Package: posh Version: 0.6.3 Severity: serious Justification: 10.4 - local: "only uses such as <x> must be supported"
#!/bin/posh
myfunc() {
local a
a=""
a="test"
echo $a
}
myfunc
% posh ./test.sh
*** glibc detected *** posh: double free or corruption (fasttop):
0x08065560 ***
======= Backtrace: =========
/lib/i686/cmov/libc.so.6[0xb7ecb564]
/lib/i686/cmov/libc.so.6(cfree+0x96)[0xb7ecd766]
posh[0x804968c]
posh[0x8052d20]
posh[0x8052d95]
posh[0x804d633]
posh[0x804da4e]
posh[0x804db3c]
posh[0x804d2a6]
posh[0x804deb8]
posh[0x80530a2]
posh[0x8053958]
/lib/i686/cmov/libc.so.6(__libc_start_main+0xe6)[0xb7e73456]
posh[0x80495a1]
======= Memory map: ========
08048000-08060000 r-xp 00000000 fe:01 227177 /bin/posh
08060000-08062000 rw-p 00017000 fe:01 227177 /bin/posh
08062000-08083000 rw-p 08062000 00:00 0 [heap]
b7d00000-b7d21000 rw-p b7d00000 00:00 0
b7d21000-b7e00000 ---p b7d21000 00:00 0
b7e4f000-b7e5b000 r-xp 00000000 fe:01 454335 /lib/libgcc_s.so.1
b7e5b000-b7e5c000 rw-p 0000b000 fe:01 454335 /lib/libgcc_s.so.1
b7e5c000-b7e5d000 rw-p b7e5c000 00:00 0
b7e5d000-b7fb2000 r-xp 00000000 fe:01 454460
/lib/i686/cmov/libc-2.7.so
b7fb2000-b7fb3000 r--p 00155000 fe:01 454460
/lib/i686/cmov/libc-2.7.so
b7fb3000-b7fb5000 rw-p 00156000 fe:01 454460
/lib/i686/cmov/libc-2.7.so
b7fb5000-b7fb8000 rw-p b7fb5000 00:00 0
b7fc2000-b7fc4000 rw-p b7fc2000 00:00 0
b7fc4000-b7fde000 r-xp 00000000 fe:01 454310 /lib/ld-2.7.so
b7fde000-b7fe0000 rw-p 0001a000 fe:01 454310 /lib/ld-2.7.so
bfdfd000-bfe12000 rw-p bffeb000 00:00 0 [stack]
ffffe000-fffff000 r-xp 00000000 00:00 0 [vdso]
I have also found similar bugs where a string assigned to a local-ised
variable would subsequently expand to an arbitrary single character,
but this is probably the same bug.
Regards,
--
Chris Lamb, UK [EMAIL PROTECTED]
GPG: 0x634F9A20
signature.asc
Description: PGP signature
