On 5/5/20 9:21 AM, Franklin, Jason wrote: > Greetings: > > Yesterday, I encountered a segmentation fault when using the "fc" > builtin command. I cloned the Bash source code from GNU Savannah, and I > verified that the bug is still present in the latest commits to the > master and devel branches (the work below applies to "devel"). > > To reproduce... > > $ bash --norc > $ fc -0 > Segmentation fault (core dumped) > > I worked with a colleague during our lunch break to track down the issue > with GDB. We created a minimal patch (attached) that fixes the problem.
Thanks for the report and your careful analysis. > > Allow me to explain the reasoning behind the patch... > > From the CHANGES file, we see this note concerning the "fc" builtin: > > b. The fc builtin now interprets -0 as the current command line. Yes, this is from one of the bash-4.3 testing releases. It's in response to this message: https://lists.gnu.org/archive/html/bug-bash/2013-08/msg00037.html and deliberately works only for -l. The question is what to do about the cases where -l isn't supplied, as you observed. Dumping core is definitely the worst of the options. > Our solution does not remove the last history item when the user passes > "-0" to tell "fc" to include it in the history and the list to edit. The issue I have with this solution is that it leads to an infinite loop if the user doesn't change the command in the editor. If you use `fc -s -0' the shell runs fc recursively until it runs out of stack space and then dumps core. You could easily say that this falls into the category of user error, and I wouldn't argue, but as you also observe, there's nothing in the man page prohibiting or even warning against it. I'm leaning towards making 0 and -0 out-of-range errors for the non-listing case. This is what other shells do (the netbsd and freebsd shells being notable exceptions). Chet -- ``The lyf so short, the craft so long to lerne.'' - Chaucer ``Ars longa, vita brevis'' - Hippocrates Chet Ramey, UTech, CWRU c...@case.edu http://tiswww.cwru.edu/~chet/
