[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#13627: cut: Commit 06aeeec reintroduced SEG_FAULT

From: Jim Meyering
Subject: bug#13627: cut: Commit 06aeeec reintroduced SEG_FAULT
Date: Mon, 04 Feb 2013 18:13:31 +0100

Pádraig Brady wrote:

> On 02/04/2013 09:22 AM, Marcel Böhme wrote:
>>     Dear all,
>>     The current version of cut (after 6.12.2012) exposes a SEG_FAULT:
>>     $echo 123 | cut --output-del="." -b-1,999999999-
>>     How the commit introduces the bug:
>>     Earlier, memory of length eol_start_length was allocated for the array
>>     printable_field - if max_range_endpoint < eol_start_length. So the
>>     access at eol_start_length would succeed.
>>     Now, even if max_range_endpoint < eol_start_length, as long as
>>     max_range_endpoint > 0, just like before, memory of length
>>     max_range_endpoint is allocated for array printable_field which is
>>     accessed "out-of-bounds" at eol_start_length in line 534.
>>     Just for historical purposes:
>>     Commit 7380cf79 introduces a SEG_FAULT on large open-ended ranges:
>>     http://debbugs.gnu.org/7993.
>>     This bug was fixed in Commit 2e636af1which itself introduces a memory
>>     leak:
>>     https://lists.gnu.org/archive/html/bug-coreutils/2012-12/msg00017.html.
>>     This bug was fixed in Commit ec48bead which itself re-introduces the
>>     SEG_FAULT: reported here.
> Nice one!
> The attached should fix it.

Nice analysis.
The patch looks fine.  Thank you both!

reply via email to

[Prev in Thread] Current Thread [Next in Thread]