On Wed, Dec 17, 2008 at 05:40:01PM -0500, Zbyszek Sarbinowski wrote:
> Follow the steps to reproduce the coredump.
>
> *Step 1*
> Create the following ksh script 'a'
>
> #!/bin/ksh93
> echo \#!/bin/ksh
> for i in {1..325}
> do
> echo echo "!!!!Hello World!!!!"
> done
> echo "eval \"\$("
> echo " { sed '/a/ s|/b/[^/]*/\(.*\)|/b/c/\1|'; } <<MARKER"
> echo " echo The End"
> echo "MARKER"
> echo " )\""
> *Step 2*
> chmod +x a
> **
> *Step 3*
> a>nested_script
>
> *Step 4*
> Create the main ksh script 'm'
>
> #!/bin/ksh93
> . nested_script
> *Step 5*
> chmod +x m
>
> *Step 6*
> m
> Segmentation fault(coredump)
>
> When the first 8192 bytes are read from nested_scirpt the last characters
> are "<<MA" which is later causing a crash. It looks like the crash is
> occuring when the partial << marker is read in a buffer. When I shorten
> nested script by >= 5 characters or increase by >=2 char. right before <<
> then everything is fine.
>
> I wonder if this is a known problem which was already fixed. Please let me
> know if you won't be able to reproduce it.
I'm able to reproduce and I've detected the problem in
src/cmd/ksh93/sh/lex.c in line 1568 which is in the
function nested_here() ... it seems that the value
of lp->lexd.docend becomes negative (with your example
-10962) which cause a negative n (I see -8186) which
cause the following newof() in line 1567 to return NULL,
therefore the next line
iop->iolst = lp->heredoc;
will crash.
Werner
--
"Having a smoking section in a restaurant is like having
a peeing section in a swimming pool." -- Edward Burr
_______________________________________________
ast-users mailing list
[email protected]
https://mailman.research.att.com/mailman/listinfo/ast-users
