From owner-freebsd-bugs  Mon May 29 18:57:16 1995
Return-Path: bugs-owner
Received: (from majordom@localhost)
          by freefall.cdrom.com (8.6.10/8.6.6) id SAA01261
          for bugs-outgoing; Mon, 29 May 1995 18:57:16 -0700
Received: (from gnats@localhost)
          by freefall.cdrom.com (8.6.10/8.6.6) id OAA08521
          ; Mon, 29 May 1995 14:50:00 -0700
Date: Mon, 29 May 1995 14:50:00 -0700
Message-Id: <199505292150.OAA08521@freefall.cdrom.com>
From: phk@FreeBSD.org
Reply-To: phk@FreeBSD.org
To: freebsd-bugs
Subject: bin/457: possible csh bug
In-Reply-To: Your message of Mon, 29 May 1995 14:41:41 -0700
	<199505292141.OAA03621@critter.tfs.com>
Sender: bugs-owner@FreeBSD.org
Precedence: bulk


>Number:         457
>Category:       bin
>Synopsis:       We may have an obscure csh bug
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs (FreeBSD bugs mailing list)
>State:          open
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon May 29 14:50:00 1995
>Originator:     Poul-Henning Kamp
>Organization:
>Release:        FreeBSD BUILT-19950423 i386
>Environment:

	unknown

>Description:

 /usr/bin/csh sometimes corrupts its own address
 space [[ malloc()ed memory ]] when the argument
 to the built-in cd command ends in a slash.
 Such corruption happens to the first slash in
 malloc()ed memory that follows the NULL-terminating
 byte of the directory-name if-and-only-if there is
 no NULL-byte between the directory-name
 NULL-terminator and the slash.
 This bug becomes evident to the users when the value
 of an environment variable which contains the slash
 character becomes truncated at the slash.
 This very old bug was inherited from BSD-csh and
 it exist in all BSD-based versions of the csh.

>How-To-Repeat:

	Unknown

>Fix:
	
	Unknown

>Audit-Trail:
>Unformatted: