Subject: bin/2595: bc/dc core dump when outputting in bases other than 10
To: None <gnats-bugs@NetBSD.ORG>
From: Dave Huang <khym@bga.com>
List: netbsd-bugs
Date: 07/02/1996 04:35:56
>Number: 2595
>Category: bin
>Synopsis: bc/dc core dump when outputting in bases other than 10
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: bin-bug-people (Utility Bug People)
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Tue Jul 2 05:50:03 1996
>Last-Modified:
>Originator: Dave Huang
>Organization:
Name: Dave Huang | Mammal, mammal / their names are called /
INet: khym@bga.com | they raise a paw / the bat, the cat /
FurryMUCK: Dahan | dolphin and dog / koala bear and hog -- TMBG
Dahan: Hani G Y+C 20 Y++ L+++ W- C++ T++ A+ E+ S++ V++ F- Q+++ P+ B+ PA+ PL++
>Release: 1.2_ALPHA (NetBSD-current as of July 1, 1996)
>Environment:
System: NetBSD apm2-121.realtime.net 1.2_BETA NetBSD 1.2_BETA (SPIFF) #17: Thu Jun 27 19:47:22 CDT 1996 khym@dahan.metonymy.com:/usr/src/sys/arch/i386/compile/SPIFF i386
>Description:
dc and bc will dump core when printing integers if the output base is
set to something other than 10.
This is caused by t_num being freed at line 1345 of bc's number.c
without being previously allocated. t_num is only allocated if the
number to be printed has a fractional part.
>How-To-Repeat:
% dc
8o1p
Bus error (core dumped)
% bc
bc 1.03 (Nov 2, 1994)
Copyright (C) 1991, 1992, 1993, 1994 Free Software Foundation, Inc.
This is free software with ABSOLUTELY NO WARRANTY.
For details type `warranty'.
obase=8
print 1
Bus error (core dumped)
>Fix:
Either always allocate t_num, or don't free it if it wasn't allocated.
>Audit-Trail:
>Unformatted: