Re: [PATCH] don't read-uninitialized for \177 in a here-doc

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


Jim Meyering wrote:

> It was indeed a bug in dash.
> I tracked it down and wrote the patch below:
>
>>From 53924ce6da7fece91e57b7238e6aa81a4df636a5 Mon Sep 17 00:00:00 2001
> From: Jim Meyering <meyering@xxxxxxxxxx>
> Date: Mon, 28 Sep 2009 11:00:05 +0200
> Subject: [PATCH] don't read-uninitialized for \177 in a here-doc
>
> A DEL (0177, dec 127) byte in a here-document would cause dash to
> access uninitialized memory at the end of one of the syntax.c tables,
> since those tables are sized to accommodate a maximum index of
> BASESYNTAX + 126.  Make the generated tables one byte larger.
> printf ':<<\\E\n\200y\nE'|./dash

More details:

The above command fails as follows on certain systems, but not on others:

    albeniz/sid$ printf ':<<\\E\n\177y\nE'|dash
    dash: y: not found
    dash: E: not found

If you want to simulate the failure consistently, simply enlarge
the sqsyntax table by one and make the last entry anything other
than CWORD.  Use "11" (CEOF) and it'll evoke the symptoms shown above.
--
To unsubscribe from this list: send the line "unsubscribe dash" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[LARTC]     [Bugtraq]     [Yosemite Forum]     [Photo]

Powered by Linux