On Sat, 2006-11-04 at 02:08 +0100, Peter Dalgaard wrote:
Bill Dunlap <bill at insightful.com> writes:
On Fri, 3 Nov 2006 marc_schwartz at comcast.net wrote:
On Fri, 2006-11-03 at 21:15 +0100, Peter Dalgaard wrote:
x <- quote(match.call()) eval(x)
*** buffer overflow detected ***: /usr/lib/R/bin/exec/R terminated /lib/libc.so.6(__chk_fail+0x41)[0x1f1161] /lib/libc.so.6[0x1f0617]
does look like something that just Should Not Happen...
I think valgrind shows the problem is in deparse.c:
245 strncpy(data, CHAR(STRING_ELT(svec, 0)), 10);
246 if (strlen(CHAR(STRING_ELT(svec, 0))) > 10) strcat(data, "...");
You need to put a '\0' into data[10] after that strncpy
so strcat can find the end of the string when the length
of the copied string is >=10. It currently runs into
uninitialized memory at the end of ".Primitive".
(This is in a copy of R source from June 2006.)
Now fixed in 2.4.0 Patched and the development version.
Just a quick heads up here, that Tom Callaway has updated the Fedora Extras RPMS to fix the buffer overflow, based upon a post to the FE CVS mailing list last night. This is for FC4, FC5 and FC6. So you can update to these when they appear on FE mirrors in due course. It looks like these should be labelled as 2.4.0-2. Thanks to all. Regards, Marc