On Sat, 2006-11-04 at 02:08 +0100, Peter Dalgaard wrote: > Bill Dunlap <[EMAIL PROTECTED]> writes: > > > On Fri, 3 Nov 2006 [EMAIL PROTECTED] wrote: > > > > > > > On Fri, 2006-11-03 at 21:15 +0100, Peter Dalgaard wrote: > > > > > > > x <- quote(match.call()) > > > > > > > eval(x) > > > > > > *** buffer overflow detected ***: /usr/lib/R/bin/exec/R terminated > > > > > > /lib/libc.so.6(__chk_fail+0x41)[0x1f1161] > > > > > > /lib/libc.so.6[0x1f0617] > > > > > > > > > does look like something that just Should Not Happen... > > > > > > I think valgrind shows the problem is in deparse.c: > > 245 strncpy(data, CHAR(STRING_ELT(svec, 0)), 10); > > 246 if (strlen(CHAR(STRING_ELT(svec, 0))) > 10) strcat(data, > > "..."); > > You need to put a '\0' into data[10] after that strncpy > > so strcat can find the end of the string when the length > > of the copied string is >=10. It currently runs into > > uninitialized memory at the end of ".Primitive". > > > > (This is in a copy of R source from June 2006.) > > Now fixed in 2.4.0 Patched and the development version.
Just a quick heads up here, that Tom Callaway has updated the Fedora Extras RPMS to fix the buffer overflow, based upon a post to the FE CVS mailing list last night. This is for FC4, FC5 and FC6. So you can update to these when they appear on FE mirrors in due course. It looks like these should be labelled as 2.4.0-2. Thanks to all. Regards, Marc ______________________________________________ R-devel@r-project.org mailing list https://stat.ethz.ch/mailman/listinfo/r-devel