[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Segmentation Fault on Exported Resursively Expanded Variable
|
From: |
Henrik Carlqvist |
|
Subject: |
Re: Segmentation Fault on Exported Resursively Expanded Variable |
|
Date: |
Wed, 17 Jan 2024 07:24:43 +0100 |
On Tue, 16 Jan 2024 20:53:19 +0200
Eli Zaretskii <eliz@gnu.org> wrote:
> From: Henrik Carlqvist <hc981@poolhem.se>
> > On Tue, 16 Jan 2024 06:59:30 +0000
> > MIAOW Miao <guoyr_2013@hotmail.com> wrote:
> > > if ((*ep)[nl] == '=' && strncmp (*ep, v->name, nl) == 0)
> >
> > Looking at that line, the rather obvious fix would be to change it to:
> >
> > if (strncmp (*ep, v->name, nl) == 0 && (*ep)[nl] == '=')
> >
> > That way, *ep can be no shorter than having \0 at position nl and
> > accessing that position should not cause any segfault.
>
> But it's less efficient when the (*ep)[nl] == '=' test fails.
Yes, that is true, but to avoid a possible segfault it is necessary to somehow
check that (*ep)[nl] is a valid address. The current fix at
https://savannah.gnu.org/bugs/index.php?65172 also works fine, but also that
fix might be even less efficient as strlen will read every char up to and
including \0 in *ep.
regards Henrik
Re: Segmentation Fault on Exported Resursively Expanded Variable, Dmitry Goncharov, 2024/01/15
Re: Segmentation Fault on Exported Resursively Expanded Variable, Dmitry Goncharov, 2024/01/16