[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

segfault in readline-5.1 in rl_callback_read_char()

From: Mike Frysinger
Subject: segfault in readline-5.1 in rl_callback_read_char()
Date: Tue, 13 Dec 2005 00:35:55 +0000
User-agent: Mutt/1.5.11

another dev noticed this when using readline in python:
$ python
Python 2.4.2 (#1, Sep 29 2005, 06:07:43) 
[GCC 3.4.4 (Gentoo 3.4.4-r1, HTB-3.4.4-1.00, ssp-3.4.4-1.0, pie-8.7.8)] on 
Type "help", "copyright", "credits" or "license" for more information.
>>> <DEL><DEL>Segmentation fault

that is, all we have to do is run `python` and hit the delete key
twice and python falls on its face

running it through gdb shows this:
(gdb) bt
#0  _rl_dispatch_callback (cxt=0x0) at readline.c:625
#1  0x000034b22419a968 in rl_callback_read_char () at callback.c:154
#2  0x000034b224046395 in ?? () from /usr/lib/python2.4/lib-dynload/readline.so

and indeed, we see in callback.c:
    eof = _rl_dispatch_callback (_rl_kscxt);  /* For now */
    while ((eof == -1 || eof == -2) && RL_ISSTATE (RL_STATE_MULTIKEY) \
           && _rl_kscxt && (_rl_kscxt->flags & KSEQ_DISPATCHED))
      eof = _rl_dispatch_callback (_rl_kscxt);

there is a check in the while() loop to see if _rl_kscxt is non-NULL,
but there is no check in the if statement() before using _rl_kscxt for
the first time

is the fix simply doing this:
+else if (RL_ISSTATE (RL_STATE_MULTIKEY) && _rl_kscxt)

i'm not familiar with the readline source so i cant really say ... but
maybe the if statements before that could use similar changes ?
+if (RL_ISSTATE (RL_STATE_ISEARCH) && _rl_iscxt)
+else if (RL_ISSTATE (RL_STATE_NSEARCH) && _rl_nscxt)
+else if (RL_ISSTATE (RL_STATE_NUMERICARG) && _rl_argcxt)

reply via email to

[Prev in Thread] Current Thread [Next in Thread]