From owner-freebsd-bugs  Mon Oct 20 07:40:04 1997
Return-Path: <owner-freebsd-bugs>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id HAA26333
          for bugs-outgoing; Mon, 20 Oct 1997 07:40:04 -0700 (PDT)
          (envelope-from owner-freebsd-bugs)
Received: (from gnats@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id HAA26302;
          Mon, 20 Oct 1997 07:40:01 -0700 (PDT)
          (envelope-from gnats)
Resent-Date: Mon, 20 Oct 1997 07:40:01 -0700 (PDT)
Resent-Message-Id: <199710201440.HAA26302@hub.freebsd.org>
Resent-From: gnats (GNATS Management)
Resent-To: freebsd-bugs
Resent-Reply-To: FreeBSD-gnats@FreeBSD.ORG, shigio@wafu.netgate.net
Received: from wafu.netgate.net (wafu.netgate.net [204.145.147.80])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id HAA25789
          for <FreeBSD-gnats-submit@freebsd.org>; Mon, 20 Oct 1997 07:31:51 -0700 (PDT)
          (envelope-from shigio@wafu.netgate.net)
Received: from chiota.signet.or.jp (INS150.tama.dti.ne.jp [210.159.144.104]) by wafu.netgate.net (8.7.5/8.7.3) with ESMTP id GAA16658 for <FreeBSD-gnats-submit@freebsd.org>; Mon, 20 Oct 1997 06:32:23 GMT
Received: (from shigio@localhost) by chiota.signet.or.jp (8.8.5/) id VAA22112; Mon, 20 Oct 1997 21:30:05 +0900 (JST)
Message-Id: <199710200632.GAA16658@wafu.netgate.net>
Date: Mon, 20 Oct 1997 21:30:05 +0900 (JST)
From: shigio@wafu.netgate.net
Reply-To: shigio@wafu.netgate.net
To: FreeBSD-gnats-submit@FreeBSD.ORG
X-Send-Pr-Version: 3.2
Subject: misc/4812: ctags(1) write to buffer beyond the end of it.
Sender: owner-freebsd-bugs@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk


>Number:         4812
>Category:       misc
>Synopsis:       ctags(1) write to buffer beyond the end of it.
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Oct 20 07:40:00 PDT 1997
>Last-Modified:
>Originator:     Shigio Yamaguchi
>Organization:
Freelance programmer
>Release:        FreeBSD 2.2.2-RELEASE i386
>Environment:

	All environment

>Description:

	Ctags write to buffer beyond the end of it when the source file
	doesn't end with '\n'. It brings segmentation fault.

>How-To-Repeat:

	% echo -n 'main(){}' > main.c
	% ctags -x main.c
	Segmentation fault (core dumped)

>Fix:

	[/usr/src/usr.bin/ctags/print.c]

	*** print.c.org	Mon Oct 20 19:16:43 1997
	--- print.c	Mon Oct 20 19:40:27 1997
	***************
	*** 59,65 ****
		saveftell = ftell(inf);
		(void)fseek(inf, lineftell, L_SET);
		if (xflag)
	! 		for (cp = lbuf; GETC(!=, '\n'); *cp++ = c)
				continue;
		/*
		 * do all processing here, so we don't step through the
	--- 59,65 ----
		saveftell = ftell(inf);
		(void)fseek(inf, lineftell, L_SET);
		if (xflag)
	! 		for (cp = lbuf; GETC(!=, EOF) && c != '\n'; *cp++ = c)
				continue;
		/*
		 * do all processing here, so we don't step through the
>Audit-Trail:
>Unformatted: