[Rd] eval(match.call()) (PR#9339)
Bill Dunlap
bill at insightful.com
Fri Nov 3 23:14:09 CET 2006
On Fri, 3 Nov 2006 marc_schwartz at comcast.net wrote:
> > > On Fri, 2006-11-03 at 21:15 +0100, Peter Dalgaard wrote:
> > > > > x <- quote(match.call())
> > > > > eval(x)
> > > > *** buffer overflow detected ***: /usr/lib/R/bin/exec/R terminated
> > > > /lib/libc.so.6(__chk_fail+0x41)[0x1f1161]
> > > > /lib/libc.so.6[0x1f0617]
>
> > > > does look like something that just Should Not Happen...
I think valgrind shows the problem is in deparse.c:
245 strncpy(data, CHAR(STRING_ELT(svec, 0)), 10);
246 if (strlen(CHAR(STRING_ELT(svec, 0))) > 10) strcat(data, "...");
You need to put a '\0' into data[10] after that strncpy
so strcat can find the end of the string when the length
of the copied string is >=10. It currently runs into
uninitialized memory at the end of ".Primitive".
(This is in a copy of R source from June 2006.)
----------------------------------------------------------------------------
Bill Dunlap
Insightful Corporation
bill at insightful dot com
360-428-8146
"All statements in this message represent the opinions of the author and do
not necessarily reflect Insightful Corporation policy or position."
More information about the R-devel
mailing list