Date: Thu, 03 Nov 2022 06:28:31 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 267537] contrib/nvi: Fix core dump when tags file pattern has a trailing '\' Message-ID: <bug-267537-227@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D267537 Bug ID: 267537 Summary: contrib/nvi: Fix core dump when tags file pattern has a trailing '\' Product: Base System Version: CURRENT Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: bin Assignee: bugs@FreeBSD.org Reporter: leres@freebsd.org If you create a tags file of a macro that ends with a '\' and tag for it, vi dumps core. For example: zinc 76 % cat test.h #define LATIN2PLAIN(ch) (((u_char)ch) >=3D 0x80 ? \ pgm_read_byte_far(pgm_get_far_address(latin2plain) + \ (((u_char)ch) - 0x80)) : (isprint(ch) ? (ch) : '_')) zinc 77 % ctags test.h zinc 78 % vi -t LATIN2PLAIN Segmentation fault The problem is that the loop variable is unsigned (size_t) and it gets decremented twice: 1 -> 0 -> 4294967295 Here's the pull request that solves it for the github fork that the editors/nvi2 port uses: https://github.com/lichray/nvi2/pull/111 --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-267537-227>