Re: history-search-* and undo lists

bug-bash

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: history-search-* and undo lists

From:	Grisha Levit
Subject:	Re: history-search-* and undo lists
Date:	Thu, 12 Dec 2024 14:07:28 -0500

On Mon, Dec 2, 2024 at 1:56 PM Chet Ramey <chet.ramey@case.edu> wrote:
>
> On 11/18/24 10:22 PM, Grisha Levit wrote:
> > But here's a remaining one in combination with history-expand-line:
>
> Thanks for the report. I'm not sure what to do about this one yet.
>
> >
> > HISTFILE= INPUTRC=/ bash --norc -in <<< \
> > $'X\n\e[A!X\e^\e[A'
> > =================================================================
> > ERROR: LeakSanitizer: detected memory leaks
>
>
> There will be a fix for the use-after-free problem in the next devel
> branch push.

FWIW there's still a use-after-free with something like:

HISTFILE= INPUTRC=/ bash --norc -in <<< $'X\n\cPX\cR\n!\e3X\e^\n\cP'
=================================================================
ERROR: AddressSanitizer: heap-use-after-free on address 0xe1c25e821f48
READ of size 4 at 0xe1c25e821f48 thread T0
     #0 rl_do_undo                 undo.c:188:25
     #1 rl_revert_line             undo.c:339:2
     #2 readline_common_teardown   readline.c:493:7
     #3 readline_internal_teardown readline.c:518:3
     #4 readline_internal          readline.c:750:11
     #5 readline                   readline.c:387:11

0xe1c25e821f48 is located 24 bytes inside of 32-byte region
[0xe1c25e821f30,0xe1c25e821f50)
freed by thread T0 here:
     #2 _rl_free_undo_list         undo.c:111:7
     #3 rl_free_undo_list          undo.c:122:3
     #4 readline_common_teardown   readline.c:507:5
     #5 readline_internal_teardown readline.c:518:3
     #6 readline_internal          readline.c:750:11
     #7 readline                   readline.c:387:11

previously allocated by thread T0 here:
     #2 alloc_undo_entry           undo.c:75:23
     #3 rl_add_undo                undo.c:92:10
     #4 rl_insert_text             text.c:114:2
     #5 _rl_insert_char            text.c:935:7
     #6 rl_insert                  text.c:989:42
     #7 _rl_dispatch_subseq        readline.c:941:8
     #8 _rl_dispatch               readline.c:876:10
     #9 readline_internal_char     readline.c:690:11
    #10 readline_internal_charloop readline.c:737:11
    #11 readline_internal          readline.c:749:18
    #12 readline                   readline.c:387:11

[Prev in Thread]

Current Thread

[Next in Thread]

Re: history-search-* and undo lists, Chet Ramey, 2024/12/02
- Re: history-search-* and undo lists, Grisha Levit <=
  - Re: history-search-* and undo lists, Chet Ramey, 2024/12/12
    - Re: history-search-* and undo lists, Grisha Levit, 2024/12/13
    - Re: history-search-* and undo lists, Chet Ramey, 2024/12/16

Prev by Date: Re: PIPESTATUS differs from $? for compound command
Next by Date: Re: history-search-* and undo lists
Previous by thread: Re: history-search-* and undo lists
Next by thread: Re: history-search-* and undo lists
Index(es):
- Date
- Thread