Ubuntu
bash package

Segfaults under deep function recursion

Bug #882454 reported by Chris West
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
bash (Debian)
Confirmed
Unknown
bash (Ubuntu)
Confirmed
Undecided
Unassigned

Bug Description

% bash
$ foo() { echo $1; foo $(($1+1)); }; foo 1
1
2
...
7370
7371
zsh: segmentation fault bash
%

ProblemType: Bug
DistroRelease: Ubuntu 11.10
Package: bash 4.2-0ubuntu4
ProcVersionSignature: Ubuntu 3.0.0-12.20-generic 3.0.4
Uname: Linux 3.0.0-12-generic x86_64
NonfreeKernelModules: nvidia
ApportVersion: 1.23-0ubuntu3
Architecture: amd64
CheckboxSubmission: b0d31efda01870980e2e5a89390b685c
CheckboxSystem: 6ce041aeed0a2c17b3343b66d157175d
Date: Thu Oct 27 10:18:33 2011
EcryptfsInUse: Yes
InstallationMedia: Ubuntu 10.10 "Maverick Meerkat" - Release amd64 (20101007)
ProcEnviron:
 PATH=(custom, user)
 LANG=en_GB.UTF-8
 SHELL=/bin/zsh
SourcePackage: bash
UpgradeStatus: Upgraded to oneiric on 2011-05-03 (177 days ago)

Revision history for this message
Chris West (faux) wrote :
Revision history for this message
Martin Pokorny (martin-truffulatree) wrote :

I can confirm that this bug is also present in the package "bash 4.2-0ubuntu3". Another way to reproduce this bug is:
$ bash -c 'x() { x; }; x'

Changed in bash (Ubuntu):
status: New → Confirmed
Bug Watch Updater (bug-watch-updater)
Changed in bash (Debian):
status: Unknown → Confirmed
Revision history for this message
StefanF (stefan) wrote :

The problem is still not solved.

Isn't that a security risk?

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.