Two serious csh bugs

To: debian-user@lists.debian.org
Cc: gobbel@gigan.ucsd.edu
Subject: Two serious csh bugs
From: Randy Gobbel <gobbel@cogsci.ucsd.edu>
Date: Thu, 26 Sep 1996 12:50:11 -0700
Message-id: <[🔎] 199609261950.MAA27071@gigan.ucsd.edu>
Reply-to: gobbel@cogsci.ucsd.edu

I found not one but two rather gross bugs in /bin/csh.  The incredibly bizarre
symptom (on my system) is that if you try to run csh while cd'ed to a
subdirectory of your home directory whose full pathname is exactly 28
characters long, csh dies with a segmentation fault.  Thanks to Bruce Perens'
wonderful Electric Fence utility, it was pretty quick to track this down to a
problem with s_strncmp (strncmp for short strings) which causes it to return
"no match" for the case where the first string is an initial substring of the
second, plus a malloc in dcanon that allocates one Char fewer than it should.
Here are the fixes:

*** /tmp/str.c.orig	Thu Sep 26 12:35:25 1996
--- /tmp/str.c	Thu Sep 26 12:35:25 1996
***************
*** 338,343 ****
--- 338,345 ----
       * negative collate low against normal characters but high against the
       * end-of-string NUL.
       */
+     if (n == 0)
+       return(0);
      if (*str1 == '\0' && *str2 == '\0')
  	return (0);
      else if (*str1 == '\0')

*** /tmp/dir.c.orig	Thu Sep 26 12:35:59 1996
--- /tmp/dir.c	Thu Sep 26 12:35:59 1996
***************
*** 876,882 ****
  	     */
  	    p2 = cp + Strlen(p2);
  	    sp = newcp = (Char *) xmalloc((size_t)
! 					  ((cc + Strlen(p2)) * sizeof(Char)));
  	    while (*p1)
  		*sp++ = *p1++;
  	    while (*p2)
--- 876,882 ----
  	     */
  	    p2 = cp + Strlen(p2);
  	    sp = newcp = (Char *) xmalloc((size_t)
! 					  ((cc + Strlen(p2) + 1) * sizeof(Char)));
  	    while (*p1)
  		*sp++ = *p1++;
  	    while (*p2)


These patches are relative to the sources on the I-Connect Debian 1.1 CD.  It
seems likely that these bugs are present in standard versions of csh on many
systems, not just Debian and perhaps not just Linux.  Is there a good place to
forward this bug report in addition to the Debian list?

-Randy
-- 
http://cogsci.ucsd.edu/~gobbel/

NOTICE: I DO NOT ACCEPT UNSOLICITED COMMERCIAL EMAIL MESSAGES OF ANY KIND.  I
CONSIDER SUCH MESSAGES PERSONAL HARRASSMENT AND A GROSS INVASION OF MY
PRIVACY.  By sending unsolicited commercial advertising/solicitations (or
otherwise on or as part of a mailing list) to me via e-mail you will be
indicating your consent to paying John R. (Randy) Gobbel $1,000.00 U.S.D./hour
for a minimum of 1 hour for my time spent dealing with it. Payment due in 30
days upon receipt of an invoice (e-mail or regular mail) from me or my
authorized representative.

Reply to:

Prev by Date: Re: argh, NIS!
Next by Date: fvwm2 & middle button
Previous by thread: Re: install from floppy
Next by thread: fvwm2 & middle button
Index(es):
- Date
- Thread