Bug 45685
Summary: | Incomplete/broken MBS_SUPPORT in regexp.c | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | [Retired] Red Hat Raw Hide | Reporter: | Leonid Kanter <leon> | ||||||
Component: | glibc | Assignee: | Jakub Jelinek <jakub> | ||||||
Status: | CLOSED RAWHIDE | QA Contact: | Aaron Brown <abrown> | ||||||
Severity: | medium | Docs Contact: | |||||||
Priority: | medium | ||||||||
Version: | 1.0 | CC: | drepper, ekanter, fweimer | ||||||
Target Milestone: | --- | ||||||||
Target Release: | --- | ||||||||
Hardware: | i386 | ||||||||
OS: | Linux | ||||||||
Whiteboard: | |||||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||||
Doc Text: | Story Points: | --- | |||||||
Clone Of: | Environment: | ||||||||
Last Closed: | 2001-06-29 16:03:04 UTC | Type: | --- | ||||||
Regression: | --- | Mount Type: | --- | ||||||
Documentation: | --- | CRM: | |||||||
Verified Versions: | Category: | --- | |||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||
Embargoed: | |||||||||
Attachments: |
|
Description
Leonid Kanter
2001-06-24 18:15:41 UTC
Created attachment 21666 [details]
this test program dumps core on glibc with MBS_SUPPORT
Created attachment 21667 [details]
Modified test program that run OK.
one more attempt to submit 8-bit string to bugzilla: LC_ALL=en_US.ISO8859-1 egrep -i '?[???]' /etc/passwd From the code example in this bug example is not clear how regex_compile treats its arguments differently. Further down in the code one can see that cpattern is actually expected in wchar_t format, csize is ignored and real size computed from scratch and bufp also returned with wchar_t format. Again, no call to regex_compile is changed, thus creating problems to unsuspecting regex users. Even if patch is made for good purpose it is extremely strange to define function arguments as const char * and process them as const wchar_t * .... There is a bug, but not where you think. If you read the code carefully, you'll notice that arguments to regex_compile is really const char *, not wchar_t *, a multi-byte string and regex_compile converts that internally using convert_mbs_to_wc to wide string. The bug is that convert_mbs_to_wc optimizes for MB_CUR_MAX == 1 by skipping mbrtowc conversion (only sign extends into wchar_t), but when computing fastmap truncate_wchar does not check MB_CUR_MAX == 1. Since June, 18th, glibc's regex.c does things differently (it is compiled three times, once for MB_CUR_MAX==1, once for MB_CUR_MAX > 1 and once glue code which picks up the right implementation, so this bug should supposedly be fixed already. Am just building current CVS snapshot to see if that's the case. The post-2001-06-18 regex.c code seems to fix it as I've expected. 2.2.3-12 solves the problem. But there is another problem in this rpm. I tried to rebuild glibc-2.2.3-12 for target=i686 on a box running kernel 2.2.19 and found that patch glibc-kernel-2.4.patch is already applied to glibc tarball. ..... + /bin/chmod -Rf a+rX,g-w,o-w . ++ uname -r + echo 'Patch #0 (glibc-kernel-2.4.patch):' Patch #0 (glibc-kernel-2.4.patch): + patch -p1 -s Reversed (or previously applied) patch detected! Assume -R? [n] Yep, that's a bug which will be fixed in glibc-2.2.3-13 (together with regex fixes for multi-byte character sets). |