From eran at leshem.life Wed Apr 7 01:04:59 2021 From: eran at leshem.life (Eran Leshem) Date: Wed, 7 Apr 2021 04:04:59 +0300 Subject: [Tcsh] change in head/tail handling in tcsh-6.22.03 Message-ID: <01e501d72b4a$095d6950$1c183bf0$@leshem.life> Is there a plan to release 6.22.04 with a fix to this regression? Thanks Eran -------------- next part -------------- An HTML attachment was scrubbed... URL: From christos at zoulas.com Thu Apr 8 21:22:42 2021 From: christos at zoulas.com (Christos Zoulas) Date: Thu, 8 Apr 2021 17:22:42 -0400 Subject: [Tcsh] change in head/tail handling in tcsh-6.22.03 In-Reply-To: <01e501d72b4a$095d6950$1c183bf0$@leshem.life> References: <01e501d72b4a$095d6950$1c183bf0$@leshem.life> Message-ID: <31F7CD08-8A2B-4F34-BC8B-242F79943376@zoulas.com> Yes, but let me make sure that nothing else is broken on head first :-) christos > On Apr 6, 2021, at 9:04 PM, Eran Leshem wrote: > > Is there a plan to release 6.22.04 with a fix to this regression? > > Thanks > Eran > > > -- > Tcsh mailing list > Tcsh at astron.com > https://mailman.astron.com/mailman/listinfo/tcsh > -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 235 bytes Desc: Message signed with OpenPGP URL: From walt at drummond.us Sat Apr 17 16:03:58 2021 From: walt at drummond.us (Walt Drummond) Date: Sat, 17 Apr 2021 09:03:58 -0700 Subject: [Tcsh] PATCH: don't walk of the end of mesg[] on signal receipt Message-ID: There is a remote possibility of a crash in tcsh when: - a process is running in either foreground or background, and - the kernel delivers a signal to the process where the default action is to coredump AND the signal number sent is greater than NSIG (ie, the kernel has more signals than user space, or an old tcsh is running on a newer kernel). In this case, tcsh will walk off the end of mesg[]. The small patch below (and attached in case Gmail mucks with the formatting) avoids this possibility by checking the signal number sent against NSIG before indexing mesg[]. --Walt --------------------------------- diff -ru tcsh-6.22.03/sh.proc.c tcsh-6.22.03-sigfix/sh.proc.c --- tcsh-6.22.03/sh.proc.c 2020-11-18 09:34:01.000000000 -0800 +++ tcsh-6.22.03-sigfix/sh.proc.c 2021-04-17 07:14:33.485857299 -0700 @@ -1100,7 +1100,9 @@ int free_ptr; free_ptr = 0; - ptr = (char *)(intptr_t)mesg[pp->p_reason & 0177].pname; + ptr = NULL; + if (pp->p_reason & 0177 <= NSIG) + ptr = (char *)(intptr_t)mesg[pp->p_reason & 0177].pname; if (ptr == NULL) { ptr = xasprintf("%s %d", CGETS(17, 5, "Signal"), pp->p_reason & 0177); -------------- next part -------------- A non-text attachment was scrubbed... Name: tcsh.patch Type: text/x-patch Size: 544 bytes Desc: not available URL: