GNU bug report logs - #7993
cut segmentation fault with unbounded ranges

Previous Next

Package: coreutils;

Reported by: Paul Marinescu <paul.marinescu <at> imperial.ac.uk>

Date: Sun, 6 Feb 2011 18:27:02 UTC

Severity: normal

Done: Jim Meyering <jim <at> meyering.net>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: help-debbugs <at> gnu.org (GNU bug Tracking System)
To: Jim Meyering <jim <at> meyering.net>
Cc: tracker <at> debbugs.gnu.org
Subject: bug#7993: closed (cut segmentation fault with unbounded ranges)
Date: Mon, 07 Feb 2011 07:37:01 +0000

[Message part 1 (text/plain, inline)]
Your message dated Mon, 07 Feb 2011 08:45:36 +0100
with message-id <87ei7kz3rz.fsf <at> meyering.net>
and subject line Re: bug#7993: Acknowledgement (cut segmentation fault with unbounded ranges)
has caused the GNU bug report #7993,
regarding cut segmentation fault with unbounded ranges
to be marked as done.

(If you believe you have received this mail in error, please contact
help-debbugs <at> gnu.org.)


-- 
7993: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=7993
GNU Bug Tracking System
Contact help-debbugs <at> gnu.org with problems

[Message part 2 (message/rfc822, inline)]
From: Paul Marinescu <paul.marinescu <at> imperial.ac.uk>
To: bug-coreutils <at> gnu.org
Subject: cut segmentation fault with unbounded ranges
Date: Sun, 06 Feb 2011 18:20:11 +0000

In coreutils 8.9 (latest), the following commands trigger an invalid
memory access.

cut -c1234567890- --output-d=: foo
cut -f1234567890- --output-d=: foo
cut -b1234567890- --output-d=: foo

The number 1234567890 is just a random number 'big enough' to make the
invalid access generate a segmentation fault but the invalid access
happens for values as low as 8 (valgrind)

The problem is that ranges going to end of line (i.e., 'x-') are not
taken into account when calculating the size of the printable_field
vector, but their lower bound is used as an index on line 525:

  if (output_delimiter_specified
      && !complement
      && eol_range_start && !is_printable_field (eol_range_start))


Paul



[Message part 3 (message/rfc822, inline)]
From: Jim Meyering <jim <at> meyering.net>
To: Paul Marinescu <paul.marinescu <at> imperial.ac.uk>
Cc: 7993-done <at> debbugs.gnu.org
Subject: Re: bug#7993: Acknowledgement (cut segmentation fault with unbounded
	ranges)
Date: Mon, 07 Feb 2011 08:45:36 +0100

> Please ignore this. It's a duplicate submission of bug# 7992

Ok.  marking it closed.
This bug report was last modified 14 years and 109 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.