On Wed, Sep 5, 2018 at 6:28 PM Assaf Gordon wrote:
>
> Bruno alerted me off-list:
>
> On 05/09/18 07:19 PM, Bruno Haible wrote:
> > Is the ChangeLog entry up-to-date?
> >
> > +* regexec.c (get_subexp): Update 'buf' after call to get_subexp_sub.
> > +Additionally, check for allocation e
On Wed, Sep 5, 2018 at 6:08 PM Assaf Gordon wrote:
> Assuming the gnulib bugfix is valid (in my previous email),
> I suggest adding the following test to sed (after updating gnulib).
Thank you, Assaf.
Only tiny suggestions:
sed-test-tweak.diff
Description: Binary data
Bruno alerted me off-list:
On 05/09/18 07:19 PM, Bruno Haible wrote:
> Is the ChangeLog entry up-to-date?
>
> + * regexec.c (get_subexp): Update 'buf' after call to get_subexp_sub.
> + Additionally, check for allocation errors and bail out if needed.
>
> I don't see a code change for
> "check f
Paul Eggert wrote:
> > +/* These actions take no argument. */
> > +result = fcntl (fd, action, NULL);
> > +break;
>
> If an action takes no argument, why pass one? Couldn't that run into more
> static-error complaints and/or technical violations of POSIX?
Ind
Hello,
Assuming the gnulib bugfix is valid (in my previous email),
I suggest adding the following test to sed (after updating gnulib).
comments welcomed,
- assaf
>From bc2794c76cd4202df5172bdbe364a4006e6edbe6 Mon Sep 17 00:00:00 2001
From: Assaf Gordon
Date: Wed, 5 Sep 2018 18:58:55 -0600
Sub
Hello,
On Wed, Sep 5, 2018 at 12:32 AM Assaf Gordon wrote: On 04/09/18 07:02 PM, Saito Takaaki wrote:>>>
https://ideone.com/Sq5xJX>> I hope this helps even a bit. The
linked snippet you provided exposed a heap-use-after-free bug
in gnulib's regex module (possibly in glibc as well
Thanks for looking into that. One question, though:
+/* These actions take no argument. */
+result = fcntl (fd, action, NULL);
+break;
If an action takes no argument, why pass one? Couldn't that run into more
static-error complaints and/or technical violat
Paul Eggert wrote:
> > I'm looking at a patch along these lines as well. I'm checking all possible
> > fcntl actions on all platforms, cross-checking with the info in their man
> > pages...
>
> Thanks. What a pain, huh? And it'll get even more painful if the static
> checkers
> start checking th
On 05/31/2018 08:54 AM, Eric Blake wrote:
Based on a bug report to the Cygwin list:
https://cygwin.com/ml/cygwin/2018-05/msg00321.html
* doc/posix-functions/environ.texi (environ): Assigning NULL to
environ is a glibc extension.
Signed-off-by: Eric Blake
---
Does anyone have a better list of
On 09/05/2018 11:05 AM, Paul Eggert wrote:
Eric Blake wrote:
While this indeed accesses a parameter not passed by the caller, it is
a harmless access.
#if HAVE_FCNTL
+/* Pass a pointer as a trailing argument. Although this is
+ not strictly kosher in theory, in practic
Bruno Haible wrote:
I'm looking at a patch along these lines as well. I'm checking all possible
fcntl actions on all platforms, cross-checking with the info in their man
pages...
Thanks. What a pain, huh? And it'll get even more painful if the static checkers
start checking the argument types.
Hi Paul,
> Although this is true on all practical platforms, in theory a POSIX
> implementation could have trouble with this implementation. Frank, does the
> attached (untested) patch pacify KLEE?
I'm looking at a patch along these lines as well. I'm checking all possible
fcntl actions on all
Eric Blake wrote:
While this indeed accesses a parameter not passed by the caller, it is a
harmless access.
Although this is true on all practical platforms, in theory a POSIX
implementation could have trouble with this implementation. Frank, does the
attached (untested) patch pacify KLEE?
d
On Wed, Sep 5, 2018 at 12:32 AM Assaf Gordon wrote:
>
> (adding gnulib)
>
> On 04/09/18 07:02 PM, Saito Takaaki wrote:
> [... discussing a sed bug ...]
> > However, a friend showed me a more complex case which is
> > problematic even with sed 4.4 on ideone. The last two lines of the
> > output (f
On 09/05/2018 05:33 AM, Frank Busse wrote:
Hi,
this was found by using KLEE [1] on Coreutils 8.30 (shred, stty, sync,
tail, and probably also in dd (untested)). These tools call
fcntl (fd, F_GETFL)
F_GETFL is not handled in fcntl.c:rpl_fcntl and the default case tries
to access a non-existing
Hi,
this was found by using KLEE [1] on Coreutils 8.30 (shred, stty, sync,
tail, and probably also in dd (untested)). These tools call
fcntl (fd, F_GETFL)
F_GETFL is not handled in fcntl.c:rpl_fcntl and the default case tries
to access a non-existing argument:
--
default:
{
#if HAVE_
(adding gnulib)
On 04/09/18 07:02 PM, Saito Takaaki wrote:
[... discussing a sed bug ...]
However, a friend showed me a more complex case which is
problematic even with sed 4.4 on ideone. The last two lines of the
output (for the identical input lines) are particularly interesting.
https://ide
17 matches
Mail list logo
