Bug#713836: regcomp(3) writes past end of regex_t

[sacrificial-spam-address@horizon.com]

Okay, I did a bit of comparison.  The machine the binary was *compiled*
on seemed to matter, not the one it was *run* on.  A bit of extra
printing revealed the obvious culprit:

[539]$ ./a.out
sizeof regex_t = 28
array[1] confirmed all-zero
J'accuse!  buf[0] = 0x18
Bug!  array[1] has been overwritten!

[524]$ ./a.out
sizeof regex_t = 32
array[1] confirmed all-zero
array[1] confirmed all-zero

It's obviously a header file issue.  I will go investigate.
The /usr/include/regex.h files are identical between the machines,
it must be something else...

Aha!  Where did /usr/local/include/sys/types.h come from?  It's
been there since 2007 and never caused a problem until now...

Anyway, the difference seems to boil down to the following gcc -E difference:
(- = buggy, + = works)

   unsigned char *__buffer;
 
 
   unsigned long int __allocated;
 
 
-  unsigned long int __attribute__((__used__));
+  unsigned long int __used;
 
 
   reg_syntax_t __syntax;

Sorry to jump to conclusions and blame you.  Thanks for trying to
reproduce and putting me on the right track!