A sign of life

[McDutchie]

Hi all,

I'm sorry I've been absent for so long; I've been dealing with a major crisis in the family sphere. Things are getting better and I should soon be able to find time and get into the headspace to maintain ksh again. Thanks for your patience, particularly to @JohnoKing and @phidebian who have multiple pull requests waiting.

However, the highest-priority issue by far is #861; the lexical analysis code in lex.c has many buffer overflow problems for large scripts (i.e., when one 64KiB buffer has been fully read and is replace by the next 64KiB buffer). All of the fcpeek(-1) macro expansions, and the like, are unsafe. There are also similar problems with the processing of multibyte characters that cross buffer boundaries; in 781f0a3 back in 2020, I applied an incorrect Red Hat patch that deletes perfectly good code that works around that issue. I will soon push some commits that make some progress on that issue, but I may need some more eyes on it to solve the rest of it.

[phidebian]

Hi @McDutchie, Don't worry about my PR's, they are non critical, it happened that my 2 weeks in UK were mostly grey days, so I tried to dig into the back log.

I didn't spotted #861, I am busy as well at the moment, but when I recover some cycles I could look into this one.

Cheers

[phidebian]

@McDutchie is there a determinist test case that reproduce the bug #861, I load pnut-sh.sh but the run gives

$ ./pnut-sh.sh 
Usage: ./pnut-sh.sh <filename>
no input file

I also tried

$ for((i=0;i<100000;i++));do echo '日本語の変数名=OK';done >foo
$ . ./foo
...
...
/d1/ksh-latest/arch/linux.i386-64/bin/ksh: .: ./foo[100000]: ?f?^W?%?f?^\?,?h?*?^^?c?^A?.?e?$?^I?f?^U?0?e?^P?^M=OK: not found

So I don't know how to reproduce this bug at the moment. I am running the top of 'dev' branch, may be this integrate some fix attempt....

Let me know the best way to reproduce this.