[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Bug#192537: sort segfaults with argv[0] = NULL
From: |
Jim Meyering |
Subject: |
Re: Bug#192537: sort segfaults with argv[0] = NULL |
Date: |
Fri, 09 May 2003 10:51:56 +0200 |
Thank you for the report.
I've included a patch for that below.
Be aware that although the patched sort appears to work
in your unusual case with this patch, if it fails for any
reason (I/O error, inaccessible input file, invalid options)
it will give a diagnostic that tries to dereference the NULL argv[0].
I'm curious as to what prompted you to find this problem.
Do you have an application that tries to do useful work
with a NULL argv[0] pointer?
You're probably already aware that very many programs assume that
`argc' is always 1 or larger, and hence dereference argv[0]
unconditionally.
* src/sort.c (main): Don't overrun array bound if argc is 0.
That would happen when invoked via: execl ("/usr/bin/sort", NULL);
Reported by Wartan Hachaturow.
Index: src/sort.c
===================================================================
RCS file: /fetish/cu/src/sort.c,v
retrieving revision 1.250
diff -u -p -u -p -r1.250 sort.c
--- src/sort.c 11 Apr 2003 10:51:56 -0000 1.250
+++ src/sort.c 9 May 2003 08:32:54 -0000
@@ -2265,7 +2265,7 @@ main (int argc, char **argv)
long_options, NULL))
== -1))
{
- if (optind == argc)
+ if (argc < optind)
break;
files[nfiles++] = argv[optind++];
}
Wartan Hachaturow <address@hidden> wrote:
> Package: coreutils
> Version: 5.0-1
> Severity: normal
> Tags: upstream
>
> execl("/usr/bin/sort", NULL) leads to a segfault at line 2270 of
> sort.c.
...
- Re: Bug#192537: sort segfaults with argv[0] = NULL,
Jim Meyering <=