[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#15570: 24.3.50; Null pointer crash in (ns-convert-utf8-nfd-to-nfc "\
bug#15570: 24.3.50; Null pointer crash in (ns-convert-utf8-nfd-to-nfc "\377")
Wed, 9 Oct 2013 18:31:24 +0200
9 okt 2013 kl. 13:37 skrev Carsten Bormann <address@hidden>:
> (ns-convert-utf8-nfd-to-nfc "\377")
> crashes in strlen (called from build_string),
> as it is run on a null-pointer (apparently returned from [utfStr UTF8String]).
> Program received signal EXC_BAD_ACCESS, Could not access memory.
> Reason: KERN_INVALID_ADDRESS at address: 0x0000000000000000
Eh, don't do that?
> 0x00007fff94ac3670 in strlen ()
> (gdb) where
> #0 0x00007fff94ac3670 in strlen ()
> #1 0x000000010009fbb4 in build_string ()
> #2 0x000000010019300d in Fns_convert_utf8_nfd_to_nfc ()
> 0x00007fff94ac3670 <strlen+16>: pcmpeqb (%rdi),%xmm0
> (gdb) info reg
> rdi 0x0 0
> Further, there are no tests for this function.
> (Bug manifests itself with tramp no longer working on hosts stuck in
> Latin-1-land, which might be due to an unrelated change.)
The function clearly expects valid UTF-8 as input. Why is tramp feeding it
invalid UTF-8? What is tramp trying to accomplish? What would be the
expected return value on invalid UTF-8?