bin/100443 : awk(1) dies with SIGBUS when processing INDEX-6
Ruslan Ermilov
ru at FreeBSD.org
Fri Sep 15 03:20:30 PDT 2006
The following reply was made to PR bin/100443; it has been noted by GNATS.
From: Ruslan Ermilov <ru at FreeBSD.org>
To: "Devon H. O'Dell" <devon.odell at coyotepoint.com>,
Dmitry Marakasov <amdmi3 at mail.ru>
Cc: bug-followup at FreeBSD.org
Subject: Re: bin/100443 : awk(1) dies with SIGBUS when processing INDEX-6
Date: Fri, 15 Sep 2006 14:14:17 +0400
On Thu, Sep 14, 2006 at 07:15:00PM -0400, Devon H. O'Dell wrote:
> Ruslan Ermilov wrote:
> >On Thu, Sep 14, 2006 at 09:40:24PM +0000, Devon H. O'Dell wrote:
> [snip]
> >> Do we need to send this upstream?
> >>
> >Yes, of course.
>
> I sent an email to BWK a couple hours ago -- hopefully he'll get it soon :)
>
There's another function, refldbld(), that needs a similar fix.
Actually, your patch makes it so that if "n == fieldssize" then
malloc() will be redundantly called, when we enter this function
again and again. I think the following should fix it better:
%%%
Index: lib.c
===================================================================
RCS file: /home/ncvs/src/contrib/one-true-awk/lib.c,v
retrieving revision 1.1.1.4
diff -u -p -r1.1.1.4 lib.c
--- lib.c 16 May 2005 19:11:33 -0000 1.1.1.4
+++ lib.c 15 Sep 2006 10:10:59 -0000
@@ -58,7 +58,7 @@ static Cell dollar1 = { OCELL, CFLD, NUL
void recinit(unsigned int n)
{
if ( (record = (char *) malloc(n)) == NULL
- || (fields = (char *) malloc(n)) == NULL
+ || (fields = (char *) malloc(n+1)) == NULL
|| (fldtab = (Cell **) malloc((nfields+1) * sizeof(Cell *))) == NULL
|| (fldtab[0] = (Cell *) malloc(sizeof(Cell))) == NULL )
FATAL("out of space for $0 and fields");
%%%
Could you please send me the code/scripts to reproduce a segfault?
Cheers,
--
Ruslan Ermilov
ru at FreeBSD.org
FreeBSD committer
More information about the freebsd-bugs
mailing list