-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 7/6/15 6:46 PM, Hanno Böck wrote:
> Hi,
>
> With Address Sanitizer I discovered another out of bounds read issue in
> bash. This is different from the issue I recently reported here and
> for which Chet already provided a patch:
> https://lists.gnu.org/archive/html/bug-bash/2015-06/msg00089.html
>
> To reproduce:
> a) compile bash with CFLAGS="-fsanitize=address -g"
> b) type in a=/ a
> c) go back with the cursor behind the backslash and press tab
Thanks for the report. I've attached a patch that should address the
problem. It's not in bash-4.4-alpha.
Chet
- --
``The lyf so short, the craft so long to lerne.'' - Chaucer
``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, ITS, CWRU c...@case.edu http://cnswww.cns.cwru.edu/~chet/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iEYEARECAAYFAlWgDY8ACgkQu1hp8GTqdKtyOgCfXOaZfcweBw37AI0N4mnFW/Rz
gj4AoJYpm34tn/7lg+ChxV3TDq0WlTQl
=+rN7
-----END PGP SIGNATURE-----
*** ../bash-4.4-alpha/bashline.c 2015-06-23 14:35:10.000000000 -0400
--- bashline.c 2015-07-07 15:17:58.000000000 -0400
***************
*** 1524,1527 ****
--- 1524,1528 ----
os = start;
n = 0;
+ was_assignment = 0;
s = find_cmd_start (os);
e = find_cmd_end (end);
***************
*** 1534,1537 ****
--- 1535,1544 ----
break;
}
+ /* Or past point if point is within an assignment statement */
+ else if (was_assignment && s > rl_point)
+ {
+ s1 = s = e1;
+ break;
+ }
/* Skip over assignment statements preceding a command name. If we
don't find a command name at all, we can perform command name
