Zsh Mailing List Archive
Messages sorted by: Reverse Date, Date, Thread, Author

Re: Buffer overflow in "!" handling?



DragonK wrote:
> > You're right, that's nasty. See if you can get it to happen with this...
> 
> I've applied the patch and it seems to work now; as far as I
> understand from the comments in mem.c, memory allocated with zhalloc()
> doesn't need to be explicitly free()d, right?

Yes, that's correct; the heap of memory is popped in one go when we
return to the top level of processing.  The hrealloc() is a bit of a
hack... we're not really reallocating heap most of the time, we're just
allocating more somewhere else, but from the API point of view it's the
simplest thing to do in the rare cases where we really need more than
256 words.

Thanks for looking.

-- 
Peter Stephenson <pws@xxxxxxx>                  Software Engineer
CSR PLC, Churchill House, Cambridge Business Park, Cowley Road
Cambridge, CB4 0WZ, UK                          Tel: +44 (0)1223 692070



Messages sorted by: Reverse Date, Date, Thread, Author