bug-gnu-utils
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: grep segfault

From: Martin Bays
Subject: Re: grep segfault
Date: Tue, 2 Sep 2003 12:12:24 +0000 (GMT) 
On Mon, 1 Sep 2003, Stepan Kasal wrote:

> Hello,
>       thank you for your bug report.
>
> On Sun, Aug 31, 2003 at 12:33:05PM +0000, Martin Bays wrote:
> > I seem to have found a segfault bug in grep, version 2.5, using -P.
> > echo | grep -P '\n'
> >
> > Note that this is a version of grep from at least 9 months ago or so - I
> > tried the CVS version and the 2.5.1 src.rpm, but I got "The -P option is
> > not supported" from both.
>
> The -P option is implemented by linking the binary to the pcre package
> (Perl-compatible Regular Expressions).
> Al I can tell from the info you gave me is that you have some problems
> with pcre.
>
> To compile grep with the perl regex option, the configure script has to be
> able to autodetect the pcre library.
>
> In order to track the bug, you should upgrade also the pcre library to the
> latest version and recompile grep 2.5.1 or the CVS version of grep against
> it.
>
> Yours,
>       Stepan
>

Well I'm pretty sure I've tracked down the problem, but I'm not sure what
to do about it. The following is based on the source from
grep-2.5.1.src.rpm, and pcre-4.4. I've had a peek at the CVS grep, and
nothing relevant seems to have changed.

It looks like the problem occurs when the final newline in the buffer is
matched by the pattern. Then we have in Pexecute() (in search.c), that
(buflim == end), and so the call to memchr looking for the next newline -

        end = memchr (end, eol, buflim - end);

sets end to 0 (when it should be 134590466 or so). Obviously that's going
to lead to a segfault sooner or later. A quick-fix would be to test for
(end==0) (or perhaps (end<beg)) and abort if so.

But I'm not sure what *should* happen. Are we meant to be able to match
the final newline? Should we even be in multi-line mode at all (as set in
flags at the start of Pcompile()), given that as far as I can tell all
matchers except -P are single-line only?

I don't know, but hopefully this will be of use to someone (perhaps
yourself?) who does.

i.e. HTH,

Martin
reply via email to
[Prev in Thread] Current Thread [Next in Thread]