Zsh Mailing List Archive Messages sorted by: Reverse Date, Date, Thread, Author

Re: Warnings in compctl

X-seq: zsh-workers 42760
From: Oliver Kiddle <okiddle@xxxxxxxxxxx>
To: zsh-workers@xxxxxxx
Subject: Re: Warnings in compctl
Date: Sat, 12 May 2018 12:29:16 +0200
Authentication-results: amavisd4.gkg.net (amavisd-new); dkim=pass (2048-bit key) header.d=yahoo.co.uk
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.co.uk; s=s2048; t=1526120958; bh=6iJ/7jQnmicZu6w+zB0jnTapv8iX8ZfXlMJ7uhjsOyo=; h=From:References:To:Subject:Date:From:Subject; b=pQuloPhw4X8FXB/bDSrGkoFxnruPH/PLu02N9hNoBt+kUGsY70v+CSIljzhwB1n+2iG3kBFF0sPeR0Feh7b358jmJVITcg2b87TFrBIlDASaBvJhu7XTu7LUDl+MP9Qr8P+gjfMTyt848Z6UqnQ4nq6Mbd0dpynlQj72jmvSmkshFCF9+eqszurMWM60h/5BKo4AJyAIxBMRXAYZZEPmZZtF3FjJDImAxIlREVs496nRN3P00ykKdaKTYL3jSurh3CvwhcFiSw9XdyP9Ew5NZ+OpAYUV/a9VyybBYumXhtF9pvhz8utCZhaRCWIemCNZy55d3jf5PC5TeYfilOfFvA==
In-reply-to: <46F08EE7-DA1F-49E5-8E74-4D519E47ACBD@kba.biglobe.ne.jp>
List-help: <mailto:zsh-workers-help@zsh.org>
List-id: Zsh Workers List <zsh-workers.zsh.org>
List-post: <mailto:zsh-workers@zsh.org>
List-unsubscribe: <mailto:zsh-workers-unsubscribe@zsh.org>
Mailing-list: contact zsh-workers-help@xxxxxxx; run by ezmlm
References: <CGME20180321101631eucas1p281904e89d2bc29ef8fa0c3c0aa6b06d6@eucas1p2.samsung.com> <20180321101630.511442a9@camnpupstephen.cam.scsc.local> <46F08EE7-DA1F-49E5-8E74-4D519E47ACBD@kba.biglobe.ne.jp>

On 23 Mar, Jun T wrote:
> Three more files (complete.c, computil.c, zle_thingy.c) have the same
> "off the front" pointer assignments; these are detected by
> "clang -Warray-bounds-pointer-arithmetic".

One of these changes now triggers stack-use-after-scope in the address
sanitizer because skip_this_arg is declared inside the while loop but is
accessed in the while loop's condition.

Oliver

diff --git a/Src/Zle/zle_thingy.c b/Src/Zle/zle_thingy.c
index 5601c1178..6b892b822 100644
--- a/Src/Zle/zle_thingy.c
+++ b/Src/Zle/zle_thingy.c
@@ -725,13 +725,13 @@ bin_zle_call(char *name, char **args, UNUSED(Options ops), UNUSED(char func))
 	remetafy = 0;
 
     while (*args && **args == '-') {
+	char skip_this_arg[2] = "x";
 	char *num;
 	if (!args[0][1] || args[0][1] == '-') {
 	    args++;
 	    break;
 	}
 	while (*++(*args)) {
-	    char skip_this_arg[2] = "x";
 	    switch (**args) {
 	    case 'n':
 		num = args[0][1] ? args[0]+1 : args[1];

References:
- Warnings in compctl
  - From: Peter Stephenson
- Re: Warnings in compctl
  - From: Jun T

Messages sorted by: Reverse Date, Date, Thread, Author