leres@ace.ee.lbl.gov (Craig Leres) (11/02/89)
We've been running netnews (B 2.11 12/1/87) since June of 1988. I found
a bug in sed (the fix is appended) last July and am pretty sure that it
is of interest to folks who run netnews. The main place it was causing
problems was with the newsetup script. I think it would cause zillions
of "bogus newsgroup" messages.
At one point during my debugging of sed, I saw a ^L about to be output.
Later, I remembered the annoying mystery messages that sometime appear:
Date: Wed, 1 Nov 89 03:17:17 PST
From: usenet (Usenet Administrator)
Subject: Problems with your active file
Apparently-To: usenet
^L
Although these messages haven't completely stopped since I installed
the fixed sed, they don't occur nearly as often (this is the first one
I remember in the last 2 months).
Anyway, is there any absolute cure for this problem or is it just a
permanent feature of B news?
Craig
------- Forwarded Message
Date: Mon, 24 Jul 89 18:22:07 PDT
From: Craig Leres <leres>
Subject: nil pointer dereference bug in sed
To: bugs@okeeffe.berkeley.edu (Bugs BSD Bunny)
Index: usr.bin/sed/sed0.c +FIX
Description:
On some architectures (e.g. Sun 3) sed can core dump when the
'w' command is used.
Repeat-By:
Examine the code (unfortunately, the bug wasn't 100%
reproducable).
Fix:
The problem are the two for loops in fcomp(). Both assume that
'w' filenames are stored in the zero'th position when in fact,
that position is reserved for stdout and does not have a
filename associated with it.
*** sed0.c.old Mon Jul 24 18:21:17 1989
--- sed0.c Mon Jul 24 18:21:35 1989
***************
*** 1,4 ****
! /* sed0.c 4.5 87/12/21 */
#include <sys/param.h>
#include <stdio.h>
--- 1,4 ----
! /* sed0.c 4.5++ 87/12/21 */
#include <sys/param.h>
#include <stdio.h>
***************
*** 492,498 ****
text(fbuf);
fname[nfiles] = newstr(fbuf);
! for(i = nfiles - 1; i >= 0; i--)
if(cmp(fname[nfiles],fname[i])
== 0) {
rep->fcode = fcode[i];
goto done;
--- 492,498 ----
text(fbuf);
fname[nfiles] = newstr(fbuf);
! for(i = nfiles - 1; i > 0; i--)
if(cmp(fname[nfiles],fname[i])
== 0) {
rep->fcode = fcode[i];
goto done;
***************
*** 518,524 ****
text(fbuf);
fname[nfiles] = newstr(fbuf);
! for(i = nfiles - 1; i >= 0; i--)
if(cmp(fname[nfiles], fname[i]) == 0) {
rep->fcode = fcode[i];
goto done;
--- 518,524 ----
text(fbuf);
fname[nfiles] = newstr(fbuf);
! for(i = nfiles - 1; i > 0; i--)
if(cmp(fname[nfiles], fname[i]) == 0) {
rep->fcode = fcode[i];
goto done;
------- End of Forwarded Message