continuous key press results in core dump (PR#331)
Peter Dalgaard BSA
p.dalgaard@biostat.ku.dk
21 Nov 1999 21:58:36 +0100
rnassar@duke.edu writes:
> I encountered this today (I admit it is a result of downright abuse)
>
> Segmentation fault under abnormal conditions (as when stupid finger
> accidentally leaned on key):
...which is exactly why this kind of fault mustn't happen.
> at 128 (at least by my count) "continuous" (zzzzzzzzz... or 123qwertyuio...)
> characters but NOT when enclosed in " ", and not if numbers.
>
> > 12345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678
> [1] 1.234568e+157
> > zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz
> Segmentation fault (core dumped)
Yup, in dstruct.c we have
static int ddVal(SEXP name)
{
char buf[128], *endp, *val;
int rval;
strcpy(buf, CHAR(name));
..which at the very least has to have a str*n*cpy in order not to
corrupt the stack if CHAR(name) is too large. Or perhaps better:
allocate buf explicitly instead of via a stack variable.
Not sure I'll be able to get it fixed tonight though.
--
O__ ---- Peter Dalgaard Blegdamsvej 3
c/ /'_ --- Dept. of Biostatistics 2200 Cph. N
(*) \(*) -- University of Copenhagen Denmark Ph: (+45) 35327918
~~~~~~~~~~ - (p.dalgaard@biostat.ku.dk) FAX: (+45) 35327907
-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-
r-devel mailing list -- Read http://www.ci.tuwien.ac.at/~hornik/R/R-FAQ.html
Send "info", "help", or "[un]subscribe"
(in the "body", not the subject !) To: r-devel-request@stat.math.ethz.ch
_._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._