Re: Using systemd-249's libnss_systemd.so.2 triggers a crash in bash-5.1

bug-bash

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Using systemd-249's libnss_systemd.so.2 triggers a crash in bash-5.1

From:	Chet Ramey
Subject:	Re: Using systemd-249's libnss_systemd.so.2 triggers a crash in bash-5.1's malloc.c
Date:	Tue, 5 Oct 2021 16:13:40 -0400
User-agent:	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:91.0) Gecko/20100101 Thunderbird/91.1.2

On 10/5/21 1:50 PM, Dominique Martinet wrote:

> If I change malloc_usable_size to return p->mh_nbytes instead of
> maxbytes, then the crash disappears.[2]
> 
> I did not read the full bash malloc code but I suspect the buffer really
> could be grown, but we would need to fix p->mh_nbytes to maxbytes and
> also adjust the end block to pass sanity checks on free -- e.g. it
> should be considered as a lightweight inplace realloc.
> 
> I'm not sure we care enough to be honest and returning what is really
> usable feels like the simplest solution, what do you think?
> 

Thanks for your work tracking this down.


-- 
``The lyf so short, the craft so long to lerne.'' - Chaucer
                 ``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, UTech, CWRU    chet@case.edu    http://tiswww.cwru.edu/~chet/

[Prev in Thread]

Current Thread

[Next in Thread]

Re: Using systemd-249's libnss_systemd.so.2 triggers a crash in bash-5.1's malloc.c, (continued)

Prev by Date: Re: Using systemd-249's libnss_systemd.so.2 triggers a crash in bash-5.1's malloc.c
Next by Date: Incorrect LINENO with exported nested functions with loops
Previous by thread: Re: Using systemd-249's libnss_systemd.so.2 triggers a crash in bash-5.1's malloc.c
Next by thread: declare does not always set variable flags prior to assignment
Index(es):
- Date
- Thread