Mailing-List: contact cygwin-developers-help AT sourceware DOT cygnus DOT com; run by ezmlm
Sender: cygwin-developers-owner AT sourceware DOT cygnus DOT com
Delivered-To: mailing list cygwin-developers AT sourceware DOT cygnus DOT com
From: Chris Faylor <cgf AT cygnus DOT com>
Date: Mon, 17 May 1999 11:07:45 -0400
To: Egor Duda <deo AT logos-m DOT ru>
Cc: cygwin-developers <cygwin-developers AT sourceware DOT cygnus DOT com>
Subject: Re: spawn.cc patch
Message-ID: <19990517110745.B634@cygnus.com>
References: <9472 DOT 990517 AT logos-m DOT ru>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.95.3i
In-Reply-To: <9472.990517@logos-m.ru>; from Egor Duda on Mon, May 17, 1999 at 11:19:42AM +0400

On Mon, May 17, 1999 at 11:19:42AM +0400, Egor Duda wrote:
>the following patch to spawn.cc solves a problem with Configure script
>for  perl.  It  runs  meny  scripts  from itself and thus uses linebuf
>class  extensively.  In  case,  when  one_line.buf  ==  NULL,  issuing
>one_line.prepend  ("  ",1);  makes  buf  to be filled with garbage (no
>terminating '\0' and leads to heap corruption.
>
>========================================================================
>--- spawn.orig  Thu Apr 01 07:56:55 1999
>+++ spawn.cc    Mon May 17 11:11:26 1999
>@@ -213,8 +213,8 @@
>       buf = (char *) realloc (buf, alloc + 1);
>       buf[ix] = '\0';
>     }
>-  if ((buflen = strlen (buf)))
>-      memmove (buf + len, buf, buflen + 1);
>+  buflen = strlen (buf);
>+  memmove (buf + len, buf, buflen + 1);
>   memcpy (buf, what, len);
>   ix += len;
> }
>========================================================================

Thank you for the patch and the diagnosis.  I've applied a slightly
different fix to our tree (see below).  I think it should have the same
effect.

-chris

Index: spawn.cc
===================================================================
RCS file: /cvs/cvsfiles/devo/winsup/spawn.cc,v
retrieving revision 1.106
diff -u -p -r1.106 spawn.cc
--- spawn.cc    1999/04/01 03:56:55     1.106
+++ spawn.cc    1999/05/17 15:06:24
@@ -215,8 +215,10 @@ linebuf::prepend (const char *what, int 
     }
   if ((buflen = strlen (buf)))
       memmove (buf + len, buf, buflen + 1);
+  else
+      buf[newix] = '\0';
   memcpy (buf, what, len);
-  ix += len;
+  ix = newix;
 }
 
 int