aboutsummaryrefslogtreecommitdiff
path: root/debug/catchsegv.sh
diff options
context:
space:
mode:
authorJakub Jelinek <jakub@redhat.com>2011-12-30 17:13:56 -0500
committerUlrich Drepper <drepper@gmail.com>2011-12-30 17:13:56 -0500
commit2ba92745c36eb3c3f3af0ce1b0aebd255c63a13b (patch)
treea903cdfb8d240977cabd19e853a1bf213f3026f6 /debug/catchsegv.sh
parentc0da14cdda1fa552262ce3624156194eef43e973 (diff)
downloadglibc-2ba92745c36eb3c3f3af0ce1b0aebd255c63a13b.tar
glibc-2ba92745c36eb3c3f3af0ce1b0aebd255c63a13b.tar.gz
glibc-2ba92745c36eb3c3f3af0ce1b0aebd255c63a13b.tar.bz2
glibc-2ba92745c36eb3c3f3af0ce1b0aebd255c63a13b.zip
Fix up regcomp/regexec
The problem is that parse_bracket_symbol is miscompiled, and it turns out it is because of an incorrect attribute on re_string_fetch_byte_case. Unlike re_string_peek_byte_case, this one is really not pure, it modifies memory (increments pstr->cur_idx), and with the pure attribute GCC assumed it doesn't and it cached the presumed value of regexp->cur_idx in a variable across the for (;; ++i) { if (i >= BRACKET_NAME_BUF_SIZE) return REG_EBRACK; if (token->type == OP_OPEN_CHAR_CLASS) ch = re_string_fetch_byte_case (regexp); else ch = re_string_fetch_byte (regexp); if (re_string_eoi(regexp)) return REG_EBRACK; if (ch == delim && re_string_peek_byte (regexp, 0) == ']') break; elem->opr.name[i] = ch; }
Diffstat (limited to 'debug/catchsegv.sh')
0 files changed, 0 insertions, 0 deletions