Zsh Mailing List Archive Messages sorted by: Reverse Date, Date, Thread, Author

Re: segfault via completion menu

X-seq: zsh-workers 44361
From: Peter Stephenson <p.w.stephenson@xxxxxxxxxxxx>
To: zsh-workers@xxxxxxx
Subject: Re: segfault via completion menu
Date: Fri, 24 May 2019 23:34:39 +0100
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ntlworld.com; s=meg.feb2017; t=1558737280; bh=gVKmp3zqA8E6j3u2eI0CC2yl0Gp8qPentW1N+3DPm1I=; h=Subject:From:To:Date:In-Reply-To:References; b=3puESP6C3tZPCYigB87LPSxAaQhnwStSi1Iwtea9RspVNypVSlpfUi5ARumxIojwI PVCuh3Ytzj9zLNdNgyuJXbNXbY9EEUUyOI7DNyMEE+ucUIKt+cHD4BGeuAY1UsVzSr amPbe+6YVCe4BlYzfPzRW2z158bOwGFUMM0aNimkMndeJpMFoQbmE1+/TJSMr0Sbeq B9M+ZSS4u1OjUjlW4XHoBHkCBw1s7xi2xlEPJlXhBBZ5pevroKeK+04Bf5kUcsWLU6 pSAe/3jb8CWeGSwisDN6IadA04ZtkhbxJH2V5tZ7p0h1zkxMIeSEmTH4/q7Jm+j8kK 7iuRVVVcm2upg==
In-reply-to: <1558629258.12004.5.camel@samsung.com>
List-help: <mailto:zsh-workers-help@zsh.org>
List-id: Zsh Workers List <zsh-workers.zsh.org>
List-post: <mailto:zsh-workers@zsh.org>
List-unsubscribe: <mailto:zsh-workers-unsubscribe@zsh.org>
Mailing-list: contact zsh-workers-help@xxxxxxx; run by ezmlm
References: <CAEpdsiaGRHHZMnV1Aq7+9wwZpE3qH9dV4c-jVfTxMRO810TyHg@mail.gmail.com> <92606-1558385755.382793@sll5.5oha.0as1> <90e15b90-14bb-4ef0-9aef-cc15c0fa0935@www.fastmail.com> <CGME20190521222035epcas2p295fe9ea74a0ef2c74752ee1c6ecf5351@epcas2p2.samsung.com> <CAH+w=7Z2yT_SeyjE=ObXJw-yFW71rfSn3iv+WqvcmX6VLJY1-A@mail.gmail.com> <1558514961.5043.7.camel@samsung.com> <1558629258.12004.5.camel@samsung.com>

On Thu, 2019-05-23 at 17:34 +0100, Peter Stephenson wrote:
> On Wed, 2019-05-22 at 09:49 +0100, Peter Stephenson wrote:
> > On Tue, 2019-05-21 at 15:19 -0700, Bart Schaefer wrote:
> > It'll be something in the prog passed into pattry() from evalcond() and
> > I'm guesing in this case the pprog in that function came from
> > stat->prog->pats[npat] so was fished out of the existing programme
> > rather than compiled locally.
> 
> If so, something in the following assumptions is being violated, but I
> can't see what from looking at the code.

Alternatively, there could be some internal state in the pattern
matching left over in the case of an error return --- there are
variables that are intended to be used in recursive matching but
currently aren't explicity initialised at the start of matching.  It's
not clear how that could happen, but it would be safest anyway to
sanitise always on entry.

pws

diff --git a/Src/pattern.c b/Src/pattern.c
index 737f5cdcb..3d30b013c 100644
--- a/Src/pattern.c
+++ b/Src/pattern.c
@@ -2030,6 +2030,16 @@ int errsfound;				/* Total error count so far */
 /**/
 int forceerrs;				/* Forced maximum error count */
 
+/*
+ * exactpos is used to remember how far down an exact string we have
+ * matched, if we are doing approximation and can therefore redo from
+ * the same point; we never need to otherwise.
+ *
+ * exactend is a pointer to the end of the string, which isn't
+ * null-terminated.
+ */
+static char *exactpos, *exactend;
+
 /**/
 void
 pattrystart(void)
@@ -2463,6 +2473,8 @@ pattryrefs(Patprog prog, char *string, int stringlen, int unmetalenin,
 
 	patinput = patinstart;
 
+	exactpos = exactend = NULL;
+	/* The only external call to patmatch --- all others are recursive */
 	if (patmatch((Upat)progstr)) {
 	    /*
 	     * we were lazy and didn't save the globflags if an exclusion
@@ -2652,16 +2664,6 @@ patmatchlen(void)
 #define CHARMATCH_EXPR(expr, chpa) \
 	(charmatch_cache = (expr), CHARMATCH(charmatch_cache, chpa))
 
-/*
- * exactpos is used to remember how far down an exact string we have
- * matched, if we are doing approximation and can therefore redo from
- * the same point; we never need to otherwise.
- *
- * exactend is a pointer to the end of the string, which isn't
- * null-terminated.
- */
-static char *exactpos, *exactend;
-
 /*
  * Main matching routine.
  *

Follow-Ups:
- Re: segfault via completion menu
  - From: Wesley Schwengle

References:
- segfault via completion menu
  - From: Wesley Schwengle
- Re: segfault via completion menu
  - From: Oliver Kiddle
- Re: segfault via completion menu
  - From: Daniel Shahaf
- Re: segfault via completion menu
  - From: Bart Schaefer
- Re: segfault via completion menu
  - From: Peter Stephenson
- Re: segfault via completion menu
  - From: Peter Stephenson

Messages sorted by: Reverse Date, Date, Thread, Author