expect uses memcpy instead of memmove to copy overlapping memory
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
expect (Debian) |
Fix Released
|
Unknown
|
|||
expect (Ubuntu) |
Fix Released
|
Medium
|
Unassigned |
Bug Description
The ecases_
elements down. The areas can be overlapping. When they are, the
construct is non-portable and can lead to memory corruption.
Please replace the memcpy call with a memmove call. That fixes the
issue. I have attached a proposed patch.
I have already reported this issue at Debian: http://
Debian has accepted the patch.
I have also reported it upstream:
https:/
The following script demonstrates the problem. Save it in a file called
trigger2.expect and run the following:
$ valgrind expect trigger2.expect
You will see an error message similar to:
==10665== Source and destination overlap in memcpy(0x60b9170, 0x60b9178, 16)
==10665== at 0x4C2E820: memcpy@@GLIBC_2.14 (in /usr/lib/
(Note: it seems that valgrind 3.7 does not detect this, but valgrind 3.8.1 does detect it.)
---cut here for trigger2.expect---
#!/usr/bin/env expect
spawn cat
set a $spawn_id
spawn sleep 1
set b $spawn_id
set spawn_id $a
expect_after {
-i $a full_buffer { }
-i $b full_buffer { }
timeout { }
}
expect eof { }
---cut here for trigger2.expect---
It would be nice if this fix was backported to versions of Ubuntu that are still supported with updates.
tags: | added: patch-accepted-upstream |
Changed in expect (Ubuntu): | |
status: | New → Confirmed |
Changed in expect (Debian): | |
status: | Unknown → Fix Released |
Changed in expect (Ubuntu): | |
status: | Confirmed → Fix Committed |
Changed in expect (Ubuntu): | |
importance: | Undecided → Medium |
status: | Fix Committed → Triaged |
fixed in 16.04 LTS and later