Dear Pádraig, For completeness, would it be possible to reference the bug introducing revision (ec48bead) in the commit message?
Otherwise, the commit looks good to me. Best regards, Marcel On 4 Feb, 2013, at 7:52 PM, Pádraig Brady <[email protected]> wrote: > On 02/04/2013 09:22 AM, Marcel Böhme wrote: >> Dear all, >> The current version of cut (after 6.12.2012) exposes a SEG_FAULT: >> $echo 123 | cut --output-del="." -b-1,999999999- >> How the commit introduces the bug: >> Earlier, memory of length eol_start_length was allocated for the array >> printable_field - if max_range_endpoint < eol_start_length. So the >> access at eol_start_length would succeed. >> Now, even if max_range_endpoint < eol_start_length, as long as >> max_range_endpoint > 0, just like before, memory of length >> max_range_endpoint is allocated for array printable_field which is >> accessed "out-of-bounds" at eol_start_length in line 534. >> Just for historical purposes: >> Commit 7380cf79 introduces a SEG_FAULT on large open-ended ranges: >> http://debbugs.gnu.org/7993. >> This bug was fixed in Commit 2e636af1which itself introduces a memory >> leak: >> https://lists.gnu.org/archive/html/bug-coreutils/2012-12/msg00017.html. >> This bug was fixed in Commit ec48bead which itself re-introduces the >> SEG_FAULT: reported here. > > Nice one! > The attached should fix it. > > thanks, > Pádraig. > <cut-fix-seg.patch>
