Package: yafc
Version: 1.1.1.dfsg.1-2
Severity: normal
Tags: patch

Hi, yafc crashes sometimes on completion.
steps to reproduce:

* type yafc in terminal
* press space bar
* press tab key
* yafc crashes

In "the_complete_function", ' ' is considered as a non
empty line. Then it is split with precisely ' ' 

e = strqsep(&c, ' '); on line 381 in completion.c

so, NULL is passed to find_func. Then, NULL is passed as an argument to
strlen 

if(strncmp(cmds[i].cmd, cmd, strlen(cmd)) == 0) { on line 106 in
commands.c

and it crashes

I'll attach a patch that seems to fix the problem by removing spaces
from analysed string.



-- System Information:
Debian Release: 4.0
  APT prefers testing
  APT policy: (500, 'testing'), (500, 'stable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-4-486
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15)

Versions of packages yafc depends on:
ii  libc6                       2.3.6.ds1-13 GNU C Library: Shared libraries
ii  libncurses5                 5.5-5        Shared libraries for terminal hand
ii  libreadline5                5.2-2        GNU readline and history libraries

yafc recommends no packages.

-- no debconf information
--- src/completion.c	2007-04-07 17:41:29.000000000 +0200
+++ src/completion.c~	2007-04-07 17:41:40.000000000 +0200
@@ -366,7 +366,7 @@ char **the_complete_function(char *text,
 			while(c[i] != ';' && i>0)
 				i--;
 			cmd_start = i;
-			if(c[i] == ';')
+			while((c[cmd_start] == ';') || (c[cmd_start] == ' '))
 				cmd_start++;
 		} else
 			/* rl_line_buffer is empty, no command yet */

Reply via email to