Zsh Mailing List Archive
Messages sorted by: Reverse Date, Date, Thread, Author

Re: Zsh parser malloc corruption

PWS, I'm going to ask you to please look at this after all, because it
seems to be related to 

    36682: expand pattern interface to optimise unmetafication

Valgrind says:

==19116== Invalid write of size 1
==19116==    at 0x4A2E0D: patcompile (pattern.c:679)
==19116==    by 0x456846: compgetmatch (glob.c:2623)
==19116==    by 0x4568FA: getmatch (glob.c:2663)
==19116==    by 0x4BA2D9: paramsubst (subst.c:3045)
==19116==    by 0x4B486A: stringsubst (subst.c:247)
==19116==    by 0x4B3BED: prefork (subst.c:85)
==19116==    by 0x4437D5: execcmd_getargs (exec.c:2659)
==19116==    by 0x443BCF: execcmd_exec (exec.c:2765)
==19116==    by 0x4414B5: execpline2 (exec.c:1873)
==19116==    by 0x43FCDA: execpline (exec.c:1602)
==19116==    by 0x43EEA5: execlist (exec.c:1360)
==19116==    by 0x43E5A3: execode (exec.c:1141)

This repeats several times, and eventually kills valgrind itself:

valgrind: the 'impossible' happened:
   Killed by fatal signal
==19116==    at 0x38058236: ??? (in /usr/lib/valgrind/memcheck-amd64-linux)

It appears that the "patalloc" space is not large enough to hold the
metafied pattern, maybe because there are NUL bytes in the pattern
prior to it being metafied?

Also I can reproduce my crash with a shorter input; delete everything
from (including) the first "&" through the end of the malloc-corruption

Messages sorted by: Reverse Date, Date, Thread, Author