[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
fc -s ""="" "" segfaults in strsub()
From: |
Timo Lindfors |
Subject: |
fc -s ""="" "" segfaults in strsub() |
Date: |
Mon, 03 Sep 2007 10:02:19 +0300 |
User-agent: |
Gnus/5.110006 (No Gnus v0.6) Emacs/21.4 (gnu/linux) |
Configuration Information [Automatically generated, do not change]:
Machine: i486
OS: linux-gnu
Compiler: gcc
Compilation CFLAGS: -DPROGRAM='bash' -DCONF_HOSTTYPE='i486'
-DCONF_OSTYPE='linux-gnu' -DCONF_MACHTYPE='i486-pc-linux-gnu'
-DCONF_VENDOR='pc' -DLOCALEDIR='/usr/share/
locale' -DPACKAGE='bash' -DSHELL -DHAVE_CONFIG_H -I. -I../bash
-I../bash/include -I../bash/lib -g -O2
uname output: Linux sauna 2.6.18-4-k7 #1 SMP Wed May 9 23:42:01 UTC 2007 i686
GNU/Linux
Machine Type: i486-pc-linux-gnu
Bash Version: 3.1
Patch Level: 17
Release Status: release
Description:
Bash segfaults with the above command. GDB shows that the segfault
happens in strsub(). I noticed this problem when I ran the saturn
static analysis program ( http://saturn.stanford.edu/ ) against bash
source code and it reported
stringlib.c:173:red:Intraprocedural Null error
stringlib.c:173:Possible NULL dereference of temp+templen
Repeat-By:
fc -s ""="" ""
Fix:
I don't know what the behavior of strsub() should be when both pat and
rep are empty strings. Maybe it should just exit without doing any
changes to the string?
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- fc -s ""="" "" segfaults in strsub(),
Timo Lindfors <=