Bug 430955 - sr# 1796722 : ksh segaults on nget_optindex
Summary: sr# 1796722 : ksh segaults on nget_optindex
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: ksh
Version: 5.1
Hardware: All
OS: Linux
medium
medium
Target Milestone: rc
: ---
Assignee: Tomas Smetana
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks: 391501
TreeView+ depends on / blocked
 
Reported: 2008-01-30 19:33 UTC by Alan Matsuoka
Modified: 2018-10-20 00:15 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2009-01-20 20:32:29 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)
patch from from https://bugzilla.redhat.com/show_bug.cgi?id=430602#c7 (539 bytes, text/x-patch)
2008-01-30 19:33 UTC, Alan Matsuoka
no flags Details


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2009:0058 0 normal SHIPPED_LIVE ksh bug fix and enhancement update 2009-01-20 15:21:45 UTC

Description Alan Matsuoka 2008-01-30 19:33:09 UTC
Description of problem:
ksh segfaults

How reproducible:
always

Steps to Reproduce:
$ uname -i
x86_64

$ cat o
unset VAR
echo ${VAR}

$ ksh o

Actual results:
ksh segfaults

Expected results:
ksh should not segafult

Additional info:

Program received signal SIGSEGV, Segmentation fault.
0x0805248a in nget_optindex (np=0x8149184, fp=0x8148ad4) at
/usr/src/debug/ksh-20060214/src/cmd/ksh93/sh/init.c:241
241     {
(gdb) bt
#0  0x0805248a in nget_optindex (np=0x8149184, fp=0x8148ad4) at
/usr/src/debug/ksh-20060214/src/cmd/ksh93/sh/init.c:241
#1  0x08065f09 in nv_getval (np=0x8148ad4) at
/usr/src/debug/ksh-20060214/src/cmd/ksh93/sh/name.c:1630
#2  0x08062992 in varsub (mp=0x8140088) at
/usr/src/debug/ksh-20060214/src/cmd/ksh93/sh/macro.c:1103
#3  0x08061bcf in copyto (mp=0x8140088, endch=0, newquote=<value optimized out>)
at /usr/src/debug/ksh-20060214/src/cmd/ksh93/sh/macro.c:485
#4  0x08064bc9 in sh_macexpand (argp=0x8147a28, arghead=0xfff36678, flag=0) at
/usr/src/debug/ksh-20060214/src/cmd/ksh93/sh/macro.c:221
#5  0x08091a53 in sh_argbuild (nargs=0xfff369b0, comptr=0x8147a08, flag=0) at
/usr/src/debug/ksh-20060214/src/cmd/ksh93/sh/args.c:832
#6  0x08076e1e in sh_exec (t=0x8147a08, flags=<value optimized out>) at
/usr/src/debug/ksh-20060214/src/cmd/ksh93/sh/xec.c:596
#7  0x0804c610 in exfile ()
#8  0x0804bca3 in sh_main ()
#9  0x0804b10e in main (argc=Cannot access memory at address 0x0
) at /usr/src/debug/ksh-20060214/src/cmd/ksh93/sh/pmain.c:29
#10 0x0033adec in __libc_start_main () from /lib/libc.so.6
#11 0x0804b011 in _start ()
(gdb)

Comment 1 Alan Matsuoka 2008-01-30 19:33:10 UTC
Created attachment 293472 [details]
patch from from https://bugzilla.redhat.com/show_bug.cgi?id=430602#c7

Comment 2 Tomas Smetana 2008-01-31 07:18:00 UTC
The reproducer is wrong:  This happens only with the OPTIND variable:

unset OPTIND
echo ${OPTIND}

I have already talked to product management and we agreed that ksh will be
rebased in 5.3.  Since the bug was reported upstream I expect it's going to be
fixed in the new upstream ksh as well.

Comment 5 RHEL Program Management 2008-03-12 17:18:42 UTC
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update
release.

Comment 17 errata-xmlrpc 2009-01-20 20:32:29 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2009-0058.html


Note You need to log in before you can comment on or make changes to this bug.