On Sat, 20 May 2006, Otto Moerbeek wrote:
> On Sat, 20 May 2006, Matthias Kilian wrote:
>
> > On Sat, May 20, 2006 at 08:38:38PM +0200, Otto Moerbeek wrote:
> > [typeset -i F and ${F[*]} weirdness]
> > > this looks like a bug,
> >
> > It's caused by the fact that for integers str_val() returns the
> > address of a static buffer and that the loop over the array elements
> > in varsub() just copies the pointer returned by str_val() into a
> > pointer vector (eval.c, line 793).
> >
> > Would strdup()ing and later free()ing all the strings be an option?
> > Or do you consider that overkill?
>
> Indeed, the static buffer is the problem. A dynamically alloc'ed
> string could work, but the problem would be where/when to free it.
>
> In the case of formatstr an allocated string is returned, so we have
> already a mem leak here, it seems.
>
> I remember seeing a NetBSD commit related t0 formatstr handling:
> http://cvsweb.netbsd.org/bsdweb.cgi/src/bin/ksh/var.c.diff?r1=1.12&r2=1.13
And
http://cvsweb.netbsd.org/bsdweb.cgi/src/bin/ksh/var.c.diff?r1=1.13&r2=1.14&f=u
actually solves that mem leak
>
> But I must sleep now...
>
> -Otto
