[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: daily: vim problem again
|
From: |
Samuel Thibault |
|
Subject: |
Re: daily: vim problem again |
|
Date: |
Sun, 28 Feb 2021 11:11:26 +0100 |
|
User-agent: |
NeoMutt/20170609 (1.8.3) |
Paul Dufresne, le dim. 28 févr. 2021 01:01:10 -0500, a ecrit:
> #26 0x031e5fa4 in abort () at /lib/i386-gnu/libc.so.0.3
> #27 0x03279e6f in () at /lib/i386-gnu/libc.so.0.3
> #28 0x0328177d in () at /lib/i386-gnu/libc.so.0.3
> #29 0x03282bbd in () at /lib/i386-gnu/libc.so.0.3
> #30 0x0817f5f1 in vim_free (x=0x100a4e30) at misc2.c:1807
> #31 0x081232e5 in unix_expandpath (gap=0x4805234, path=0x100328c0 "Xdir/", 'd'
> <repeats 195 times>..., wildoff=773, flags=34, didstar=1) at filepath.c:3665
So this is trying to free buf() which was allocated at the beginning of
unix_expandpath with size STRLEN(path) + BASENAMELEN + 5. I guess that
length could simply be bogus, thus the overflow. It would then be useful
to check whether it's indeed long enough, by looking what is happening
to buf (and its aliases: p, s).
Samuel
- Re: daily: vim problem again, (continued)
- Re: daily: vim problem again, Samuel Thibault, 2021/02/27
- Re: daily: vim problem again, Paul Dufresne, 2021/02/26
- Re: daily: vim problem again, Jessica Clarke, 2021/02/26
- Re: daily: vim problem again, Paul Dufresne, 2021/02/26
- Re: daily: vim problem again Off Topic Praise, Joshua Branson, 2021/02/27
- Re: daily: vim problem again Off Topic Praise, Samuel Thibault, 2021/02/27
- Re: daily: vim problem again, Paul Dufresne, 2021/02/28
- Re: daily: vim problem again,
Samuel Thibault <=