Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > gnu.bash.bug > #15197
| From | Chet Ramey <chet.ramey@case.edu> |
|---|---|
| Newsgroups | gnu.bash.bug |
| Subject | Re: Segmentation fault in pat_subst |
| Date | 2019-07-21 18:56 -0400 |
| Organization | ITS, Case Western Reserve University |
| Message-ID | <mailman.1958.1563749803.2688.bug-bash@gnu.org> (permalink) |
| References | <20190720222300.GA13083@system76-pc.vc.shawcable.net> <f28d89b4-035f-134c-8184-fe5f019d7246@case.edu> |
On 7/20/19 6:23 PM, Eduardo A. Bustamante López wrote:
> Bash `devel' crashes under the following circumstances:
>
> | dualbus@system76-pc:/tmp/build-bash-devel$ CFLAGS='-O0 -ggdb' ~/src/gnu/bash/configure --with-bash-malloc
> | (...)
> | dualbus@system76-pc:/tmp/build-bash-devel$ make -j$(nproc)
> | (...)
> | dualbus@system76-pc:/tmp/build-bash-devel$ ./bash -c $'x=0; : ${x/#[0\xef\xbf\xbd\\Z[:]]}'
> | Segmentation fault (core dumped)
> I have been looking around but I don't understand what's going on. I can see
> that the value of `str' comes from `e', which in turn comes from
> `match_pattern', but it's not clear to me why this is happening.
Thanks for the report. Look at match_wpattern and consider what happens if
wmatchlen returns something longer than the string length. It will be fixed
for the next devel branch push.
Chet
--
``The lyf so short, the craft so long to lerne.'' - Chaucer
``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, UTech, CWRU chet@case.edu http://tiswww.cwru.edu/~chet/
Back to gnu.bash.bug | Previous | Next | Find similar | Unroll thread
Re: Segmentation fault in pat_subst Chet Ramey <chet.ramey@case.edu> - 2019-07-21 18:56 -0400
csiph-web