Hi all, A bug has been found. Steps to reproduce: kill -9 '$' That's all. While parsing arguments, in a try to translate given symbols to a PID number there is a case when recently created pointer *end for the unparsed part of argline doesn't get assigned (after bb_strtol tests the very first symbol and fails, bb_strtol will return ret_EEANGE without assigning endp: maybe, it would be safier to patch libbb/bb_strtonum.c to prevent such cases in other placec ?), and as a result termination of this pointer (*end = '\0') gives a SIGSEGV. Suggested patch fixes this by skipping the usage of *end when it can be broken and doing the termination of *arg
Alexey Fomenko (1): kill: fix segfault in arguments parsing procps/kill.c | 3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) -- 1.7.2.5 _______________________________________________ busybox mailing list [email protected] http://lists.busybox.net/mailman/listinfo/busybox
