Bill Dunlap <bill at insightful.com> writes:
On Fri, 3 Nov 2006 marc_schwartz at comcast.net wrote: =20
On Fri, 2006-11-03 at 21:15 +0100, Peter Dalgaard wrote:
x <- quote(match.call()) eval(x)
*** buffer overflow detected ***: /usr/lib/R/bin/exec/R terminated /lib/libc.so.6(__chk_fail+0x41)[0x1f1161] /lib/libc.so.6[0x1f0617]
does look like something that just Should Not Happen...
=20
=20
I think valgrind shows the problem is in deparse.c:
245 strncpy(data, CHAR(STRING_ELT(svec, 0)), 10);
246 if (strlen(CHAR(STRING_ELT(svec, 0))) > 10) strcat(data, =
"...");
You need to put a '\0' into data[10] after that strncpy so strcat can find the end of the string when the length of the copied string is >=3D10. It currently runs into uninitialized memory at the end of ".Primitive". =20 (This is in a copy of R source from June 2006.)
Now fixed in 2.4.0 Patched and the development version. --=20 O__ ---- Peter Dalgaard =C3=98ster Farimagsgade 5, Entr.B c/ /'_ --- Dept. of Biostatistics PO Box 2099, 1014 Cph. K (*) \(*) -- University of Copenhagen Denmark Ph: (+45) 35327918 ~~~~~~~~~~ - (p.dalgaard at biostat.ku.dk) FAX: (+45) 35327907