Hi, Mike Gran <[email protected]> writes:
>> > But I tried it just now on HEAD, and it triggered a 'glibc detected >> > corrupteddouble-linked list' error. Curious. >> >> Hmm indeed. Can you come up with a reduced test case and perhaps a >> backtrace or something? >> > > in scm_i_unistring_escapes_to_r6rs_escapes(), you can have a write > off the end of a string when the buffer passed into the function contains > only 4-digit hex unistring hex escapes, such as "\u1100". The > R6RS-escaped string will be longer "\x1100;" causing the memcpy at the > end of the function to write off then end of the string. Indeed, good catch! I think commit f1ee6d54d219056c62d87a8e4a6b199162c946e8 hackily fixes it. The whole thing is hackish though: the conversion is inelegant, and it assumes that BUF is in an ASCII-compatible encoding. I think the right way would be to have libunistring allow us to specify what we want escapes to look like. Thanks, Ludo’.
