[Bug 915387] New: less: crash while searching for non-matches
http://bugzilla.opensuse.org/show_bug.cgi?id=915387 Bug ID: 915387 Summary: less: crash while searching for non-matches Classification: openSUSE Product: openSUSE Factory Version: 201501* Hardware: x86-64 OS: All Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem Assignee: bnc-team-screening@forge.provo.novell.com Reporter: yuvalery@gmail.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:35.0) Gecko/20100101 Firefox/35.0 Build Identifier: There seems to be a problem in less when searching for non-matches (with /!). The problem can be detected by running in valgrind. It also crashes if compiled with make clean && make CFLAGS='-fPIE -fstack-protector -O2 -g' LDFLAGS='-pie' (it is a combination of flags openSUSE uses by default) Reproducible: Always Steps to Reproduce: 1. run "less somefile.txt" 2. type "/" and "!" then [Enter] Actual Results: Crash Expected Results: No crash The cause seems to be that *sp and *ep are not set to anything sensible for non-matches in pattern.c:match_pattern(), which results in hilite_line accessing some random memory. I'll attach a patch which sets highlight to the whole string if SRCH_NO_MATCH is active. Alternatively one can move *sp = *ep = NULL; to the top of the function (then non-matches will not be highlighted). -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=915387
--- Comment #1 from Valery Valery
http://bugzilla.opensuse.org/show_bug.cgi?id=915387
http://bugzilla.opensuse.org/show_bug.cgi?id=915387#c3
Vitezslav Cizek
There seems to be a problem in less when searching for non-matches (with /!). Reproducible: Always
Steps to Reproduce: 1. run "less somefile.txt" 2. type "/" and "!" then [Enter]
I can't reproduce it using these steps on neither 13.2 nor current Factory. Both contain less 458. Which less was the one you triggered the bug with?
The cause seems to be that *sp and *ep are not set to anything sensible for non-matches in pattern.c:match_pattern(), which results in hilite_line accessing some random memory.
I'll attach a patch which sets highlight to the whole string if SRCH_NO_MATCH is active. Alternatively one can move *sp = *ep = NULL; to the top of the function (then non-matches will not be highlighted).
(In reply to Valery Yundin from comment #2)
Upstream is working on it. Should be fixed in less-474.
I guess you discussed it with upstream, however the bug is not listed on the upstream bug list: http://www.greenwoodsoftware.com/less/bugs.html -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=915387
http://bugzilla.opensuse.org/show_bug.cgi?id=915387#c4
--- Comment #4 from Valery Yundin
http://bugzilla.opensuse.org/show_bug.cgi?id=915387
http://bugzilla.opensuse.org/show_bug.cgi?id=915387#c5
Vitezslav Cizek
http://bugzilla.opensuse.org/show_bug.cgi?id=915387
http://bugzilla.opensuse.org/show_bug.cgi?id=915387#c6
--- Comment #6 from Valery Yundin
http://bugzilla.opensuse.org/show_bug.cgi?id=915387
http://bugzilla.opensuse.org/show_bug.cgi?id=915387#c7
Vitezslav Cizek
http://bugzilla.opensuse.org/show_bug.cgi?id=915387
Vitezslav Cizek
participants (1)
-
bugzilla_noreply@novell.com