in src/lib/libast/regex/reg[nr]exec.c change
while ((index += skip[buf[index]]) < mid);
to
while (index < mid)
index += skip[buf[index]];
On Mon, 17 Jun 2013 18:10:38 +0200 Roland Mainz wrote:
> Hi!
> ----
> The following testcase triggers a valgrind hit in ast-ksh.2013-06-11
> on SuSE 12.3/AMD64/32bit build when the "grep" built does matching in
> a very short (e.g. two bytes) file:
> -- snip --
> $ ~/vg/bin/valgrind ~/bin/ksh -c 'builtin grep ; grep -S "*foo*"
> <(print "") ; true'
> ==10149== Memcheck, a memory error detector
> ==10149== Copyright (C) 2002-2012, and GNU GPL'd, by Julian Seward et al.
> ==10149== Using Valgrind-3.8.1 and LibVEX; rerun with -h for copyright info
> ==10149== Command: /home/test001/bin/ksh -c builtin\ grep\ ;\ grep\
> -S\ "*foo*"\ \<(print\ "")\ ;\ true
> [snip]
> ==10149== Use of uninitialised value of size 8
> ==10149== at 0x4F6B18: _ast_regrexec_20120528 (regrexec.c:75)
> ==10149== by 0x55F452: execute (grep.c:669)
> ==10149== by 0x56012B: grep (grep.c:985)
> ==10149== by 0x56049C: b_grep (grep.c:1077)
> ==10149== by 0x47BE51: sh_exec (xec.c:1357)
> ==10149== by 0x47EEB5: sh_exec (xec.c:2218)
> ==10149== by 0x40F474: exfile (main.c:599)
> ==10149== by 0x40E61B: sh_main (main.c:371)
> ==10149== by 0x40D750: main (pmain.c:45)
> -- snip --
> ----
> Bye,
> Roland
> --
> __ . . __
> (o.\ \/ /.o) [email protected]
> \__\/\/__/ MPEG specialist, C&&JAVA&&Sun&&Unix programmer
> /O /==\ O\ TEL +49 641 3992797
> (;O/ \/ \O;)
_______________________________________________
ast-developers mailing list
[email protected]
http://lists.research.att.com/mailman/listinfo/ast-developers
