[parisc-linux] Bug in more
Richard Hirst
rhirst@linuxcare.com
Thu, 11 Jan 2001 22:09:17 +0000
Hi,
I have found a bug in 'more', util-linux-2.10r source.
At startup tailequ() is called to match the last component of argv[0]
against "page". tailequ() is broken because it accesses one location
below the start of argv[0]. This causes a crash on parisc, where the
stack grows upwards and argv[0] is the first element on the stack.
Richard
--- util-linux-2.10r/text-utils/more.c- Thu Jan 11 15:00:59 2001
+++ util-linux-2.10r/text-utils/more.c Thu Jan 11 15:02:52 2001
@@ -815,8 +815,8 @@
register char *tail;
tail = path + strlen(path);
- while (tail >= path)
- if (*(--tail) == '/')
+ while (--tail >= path)
+ if (*tail == '/')
break;
++tail;
while (*tail++ == *string++)