Source-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: src/bin/sh
Module Name: src
Committed By: kre
Date: Sat Aug 3 01:13:10 UTC 2024
Modified Files:
src/bin/sh: histedit.c
Log Message:
Fix a very old core dump causing bug found by RVP in the history code.
That is, truly very old - it is in rev 1.1 from 1994 (and so is probably
even older than that).
If one uses the (very rarely used)
fc -s string=otherstring
builtin command, to rerun the previous command (or with additional args,
any other command) after replacing the first instance of "string" in that
command with "otherstring" and the resulting command line just happens to
be a length that is a multiple of the shell's memory allocation alignment
constant, then the \0 string terminator that is appended to the result
to mark its end stood a very small chance (in 1994 probably no chance at all,
but made considerably more likely in 1999 when other changes were made -
certain in the right circumstances) of being destroyed by other sh memory
allocation before the string was finished being used.
The fix (also suggested by RVP) is to make that \0 an actual part of
the allocated result string, rather than an extra byte tacked on the
end of it -- in itself, doing the latter is common in sh, and not at all
improper, sometimes even required, but only when the string as a string
will be consumed before more (shell) stack memory allocation is performed.
It 1994 it would have been. Since 1999, it isn't.
The 1999 change is going to be undone in a later commit, but this one
is simpler to pull up to earlier releases, and probably the right thing
to do anyway, even if not strictly essential.
XXX pullup -9, -10 (and everything back to 1.5 - it looks as if 1.4 is OK).
To generate a diff of this commit:
cvs rdiff -u -r1.71 -r1.72 src/bin/sh/histedit.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Home |
Main Index |
Thread Index |
Old Index