Configuration Information [Automatically generated, do not change]:
Machine: powerpc
OS: linux-gnuspe
Compiler: powerpc-linuxspe-gcc
Compilation CFLAGS: -DPROGRAM='bash' -DCONF_HOSTTYPE='powerpc'
-DCONF_OSTYPE='linux-gnuspe' -DCONF_MACHTYPE='powerpc-unknown-linux-gnuspe'
-DCONF_VENDOR='unknown' -DLOCALEDIR='/usr/share/locale' -DPACKAGE='bash'
-DSHELL -DHAVE_CONFIG_H -I.
-I/archives/meip/devtools/cross-build/src/bash-3.2
-I/archives/meip/devtools/cross-build/src/bash-3.2/include
-I/archives/meip/devtools/cross-build/src/bash-3.2/lib -g -O2
uname output: Linux (none) 2.6.19 #17 Thu Dec 7 11:20:51 CET 2006 ppc GNU/Linux
Machine Type: powerpc-unknown-linux-gnuspe
Bash Version: 3.2
Patch Level: 33
Release Status: release
Description:
bash's own getcwd reads uninitialzed/non-existent memory
when called as getcwd(0, 4096);
That made it non-responding when started with linux boot params
as `init=/bin/sh'.
Repeat-By:
Compile bash with BROKEN_GETCWD
Fix:
here is a patch :
Summary :
`len' is the real length of the found path
`size' is the size of the requested buffer (4096 above)
the current code allocates max(len, size) and then COPIES MAX(len, size)
which is plain wrong; it should only copy len :
that's what the new code does. : it allocates max(len, size) but copies len.
diff -rup -U 10 cross-build/src/bash-3.2/lib/sh/getcwd.c
cross-build/src/bash-3.2-phdm/lib/sh/getcwd.c
--- cross-build/src/bash-3.2/lib/sh/getcwd.c 2004-07-21 23:15:19.000000000
+0200
+++ cross-build/src/bash-3.2-fixed/lib/sh/getcwd.c 2008-01-22
15:32:51.000000000 +0100
@@ -246,23 +246,23 @@ getcwd (buf, size)
if (pathp == &path[sizeof(path) - 1])
*--pathp = '/';
if (dotlist != dots)
free ((PTR_T) dotlist);
{
size_t len = pathbuf + pathsize - pathp;
if (buf == NULL)
{
- if (len < (size_t) size)
- len = size;
- buf = (char *) malloc (len);
+ if ((size_t) size < len)
+ size = len;
+ buf = (char *) malloc (size);
if (buf == NULL)
goto lose2;
}
else if ((size_t) size < len)
{
errno = ERANGE;
goto lose2;
}
(void) memcpy((PTR_T) buf, (PTR_T) pathp, len);
}
