Bug 220312

Description of problem:

The /bin/cut command core dumps when used to search multiple files for a
non-existent field...

# create 2 files with 1 field apiece
echo 1 > a
echo 1 > b
cut -f1 *    # works
cut -f1- *   # works
cut -f2 *    # works
cut -f2- a   # works, although there is only 1 field in the file
cut -f2- a b # fails (see below)

> cut -f2- *
1
1
*** glibc detected *** cut: double free or corruption (fasttop): 0x09fce1b0 ***
======= Backtrace: =========
/lib/libc.so.6[0x41a34efd]
/lib/libc.so.6(cfree+0x90)[0x41a38550]
cut[0x8049ec2]
cut[0x804a8f4]
/lib/libc.so.6(__libc_start_main+0xdc)[0x419e4f2c]
cut[0x8048d81]
======= Memory map: ========
0090c000-0090d000 r-xp 0090c000 00:00 0          [vdso]
08048000-08050000 r-xp 00000000 fd:00 98354      /bin/cut
08050000-08051000 rwxp 00007000 fd:00 98354      /bin/cut
09fce000-09fef000 rwxp 09fce000 00:00 0 
41000000-41019000 r-xp 00000000 fd:00 196673     /lib/ld-2.5.so
41019000-4101a000 r-xp 00018000 fd:00 196673     /lib/ld-2.5.so
4101a000-4101b000 rwxp 00019000 fd:00 196673     /lib/ld-2.5.so
419cf000-41b06000 r-xp 00000000 fd:00 196679     /lib/libc-2.5.so
41b06000-41b08000 r-xp 00137000 fd:00 196679     /lib/libc-2.5.so
41b08000-41b09000 rwxp 00139000 fd:00 196679     /lib/libc-2.5.so
41b09000-41b0c000 rwxp 41b09000 00:00 0 
41ddc000-41de7000 r-xp 00000000 fd:00 196690     /lib/libgcc_s-4.1.1-20061011.so.1
41de7000-41de8000 rwxp 0000a000 fd:00 196690     /lib/libgcc_s-4.1.1-20061011.so.1
b7e00000-b7e21000 rw-p b7e00000 00:00 0 
b7e21000-b7f00000 ---p b7e21000 00:00 0 
b7f5c000-b7f5d000 rw-p b7f5c000 00:00 0 
b7f81000-b7f84000 rw-p b7f81000 00:00 0 
bfbce000-bfbe3000 rw-p bfbce000 00:00 0          [stack]
Aborted (core dumped)
> gdb cut core.26041 
GNU gdb Red Hat Linux (6.5-15.fc6rh)
Copyright (C) 2006 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-redhat-linux-gnu"...(no debugging symbols found)
Using host libthread_db library "/lib/libthread_db.so.1".


warning: Can't read pathname for load map: Input/output error.
Reading symbols from /lib/libc.so.6...(no debugging symbols found)...done.
Loaded symbols for /lib/libc.so.6
Reading symbols from /lib/ld-linux.so.2...(no debugging symbols found)...done.
Loaded symbols for /lib/ld-linux.so.2
Reading symbols from /lib/libgcc_s.so.1...
(no debugging symbols found)...done.
Loaded symbols for /lib/libgcc_s.so.1
Failed to read a valid object file image from memory.
Core was generated by `cut -f2- a b'.
Program terminated with signal 6, Aborted.
#0  0x0090c402 in ?? ()
(gdb) where
#0  0x0090c402 in ?? ()
#1  0x419f7d40 in raise () from /lib/libc.so.6
#2  0x419f9591 in abort () from /lib/libc.so.6
#3  0x41a2d18b in __libc_message () from /lib/libc.so.6
#4  0x41a34efd in _int_free () from /lib/libc.so.6
#5  0x41a38550 in free () from /lib/libc.so.6
#6  0x08049ec2 in ?? ()
#7  0x0804a8f4 in ?? ()
#8  0x419e4f2c in __libc_start_main () from /lib/libc.so.6
#9  0x08048d81 in ?? ()


Version-Release number of selected component (if applicable):

coreutils-5.97-12.2.fc6

How reproducible:

Every time

Steps to Reproduce:
1. echo 1 > a;echo 1 > b
2. cut -f2- a b
  
Actual results:

core dump.

Expected results:

No core dump.

Additional info: