Re: lib/52849: libedit core dumps on saving history file with psql from postgresql*-client packages on amd64 platform

[Valery Ushakov <uwe%stderr.spb.ru@localhost>]

The following reply was made to PR lib/52849; it has been noted by GNATS.

From: Valery Ushakov <uwe%stderr.spb.ru@localhost>
To: gnats-bugs%NetBSD.org@localhost
Cc: 
Subject: Re: lib/52849: libedit core dumps on saving history file with psql
 from postgresql*-client packages on amd64 platform
Date: Sat, 23 Dec 2017 21:04:26 +0300

 On Fri, Dec 22, 2017 at 15:55:00 +0000, plavoie%hvc.rr.com@localhost wrote:
 
 > Having become frustrated with this and having some time, I've spent
 > the past couple of days hunting down this issue. Compiling -current
 > with MKDEBUGLIB enabled, I found that psql was crashing on the exit
 > code inside the history_save_fp() function, specifically the first
 > line:
 >
 > if (fchmod(fileno(fp), S_IRUSR|S_IWUSR) == -1)
 > 
 > due to a null being passed as fp. 
 
 Is there a sack trace?
 
 From a quick look 1.58 of history.c (from Sep 1) looks highly
 suspicious as it introduced a call like 
 
   history_save_fp(h, va_arg(va, size_t), va_arg(va, FILE *));
 
 and of course C99 even cites that as an example if UB:
 
        3.4.4
        [#1] unspecified behavior
        behavior where this International Standard provides  two  or
        more  possibilities  and  imposes no further requirements on
        which is chosen in any instance
 
        [#2] EXAMPLE  An example  of  unspecified  behavior  is  the
        order in which the arguments to a function are evaluated.
 
 -uwe