bin/57554: sh(1) incorrect handling of quoted parameter expansion

Jilles Tjoelker jilles at
Thu Sep 10 20:40:03 UTC 2009

The following reply was made to PR bin/57554; it has been noted by GNATS.

From: Jilles Tjoelker <jilles at>
To: bug-followup at, mark at
Subject: Re: bin/57554: sh(1) incorrect handling of quoted parameter
Date: Thu, 10 Sep 2009 22:31:18 +0200

 Sorry for waiting so long with this.
 Your patch seems to work after fixing the conflicts (fairly easy).
 However, it (and also NetBSD /bin/sh) has a memory leak if there is a
 syntax error or SIGINT within 32 or more levels of variable expansion.
 Some possible fixes:
 - remove the dynamic allocation and just use the old broken way for
   level 32 and higher
 - add an exception handler when allocating dblquotep for the first time
   (not for all readtoken1 calls, that would probably be rather slow)
 - link it to a list pointed to by a global variable so it can be cleaned
   up eventually (note that things like ${X-$(printf %x ${Y-${Z}})} are
   possible so a single global does not do); this is somewhat similar to
   memalloc.c's "stack" which probably cannot be used for this as it is
   already used for assembling the resulting word
 Jilles Tjoelker

More information about the freebsd-bugs mailing list