GNU bug report logs - #6378
all-completions Segfault

Previous Next

Package: emacs;

Reported by: Nathan Weizenbaum <nex342 <at> gmail.com>

Date: Tue, 8 Jun 2010 15:48:02 UTC

Severity: normal

Done: Juanma Barranquero <lekktu <at> gmail.com>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Juanma Barranquero <lekktu <at> gmail.com>
To: Nathan Weizenbaum <nex342 <at> gmail.com>
Cc: 6378 <at> debbugs.gnu.org
Subject: bug#6378: all-completions Segfault
Date: Tue, 8 Jun 2010 18:41:07 +0200

On Tue, Jun 8, 2010 at 17:46, Nathan Weizenbaum <nex342 <at> gmail.com> wrote:

>   (all-completions "" [])
>
> I think the problem is on line 1593 of src/minibuf.c, but my
> Emacs-innards-fu isn't good enough to attempt a fix.

minibuf.c:1617, at this code:

	      if (XSYMBOL (bucket)->next)

because bucket has been assigned random junk from the nonexistent item
at position 0 in COLLECTION.

It should be fixed with the attached patch.

    Juanma


2010-06-08  Juanma Barranquero  <lekktu <at> gmail.com>

	* minibuf.c (Fall_completions): Check COLLECTION's size.  (Bug#6378)


=== modified file 'src/minibuf.c'
--- src/minibuf.c	2010-01-13 08:35:10 +0000
+++ src/minibuf.c	2010-06-08 16:34:41 +0000
@@ -1591,5 +1591,5 @@
     {
       obsize = XVECTOR (collection)->size;
-      bucket = XVECTOR (collection)->contents[index];
+      bucket = obsize ? XVECTOR (collection)->contents[index] : zero;
     }

This bug report was last modified 15 years and 48 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #6378 all-completions Segfault

GNU bug report logs - #6378
all-completions Segfault