[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: AddressSanitizer: heap-use-after-free on (...) in rl_do_undo ../../.
From: |
Chet Ramey |
Subject: |
Re: AddressSanitizer: heap-use-after-free on (...) in rl_do_undo ../../../bash-devel/lib/readline/undo.c:188 |
Date: |
Tue, 12 Feb 2019 16:20:03 -0500 |
User-agent: |
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:60.0) Gecko/20100101 Thunderbird/60.5.0 |
On 2/6/19 12:14 PM, Eduardo A. Bustamante López wrote:
> I found another issue in rl_do_undo, but I haven't been successful in
> figuring out how it happens.
The command string calls execute-last-kbd-macro as part of a macro
definition. The internal abort turns off the defining-macro state without
completely cleaning up the in-progress macro definition, which leads to
an attempt to execute the ill-formed macro recursively. This leads to
memory corruption.
Chet
--
``The lyf so short, the craft so long to lerne.'' - Chaucer
``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, UTech, CWRU chet@case.edu http://tiswww.cwru.edu/~chet/