Zsh Mailing List Archive
Messages sorted by: Reverse Date, Date, Thread, Author

Re: 4.1.1: three bugs?

On Tue, Jul 29, 2003 at 09:45:54AM +0200, GoTaR wrote:
> ~: zsh
> ~: slfj zxc ewtg lkjlk
>             ^move cursor here and press alt-d

A second (separate) word-delete is needed to get the code to fail, so
I typed ctrl-y, alt-b, alt-d after this.

> ~: slfj zxc  lkjlk
>                   ^move cursor here and press twice alt-y
> ~: slfj zxc  lkjlkzsh: segmentation fault  zsh

Cause: the first alt-y is considered a yank command, even though it
fails.  Thus, the second alt-y can slip by the sanity check at the start
of the yankpop() function, and if "kctbuf" is NULL (as it is if there
was no ctrl-y ever performed), zsh crashes.

The following patch fixes this:

--- Src/Zle/zle_misc.c	27 Feb 2003 11:32:53 -0000	1.8
+++ Src/Zle/zle_misc.c	29 Jul 2003 09:36:12 -0000
@@ -372,8 +372,10 @@
     int cc, kctstart = kct;
     Cutbuffer buf;
-    if (!(lastcmd & ZLE_YANK) || !kring)
+    if (!(lastcmd & ZLE_YANK) || !kring || !kctbuf) {
+	kctbuf = NULL;
 	return 1;
+    }
     do {
 	 * This is supposed to make the yankpop loop

Setting kctbuf to NULL on failure prevents the user from getting a
yanked value out of two consecutive alt-y keystrokes in the case where a
ctrl-y was performed at some point in the past (but not immediately
prior to the alt-y).

I'll commit this to CVS.


Messages sorted by: Reverse Date, Date, Thread, Author