[Toybox] grep doesn't allocate enough space
William Haddon
william at haddonthethird.net
Mon Oct 21 14:10:32 PDT 2013
Grep miscalculates the amount of memory it needs to allocate when
"converting strings to one big regex" when the -e flag is not
specified. Since in this case "\|" is inserted between strings rather
than "|", two extra bytes rather than one need to be provided for each
string. I noticed this because it caused grep to seg-fault on musl when
a regex of exactly seven characters is provided. I've included the
patch to fix it below.
William Haddon
diff -rupN toybox-0.4.6/toys/posix/grep.c src/toys/posix/grep.c
--- toybox-0.4.6/toys/posix/grep.c 2013-09-11 17:09:53.000000000
+0000
+++ src/toys/posix/grep.c 2013-10-21 20:52:24.000000000 +0000
@@ -212,7 +212,8 @@ static void parse_regex(void)
// Convert strings to one big regex
if (w) len = 36;
- for (al = TT.e; al; al = al->next) len += strlen(al->arg)+1;
+ for (al = TT.e; al; al = al->next)
+ len += strlen(al->arg)+1+!(toys.optflags & FLAG_E);
regstr = s = xmalloc(len);
if (w) s = stpcpy(s, "(^|[^_[:alnum:]])(");
1382389832.0
More information about the Toybox
mailing list