Re: Zsh parser malloc corruption

[Peter Stephenson <p.stephenson@xxxxxxxxxxx>]

On Tue, 9 May 2017 23:21:41 -0700
Bart Schaefer <schaefer@xxxxxxxxxxxxxxxx> wrote:
> PWS, I'm going to ask you to please look at this after all, because it
> seems to be related to 
> 
>     36682: expand pattern interface to optimise unmetafication
> 
> Valgrind says:
> 
> ==19116== Invalid write of size 1
> ==19116==    at 0x4A2E0D: patcompile (pattern.c:679)

Doesn't seem easy to reproduce --- probably due to malloc library
variabilities and/or uninitialised memory --- but when I managed to get
it to happen it reported an error a few lines earlier.

Does the following help?  I think it's needed in any case --- we can't
use strcpy() on unmetafied strings as they are there partly to allow us
to treat embedded nulls as normal characters.  It's also pointless
and inconsistent testing for a NULL termination in a function with the
length passed in.

pws

diff --git a/Src/string.c b/Src/string.c
index a8da14f..9e14ef9 100644
--- a/Src/string.c
+++ b/Src/string.c
@@ -52,7 +52,8 @@ dupstring_wlen(const char *s, unsigned len)
     if (!s)
 	return NULL;
     t = (char *) zhalloc(len + 1);
-    strcpy(t, s);
+    memcpy(t, s, len);
+    t[len] = '\0';
     return t;
 }