RE: [External] Re: lib/54117 (Buffer overflow in editline filename completion)

["Helde, Paavo" <Paavo.Helde%PERKINELMER.COM@localhost>]

Yes, I can confirm the fix seems to cure the memory overrun issue.

PS. We are using the port https://www.thrysoee.dk/editline/libedit-20190324-3.1.tar.gz and we saw several issues with it, like the history subsystem not configurable and our custom ^@ binding regularly overwritten. The port is some weeks old, maybe some problems are fixed already, maybe some are specific to the port and maybe some are the artefacts of our potentially inadequate attempts to enforce the library to behave as needed for us. In short, would it make it sense for me to try to report some of those issues and if so, in what form?

Regards
Paavo



-----Original Message-----
From: abhinav%NetBSD.org@localhost <abhinav%NetBSD.org@localhost> 
Sent: Friday, April 12, 2019 6:20 PM
To: christos%netbsd.org@localhost; netbsd-bugs%netbsd.org@localhost; gnats-admin%netbsd.org@localhost; abhinav%NetBSD.org@localhost; Helde, Paavo <Paavo.Helde%PERKINELMER.COM@localhost>
Subject: [External] Re: lib/54117 (Buffer overflow in editline filename completion)


Use caution when opening links or attachments.

Synopsis: Buffer overflow in editline filename completion

State-Changed-From-To: open->feedback
State-Changed-By: abhinav%NetBSD.org@localhost
State-Changed-When: Fri, 12 Apr 2019 15:19:41 +0000
State-Changed-Why:
Christos committed the fix suggested by you, could you verify it?