"grep bug"

bug-gnu-utils

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

"grep bug"

From:	Olatunji Oluwabukunmi Ruwase
Subject:	"grep bug"
Date:	Thu, 24 Apr 2003 09:18:44 -0700 (PDT)

Hi,
 I came across what seems to be a bug in grep-2.5.1. The problem is the
result of memchr(which could be NULL) is passed to a pointer variable
"end", "end" is then incremented without checking whether or not it is
NULL. "end"(now 0x01) is finally used in a pointer difference operation.
 This following snippet from src/search.c:582 is the code
********************************************************
  end = memchr (beg + len, eol, (buf + size) - (beg + len));
  end++;
  while (buf < beg && beg[-1] != eol)
    --beg;
  *match_size = end - beg;
*********************************************************
 Running grep with the following command line triggers this situation
 echo " " | grep -F -e ''

This error was flagged by a dynamic bounds checking tool I am working on
while running the regression tests. I would appreciate if you could take a
look at it, to confirm it as a bug or some programming idiom in which case
my tool is generating false alarm
 Thank you

tunji

[Prev in Thread]

Current Thread

[Next in Thread]

"grep bug", Olatunji Oluwabukunmi Ruwase <=

Prev by Date: Returned mail: see transcript for details
Next by Date: 未承諾広告※　週間ニュース
Previous by thread: Returned mail--"Previous Page"
Next by thread: 未承諾広告※　週間ニュース
Index(es):
- Date
- Thread