From owner-freebsd-bugs Thu Mar 13 13:00:05 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id NAA19900 for bugs-outgoing; Thu, 13 Mar 1997 13:00:05 -0800 (PST) Received: (from gnats@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id NAA19892; Thu, 13 Mar 1997 13:00:02 -0800 (PST) Date: Thu, 13 Mar 1997 13:00:02 -0800 (PST) Message-Id: <199703132100.NAA19892@freefall.freebsd.org> To: freebsd-bugs Cc: From: Gareth McCaughan Subject: Re: bin/2968: fmt dumps core on ^M Reply-To: Gareth McCaughan Sender: owner-bugs@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk The following reply was made to PR bin/2968; it has been noted by GNATS. From: Gareth McCaughan To: freebsd-bugs@freebsd.org Cc: Subject: Re: bin/2968: fmt dumps core on ^M Date: Thu, 13 Mar 1997 18:47:53 +0000 Robert Eckardt wrote: > fmt experiences Bus error when one tries to format > a text that contains ^M (CRs), i.e. e.g. from an > MSDOS system. Actually, that's not quite true. I think it only happens if you invoke it with a file whose first line contains only non-printing characters. The problem is caused by the fact that, when a line of this kind is seen, the |canonb| pointer may not get initialised; as a consequence the loop for (cp2--; cp2 >= canonb && *cp2 == ' '; cp2--) (before the start of which |cp2==canonb| in this situation) loses because pointers are compared as if they're unsigned. I believe the following patch fixes the problem. It certainly looks OK and repairs the test cases I've tried. ---------- patch begins ---------- *** fmt.c.orig Thu Mar 13 10:57:48 1997 --- fmt.c Thu Mar 13 18:43:13 1997 *************** *** 147,153 **** register char *cp, *cp2, cc; register int c, col; #define CHUNKSIZE 1024 ! static int lbufsize = 0, cbufsize = 0; if (center) { linebuf = malloc(BUFSIZ); --- 147,157 ---- register char *cp, *cp2, cc; register int c, col; #define CHUNKSIZE 1024 ! static int lbufsize = 0, cbufsize = CHUNKSIZE; ! ! canonb = malloc(CHUNKSIZE); ! if (canonb == 0) ! abort(); if (center) { linebuf = malloc(BUFSIZ); ----------- patch ends ----------- -- Gareth McCaughan Dept. of Pure Mathematics & Mathematical Statistics, gjm11@dpmms.cam.ac.uk Cambridge University, England.