continuous key press results in core dump (PR#331)
Peter Dalgaard BSA
p.dalgaard@biostat.ku.dk
22 Nov 1999 00:24:19 +0100
Peter Dalgaard BSA <p.dalgaard@biostat.ku.dk> writes:
> Yup, in dstruct.c we have
>
> static int ddVal(SEXP name)
> {
> char buf[128], *endp, *val;
> int rval;
>
> strcpy(buf, CHAR(name));
>
> ..which at the very least has to have a str*n*cpy in order not to
> corrupt the stack if CHAR(name) is too large. Or perhaps better:
> allocate buf explicitly instead of via a stack variable.
>
> Not sure I'll be able to get it fixed tonight though.
Squished. That buffer should never have been there in the first place...
--
O__ ---- Peter Dalgaard Blegdamsvej 3
c/ /'_ --- Dept. of Biostatistics 2200 Cph. N
(*) \(*) -- University of Copenhagen Denmark Ph: (+45) 35327918
~~~~~~~~~~ - (p.dalgaard@biostat.ku.dk) FAX: (+45) 35327907
-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-
r-devel mailing list -- Read http://www.ci.tuwien.ac.at/~hornik/R/R-FAQ.html
Send "info", "help", or "[un]subscribe"
(in the "body", not the subject !) To: r-devel-request@stat.math.ethz.ch
_._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._