Hi,
noticed this on -current (dated Dec 2) amd64:
$ who | rs
Segmentation fault (core dumped)
$ jot -r 100 | rs 10 10
Segmentation fault (core dumped)
I traced it to v1.10 of rs.c:
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/rs/rs.c.diff?r1=1.9;r2=1.10;f=h
Index: rs.c
===================================================================
RCS file: /cvs/src/usr.bin/rs/rs.c,v
retrieving revision 1.21
diff -u -r1.21 rs.c
--- rs.c 4 Mar 2012 04:05:15 -0000 1.21
+++ rs.c 3 Dec 2012 18:31:18 -0000
@@ -336,17 +336,16 @@
getptrs(char **sp)
{
char **p;
- int newsize, gap;
+ int newsize;
newsize = allocsize * 2;
p = realloc(elem, newsize * sizeof(char *));
if (p == NULL)
err(1, "no memory");
- gap = p - elem;
- elem = p;
allocsize = newsize;
- sp += gap;
+ sp += p - elem;
+ elem = p;
endelem = elem + allocsize;
return(sp);
}
