On Thu, Apr 07, 2016 at 11:50:46AM -0700, Junio C Hamano wrote:
> Junio C Hamano <gits...@pobox.com> writes:
>
> > "Tom G. Christensen" <t...@jupiterrise.com> writes:
> >
> >> The reason for the crash is simple, a null value was passed to the 's'
> >> format for the *printf family of functions.
> >> ...
> >> Passing a null value to the 's' format is explicitly documented as
> >> giving undefined results on Solaris, even on Solaris 11(2).
Thanks, TIL (though it is not really surprising, I guess, since some
memcpy implementations have the same problem).
> So, I've looked at places where we use "%.*s" with "prefix" nearby,
> and it seems that this is the only place.
Thank you for digging; I obviously didn't think about this issue at all
when doing the mass conversions recently.
> The "prefix" being a NULL is a perfectly valid state throughout the
> system and means a different thing than it being an empty string, so
> it is valid for callers of prefix_path() and prefix_path_gently() to
> pass prefix=NULL as long as they pass len=0.
>
> So perhaps this is all we need to fix your box.
>
> setup.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/setup.c b/setup.c
> index 3439ec6..b6c8aab 100644
> --- a/setup.c
> +++ b/setup.c
> @@ -103,7 +103,7 @@ char *prefix_path_gently(const char *prefix, int len,
> return NULL;
> }
> } else {
> - sanitized = xstrfmt("%.*s%s", len, prefix, path);
> + sanitized = xstrfmt("%.*s%s", len, prefix ? prefix : "", path);
> if (remaining_prefix)
> *remaining_prefix = len;
> if (normalize_path_copy_len(sanitized, sanitized,
> remaining_prefix)) {
The original pre-75faa45ae0230b321bf72027b2274315d7e14e34 version
checked "if (len)", but I think this should be equally right.
-Peff
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
