This is the mail archive of the cygwin mailing list for the Cygwin project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: Patch for run-1.3.0-1 core dump

From: Charles Wilson <cygwin at cwilson dot fastmail dot fm>
To: The Cygwin Mailing List <cygwin at cygwin dot com>
Date: Mon, 12 Aug 2013 10:22:09 -0400
Subject: Re: Patch for run-1.3.0-1 core dump
References: <CAOJ7xCsuuhNmtz_ybGJoEeUAdWhJ1Y3+9d5mBtATH-F=VpkYGg at mail dot gmail dot com>

On 8/10/2013 1:34 PM, foo wrote:

Whenever I execute run.exe, it generates run.exe.stackdump.

At line 370 in run.c, run2_freeargv() tries to free newargv, and
run2_freeqrgv() expects that newargv is terminated by NULL. However,
in shifting newargv at line 253-256, it fails to shift NULL
terminator. Therefore, run2_freeargv() frees memory illegally.
The following patch is a workaround.

--- run.c.old
+++ run.c.new
@@ -252,7 +252,7 @@
        newargv = run2_dupargv (argv);
        /* discard newargv[0] and shift up */
        free (newargv[0]);
-      for (newargc = 1; newargc < argc; newargc++)
+      for (newargc = 1; newargv[newargc-1] != NULL; newargc++)
           newargv[newargc-1] = newargv[newargc];
        newargc = argc - 1;

Thanks for the bug report and the patch. I'll investigate and update thepackage soon.


--
Chuck



--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

References:
- Patch for run-1.3.0-1 core dump
  - From: foo

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]