Description of problem: The potential exists for a null pointer dereference in pchild() sh.proc.c: 417 if (jobflags & PFOREGND) { 418 if (!(jobflags & (PSIGNALED | PSTOPPED | PPTIME) || 419 #ifdef notdef 420 jobflags & PAEXITED || 421 #endif /* notdef */ 422 !eq(dcwd->di_name, fp->p_cwd->di_name))) { Version-Release number of selected component (if applicable): tcsh-6.13-10_el4 Additional info: This was fixed upstream in tcsh-6.15.00: http://mx.gw.com/pipermail/tcsh/2007-September/003866.html Reference item #9: 9. Avoid null pointer dereference in proc cwd (Kurt Miller)
Created attachment 426410 [details] Proposed Patch Patched adapted from upstream by Takuma Umeya (tumeya)
Technical note added. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. New Contents: Under certain circumstances, a null pointer may have been incorrectly dereferenced, causing the tcsh shell to terminate unexpectedly. With this update, the pointer is now checked properly and tcsh no longer crashes.