1.59 1995/10/20 03:07:44
+++ Src/zle_tricky.c 1995/10/22 20:40:17
@@ -1391,9 +1391,9 @@
void
addmatch(char *s, char *t)
{
int test = 0, sl = strlen(s), pl = rpl, cc = 0, *bp, *ep;
- char sav = 0, *e = NULL, *tt, *te, *fc, **fm;
+ char *e = NULL, *tt, *te, *fc, **fm;
Comp cp = patcomp;
HashNode hn;
Param pm;
LinkList l = matches;
@@ -1522,18 +1522,16 @@
}
if (!test)
return;
- t = s += (ispattern ? 0 : pl);
- e += t - s;
- s = t;
-
- if (ispattern)
- e = NULL, sav = '\0';
- else {
- if ((sav = *e)) {
- *e = '\0';
- t = dupstring(t);
+ if (ispattern) {
+ t = s;
+ } else {
+ t = s += pl;
+ if (*e) {
+ sl = e - s;
+ t = s = dupstring(t);
+ s[sl] = '\0';
}
}
if (l == fmatches) {
@@ -1570,10 +1568,8 @@
if (l == fmatches)
fshortl = sl, fshortest = t;
else
shortl = sl, shortest = t;
- if (sav)
- *e = sav;
}
#ifdef HAVE_NIS
static int
@@ -3270,12 +3266,22 @@
/* There is no suffix, so we may add one. */
if (!(haswhat & HAS_MISC) || (parampre && isset(AUTOPARAMSLASH))) {
/* If we have only filenames or we completed a parameter name
and auto_param_slash is set, lets see if it is a directory. */
- char p[PATH_MAX], *ss;
+ char *p;
struct stat buf;
+ int len = strlen (str);
/* Build the path name. */
+ if (!ispattern || ic || parampre)
+ len += parampre ?
+ strlen (parampre) + strlen (lpre) + strlen (lsuf) :
+ strlen (fpre) + strlen (fsuf) + strlen (psuf) +
+ (ic ? 1 + strlen (ppre) :
+ (prpre && *prpre) ? strlen (prpre) : 2);
+
+ p = (char *) ncalloc (len >= PATH_MAX ? len + 1 : PATH_MAX);
+
if (ispattern || ic || parampre) {
int ne = noerrs;
noerrs = 1;
@@ -3291,18 +3297,19 @@
ppre, fpre, str, fsuf, psuf);
}
else
strcpy(p, str);
- ss = dupstring(p);
- tokenize(ss);
- singsub(&ss);
- strcpy(p, ss);
+ tokenize(p);
+ singsub(&p);
noerrs = ne;
} else
sprintf(p, "%s%s%s%s%s",
(prpre && *prpre) ? prpre : "./", fpre, str,
fsuf, psuf);
+
+ p[PATH_MAX-1] = '\0';
+
/* And do the stat. */
if (!ztat(p, &buf, 0) && (buf.st_mode & S_IFMT) == S_IFDIR) {
/* It is a directory, so prepare to add the slash and set
addedsuffix. */
next reply other threads:[~1995-10-22 23:30 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
1995-10-22 23:25 Thorsten Meinecke [this message]
1995-10-28 2:22 ` Zoltan Hidvegi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=m0t79m5-00007BC@aglaia.snafu.DE \
--to=kaefer@aglaia.snafu.de \
--cc=zsh-workers@math.gatech.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/zsh/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).