-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 6/23/15 7:11 AM, Hanno Böck wrote:
> Hello,
>
> When trying to compile latest bash (4.3 + all patches up to 039) with add
ress sanitizer
> I discovered a potential out of bounds read.
> It seems to be related to tab completion and readline
Thanks for the report. I don't have address sanitizer, but this was pretty
easy to find given what you provided. I've attached a patch for folks to
look at.
Chet
- --
``The lyf so short, the craft so long to lerne.'' - Chaucer
``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, ITS, CWRU [email protected] http://cnswww.cns.cwru.edu/~chet/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iEYEARECAAYFAlWJrBUACgkQu1hp8GTqdKuKDgCeOO2pu+UILdeOuKTpIpgpuEOC
4bQAoJTsiPjxILywvoDVZQX6qaB4ujUx
=BDtc
-----END PGP SIGNATURE-----
*** ../bash-4.3-patched/bashline.c 2014-12-29 14:39:43.000000000 -0500
--- bashline.c 2015-06-23 14:35:10.000000000 -0400
***************
*** 1473,1476 ****
--- 1528,1537 ----
do
{
+ /* Don't read past the end of rl_line_buffer */
+ if (s > rl_end)
+ {
+ s1 = s = e1;
+ break;
+ }
/* Skip over assignment statements preceding a command name. If we
don't find a command name at all, we can perform command name
