I traced the problem down to loop invariant violation in the username
parsing code. At the end of each inner loop iteration in parse_args,
the pointer cp should point to the last non-NULL character in the
current argument. However, the 'u' case leaves cp pointing to the NULL
character, so the loop walks right past the command arguments and into
the environment variable part of the memory. The mysterious unknown
argument characters come from the environment.
The attached patch fixes the bug by reducing the cp increment in the 'u'
case by one.
--
Chuan-kai Lin
http://web.cecs.pdx.edu/~cklin/
diff -r 420447d7c7f0 top.c
--- a/top.c Sun Feb 28 13:24:37 2010 -0800
+++ b/top.c Sun Feb 28 13:56:30 2010 -0800
@@ -1924,7 +1924,7 @@
errmsg = parse_uid(cp, &selection_uid);
if (errmsg) std_err(errmsg);
selection_type = 'u';
- cp += snprintf(Curwin->colusrnam, USRNAMSIZ-1, "%s", cp); // FIXME: junk
+ cp += snprintf(Curwin->colusrnam, USRNAMSIZ-1, "%s", cp)-1; // FIXME: junk
} while(0);
break;
case 'U':
