Thanks for taking the time to report that. That bug was fixed upstream (slightly differently) by revision 1.21 of fts.c. Here's the log entry:
date: 2004-10-13 21:25:30 +0200; author: meyering; state: Exp; lines: +5 -4; (fts_read): When about to fail (by returning NULL) due to a failed fchdir or failed fts_safe_changedir call, set `sp->fts_cur = p'. Do this by removing the explicit `return NULL;' statements and setting p->fts_errno so execution falls through to the common-case code below. Otherwise, after such a failure, calling fts_close would attempt to free an already-freed buffer. Reported by Luis Lopez Lopez in http://bugs.debian.org/276352. There have been 24 deltas to fts.c since coreutils-5.2.1. Mike Frysinger <[EMAIL PROTECTED]> wrote: > find attached a patch by Martin Schlemmer to fix a double free in the fts_read > function > > original bug report: > http://bugs.gentoo.org/show_bug.cgi?id=87490 > > explanation of issue: > http://bugs.gentoo.org/show_bug.cgi?id=87490#c8 > > patch (also attached): > http://bugs.gentoo.org/attachment.cgi?id=65200 _______________________________________________ Bug-coreutils mailing list [email protected] http://lists.gnu.org/mailman/listinfo/bug-coreutils
