From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 188 invoked by alias); 7 Feb 2012 18:45:58 -0000 Mailing-List: contact zsh-workers-help@zsh.org; run by ezmlm Precedence: bulk X-No-Archive: yes List-Id: Zsh Workers List List-Post: List-Help: X-Seq: 30187 Received: (qmail 25930 invoked from network); 7 Feb 2012 18:45:57 -0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on f.primenet.com.au X-Spam-Level: X-Spam-Status: No, score=-1.6 required=5.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED, DKIM_SIGNED,FREEMAIL_FROM,NML_ADSP_CUSTOM_MED,RCVD_IN_DNSWL_LOW, T_DKIM_INVALID,T_TO_NO_BRKTS_FREEMAIL autolearn=no version=3.3.2 Received-SPF: pass (ns1.primenet.com.au: SPF record at _spf.google.com designates 209.85.212.171 as permitted sender) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=content-type:to:subject:date:mime-version:from:message-id :user-agent; bh=1Ta8x/pTrWV2bfRJggQe2WcPZXOqPyfdnSPopzjSwtw=; b=Durw22OvNP8PRuc223y5ZR9PVi+wLPeDJ3mkPExB/9AAYBDb6B0QBybOJ3uvd/dsXZ zKFYqM7oQw1thV4w5DUGCbTgMMXkNO6LcIeOHtJ1jX7XH4IJFDeMjbBUiQl7UFGo1mhi dZUYGTDH6d7nQJpcvCv5hQbKxq6l1i9WHIXj0= Content-Type: multipart/mixed; boundary=----------Ccsxqe6lbQ8r7HzhUYQqyL To: zsh-workers@zsh.org Subject: [PATCH] GNU canonicalize_file_name can return a NULL pointer Date: Tue, 07 Feb 2012 19:45:48 +0100 MIME-Version: 1.0 From: "Timothy Redaelli" Message-ID: User-Agent: Opera Mail/11.61 (Linux) ------------Ccsxqe6lbQ8r7HzhUYQqyL Content-Type: text/plain; charset=utf-8; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Hi, In Src/hist.c on line 1668 there is a NULL pointer dereference because GNU canonicalize_file_name returns NULL on some errors. In attachment you will find a small patch that fixes that bug. If you want to reproduce it you can do (under GNU/Linux) a simple: zsh -c 'a=(a /b) ; echo ${a:A}' Thanks ------------Ccsxqe6lbQ8r7HzhUYQqyL Content-Disposition: attachment; filename*0="0001-GNU-canonicalize_file_name-can-retu"; filename*1="rn-a-NULL-pointer.patch" Content-Type: application/octet-stream; name*0="0001-GNU-canonicalize_file_name-can-retu"; name*1="rn-a-NULL-pointer.patch" Content-Transfer-Encoding: Base64 RnJvbSBjZDEwN2VkMWMzY2M2MzhmMGQ2OTk1MTZiNTQ0MTI4ZDFiMWM3ZjFkIE1v biBTZXAgMTcgMDA6MDA6MDAgMjAwMQpGcm9tOiBUaW1vdGh5IFJlZGFlbGxpIDx0 aW1vdGh5LnJlZGFlbGxpQGdtYWlsLmNvbT4KRGF0ZTogVHVlLCA3IEZlYiAyMDEy IDE5OjM2OjQyICswMTAwClN1YmplY3Q6IFtQQVRDSF0gR05VIGNhbm9uaWNhbGl6 ZV9maWxlX25hbWUgY2FuIHJldHVybiBhIE5VTEwgcG9pbnRlci4KCi0tLQogU3Jj L2hpc3QuYyB8ICAgIDUgKysrKysKIDEgZmlsZXMgY2hhbmdlZCwgNSBpbnNlcnRp b25zKCspLCAwIGRlbGV0aW9ucygtKQoKZGlmZiAtLWdpdCBhL1NyYy9oaXN0LmMg Yi9TcmMvaGlzdC5jCmluZGV4IGFlYjZlZGQuLjRkNTIyZGQgMTAwNjQ0Ci0tLSBh L1NyYy9oaXN0LmMKKysrIGIvU3JjL2hpc3QuYwpAQCAtMTY2NCw2ICsxNjY0LDEx IEBAIGNocmVhbHBhdGgoY2hhciAqKmp1bmtwdHIpCiAJICAgIGVycm5vID09IEVO QU1FVE9PTE9ORyB8fCBlcnJubyA9PSBFTk9NRU0pCiAJICAgIHJldHVybiAwOwog CisjaWZkZWYgSEFWRV9DQU5PTklDQUxJWkVfRklMRV9OQU1FCisJaWYgKCFyZWFs KQorCSAgICByZXR1cm4gMDsKKyNlbmRpZgorCiAJaWYgKG5vbnJlYWwgPT0gKmp1 bmtwdHIpIHsKIAkgICAgKnJlYWwgPSAnXDAnOwogCSAgICBicmVhazsKLS0gCjEu Ny45Cgo= ------------Ccsxqe6lbQ8r7HzhUYQqyL--