1055409 – clear_history cause segfault.

Bug 1055409 - clear_history cause segfault.

Summary: clear_history cause segfault.

Keywords:
Status:	CLOSED RAWHIDE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	libedit
Sub Component:
Version:	rawhide
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Kamil Dudka
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2014-01-20 08:06 UTC by Remi Collet
Modified:	2014-01-21 14:36 UTC (History)
CC List:	3 users (show)
Fixed In Version:	libedit-3.1-4.20130712cvs.fc21
Clone Of:
Environment:
Last Closed:	2014-01-21 14:36:59 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Remi Collet 2014-01-20 08:06:07 UTC

Simple test script, raising the segfault:

#include <editline/readline.h>
int main (int argc, char *argv[]) {
  clear_history();
  return 0;
}

Of course using_history() should be called first.

On PHP side, calling using_history during module init is not perfect as it raise some issue: https://bugs.php.net/65714

Studying libedit code, each *_history function start with a check (eq to using_history function)

        if (h == NULL || e == NULL)
                rl_initialize();

The clear_history is the only function where this check is missing.
Of course, this have be workaround in php, https://bugs.php.net/66412

I think it will be more secure to add this check.

Comment 1 Kamil Dudka 2014-01-21 13:22:20 UTC

Thanks!  I have forwarded your proposal to libedit upstream as a patch.

Comment 2 Kamil Dudka 2014-01-21 14:36:59 UTC

fixed in libedit-3.1-4.20130712cvs.fc21

Note You need to log in before you can comment on or make changes to this bug.