Package: posh Version: 0.6.3 Severity: serious Justification: 10.4 - local: "only uses such as <x> must be supported"
#!/bin/posh myfunc() { local a a="" a="test" echo $a } myfunc % posh ./test.sh *** glibc detected *** posh: double free or corruption (fasttop): 0x08065560 *** ======= Backtrace: ========= /lib/i686/cmov/libc.so.6[0xb7ecb564] /lib/i686/cmov/libc.so.6(cfree+0x96)[0xb7ecd766] posh[0x804968c] posh[0x8052d20] posh[0x8052d95] posh[0x804d633] posh[0x804da4e] posh[0x804db3c] posh[0x804d2a6] posh[0x804deb8] posh[0x80530a2] posh[0x8053958] /lib/i686/cmov/libc.so.6(__libc_start_main+0xe6)[0xb7e73456] posh[0x80495a1] ======= Memory map: ======== 08048000-08060000 r-xp 00000000 fe:01 227177 /bin/posh 08060000-08062000 rw-p 00017000 fe:01 227177 /bin/posh 08062000-08083000 rw-p 08062000 00:00 0 [heap] b7d00000-b7d21000 rw-p b7d00000 00:00 0 b7d21000-b7e00000 ---p b7d21000 00:00 0 b7e4f000-b7e5b000 r-xp 00000000 fe:01 454335 /lib/libgcc_s.so.1 b7e5b000-b7e5c000 rw-p 0000b000 fe:01 454335 /lib/libgcc_s.so.1 b7e5c000-b7e5d000 rw-p b7e5c000 00:00 0 b7e5d000-b7fb2000 r-xp 00000000 fe:01 454460 /lib/i686/cmov/libc-2.7.so b7fb2000-b7fb3000 r--p 00155000 fe:01 454460 /lib/i686/cmov/libc-2.7.so b7fb3000-b7fb5000 rw-p 00156000 fe:01 454460 /lib/i686/cmov/libc-2.7.so b7fb5000-b7fb8000 rw-p b7fb5000 00:00 0 b7fc2000-b7fc4000 rw-p b7fc2000 00:00 0 b7fc4000-b7fde000 r-xp 00000000 fe:01 454310 /lib/ld-2.7.so b7fde000-b7fe0000 rw-p 0001a000 fe:01 454310 /lib/ld-2.7.so bfdfd000-bfe12000 rw-p bffeb000 00:00 0 [stack] ffffe000-fffff000 r-xp 00000000 00:00 0 [vdso] I have also found similar bugs where a string assigned to a local-ised variable would subsequently expand to an arbitrary single character, but this is probably the same bug. Regards, -- Chris Lamb, UK [EMAIL PROTECTED] GPG: 0x634F9A20
signature.asc
Description: PGP signature