Source: dash Version: 0.5.8-2.5 Severity: normal Hi,
When cross-compiled, dash compiles in a list of signal names used for various purposes (eg kill -NAME). Unfortunately the signal names are generated by using the *build* compiler instead of the *host* compiler so the signals are incorrect when dash is actually run on the host machine. This was originally noticed by YunQiang Su while working on MIPS r6. Since NSIG is larger on MIPS than on x86, running a command which attempts to parse an invalid signal (like "kill -s TERM 1" which tries to parse a signal named "s" first) will search off the end of the list of signals and crash with a NULL pointer dereference (src/trap.c decode_signal). I notice the signal generation code has been copied from bash. Newer versions of bash have a fix for this which initialized the list of signals at runtime when cross-compiled. Maybe you could copy the fix from bash? Thanks, James
signature.asc
Description: OpenPGP digital signature
