Comment # 5 on bug 1214249 from Jiri Slaby 
(In reply to Jiri Slaby from comment #4)
> (In reply to Dominique Leuenberger from comment #3)
> > (In reply to Jiri Slaby from comment #1)
> > > 
> > > Provided it comes from parse_merge_name():
> > > 602             static char buf[MAXPATHLEN];
> > > ...
> > > 653             return buf;
> > > 
> > 
> > according to valgrind it comes from setup_merge_file (exclude.c:737)
> 
> Which obtains the buffer from parse_merge_name() above -- see line 693 -- if
> I am looking correctly?

But you gave me a hint. I didn't study the code in between the crash and
parse_merge_name() before. Now I have. Well, the buffer pointer might be
incremented and that means the MAXPATHLEN in
  strlcpy(y, save, MAXPATHLEN);
is not be correct in that case. I.e. 'y' might not equal 'buf' from the above
and can point to the middle of 'buf', right?

You are receiving this mail because: