The parse_token_word() function (parse.y:4297) has a couple of off-by-one
assignments to the `token' array, which are really 2 manifestations of the
same bug.
These patches first mask the bug by solving the manifestations independently,
and then eradicate the bug by uniformly dismantling the noodliness in which
it is hiding.
Here is the entire patch series at a glance:
Solve the manifestations:
[PATCH 1/6] Bug: extglob: Fix off-by-one assignment in read_token_word()
[PATCH 2/6] Bug: shellexp: Fix off-by-one assignment in read_token_word()
Slice through the noodles:
[PATCH 3/6] Clean: parse_token_word(): relax memory requirements (off by
one)
[PATCH 4/6] Clean: More direct coupling between assignment and allocation
Extraneous tidying up:
[PATCH 5/6] Clean: Remove unnecessary xmalloc()/strcpy()
[PATCH 6/6] Clean: Remove unnecessary backslashes (line continuation)
All told, the changes are fairly minimal:
parse.y | 50 ++++++++++++++++++++++++++------------------------
1 files changed, 26 insertions(+), 24 deletions(-)
