[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug-readline] [PATCH] Fix sv_isrchterm (set isearch-terminators) to che
|
From: |
Sergio Durigan Junior |
|
Subject: |
[Bug-readline] [PATCH] Fix sv_isrchterm (set isearch-terminators) to check for NUL on the value string |
|
Date: |
Sat, 16 May 2015 23:26:58 -0400 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/24.4 (gnu/linux) |
Hi,
This has been reported on Debian:
<https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773891>
Although the report mentions a strange behavior when a certain comment
line is present in the inputrc file, the error happens because of
something else.
readline can segfault when processing 'set isearch-terminators'. This
happens because readline will try, on bind.c:sv_isrchterm, to find the
first occurence of a whitespace character on the value being processed,
in this snippet:
...
else
{
for (beg = end = 0; whitespace (v[end]) == 0; end++)
;
}
...
However, it is not checking to see if v[end] is not NUL, which leads to
a segmentation fault depending on what is on the stack when v gets
allocated. FWIW, I managed to reproduce the failure using the inputrc
file attached to this message.
The patch to fix this issue is trivial. It just checks to see if v[end]
is not NUL before proceeding with the whitespace check.
It seems that you are not using a ChangeLog file anymore, so I am
sending only the patch. Please let me know if I need to send anything
else.
Thanks,
--
Sergio
GPG key ID: 0x65FC5E36
Please send encrypted e-mail if possible
http://sergiodj.net/
diff --git a/bind.c b/bind.c
index 8acf4ac..0f098d7 100644
--- a/bind.c
+++ b/bind.c
@@ -1832,7 +1832,7 @@ sv_isrchterm (value)
}
else
{
- for (beg = end = 0; whitespace (v[end]) == 0; end++)
+ for (beg = end = 0; v[end] && whitespace (v[end]) == 0; end++)
;
}
inputrc_test
Description: Binary data
- [Bug-readline] [PATCH] Fix sv_isrchterm (set isearch-terminators) to check for NUL on the value string,
Sergio Durigan Junior <=