bash --norc -in <<<'^xx^&&x'
AddressSanitizer: heap-buffer-overflow
#0 postproc_subst_rhs histexpand.c:517
Probably need something like:
diff --git a/lib/readline/histexpand.c b/lib/readline/histexpand.c
index 25d962c2..08a4aa8f 100644
--- a/lib/readline/histexpand.c
+++ b/lib/readline/histexpand.c
@@ -509,9 +509,9 @@ postproc_subst_rhs (void)
/* a single backslash protects the `&' from lhs interpolation */
if (subst_rhs[i] == '\\' && subst_rhs[i + 1] == '&')
i++;
- if (j >= new_size)
+ if (++j >= new_size)
new = (char *)xrealloc (new, new_size *= 2);
- new[j++] = subst_rhs[i];
+ new[j] = subst_rhs[i];
}
}
new[j] = '\0';
