Hi vim-7.4.1967 (and earlier) accesses invalid memory when running this command:
$ valgrind --num-callers=20 vim -u NONE -c 'ec "\<C-">' -c q 2> log log file then contains: =5725== Memcheck, a memory error detector ==5725== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al. ==5725== Using Valgrind-3.10.1 and LibVEX; rerun with -h for copyright info ==5725== Command: vim -u NONE -c ec\ "\\\<C-"\> -c q ==5725== ==5725== Invalid read of size 1 ==5725== at 0x414598: skipwhite (charset.c:1522) ==5725== by 0x4346EE: eval7 (eval.c:5346) ==5725== by 0x433EC2: eval6 (eval.c:4964) ==5725== by 0x4339A4: eval5 (eval.c:4780) ==5725== by 0x432C67: eval4 (eval.c:4479) ==5725== by 0x432AA4: eval3 (eval.c:4396) ==5725== by 0x43291C: eval2 (eval.c:4328) ==5725== by 0x432753: eval1 (eval.c:4256) ==5725== by 0x453969: ex_echo (eval.c:23765) ==5725== by 0x475BE4: do_one_cmd (ex_docmd.c:2923) ==5725== by 0x4728D2: do_cmdline (ex_docmd.c:1108) ==5725== by 0x471F0E: do_cmdline_cmd (ex_docmd.c:713) ==5725== by 0x5F67E3: exe_commands (main.c:2944) ==5725== by 0x5F3D4B: main (main.c:959) ==5725== Address 0x769ec8b is 0 bytes after a block of size 11 alloc'd ==5725== at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==5725== by 0x4ECEBF: lalloc (misc2.c:920) ==5725== by 0x4ECD8C: alloc (misc2.c:818) ==5725== by 0x4ED319: vim_strsave (misc2.c:1253) ==5725== by 0x4726FC: do_cmdline (ex_docmd.c:1038) ==5725== by 0x471F0E: do_cmdline_cmd (ex_docmd.c:713) ==5725== by 0x5F67E3: exe_commands (main.c:2944) ==5725== by 0x5F3D4B: main (main.c:959) (more errors after that...) Bug was found using afl-fuzz. I'm not sure whether \<C-"> in a string is valid syntax, but it should not cause invalid memory access. I'll try to debug it during next weekend but maybe someone else can fix it earlier. Regards Dominique -- -- You received this message from the "vim_dev" maillist. Do not top-post! Type your reply below the text you are replying to. For more information, visit http://www.vim.org/maillist.php --- You received this message because you are subscribed to the Google Groups "vim_dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
