Skip to content

Buffer overflow when using search with more than about 150 characters.

Description:

When using the search function, with a search of more than 140 or 200 characters (it seems to depend on which shell and which dotfiles are used), most will coredump due to a buffer overflow. This happens with most packaged by arch, and with most I built with the pkgbuild on my machine, but not with most built using package maintainer instructions from the same source tarball as the pkgbuild, using the autoconf, make, and gcc on my machine.

Additional info:

the source tarball I'm using has the following sha512sum, the same one as in the pkgbuild.

3aa3cb46ddd456532a009fb9cfcd746971396be33e03e52a15b754a6d7683f4efd020edb0ec4eb36d22ba20f050aaac4ba6cdd3b69bb5701ea58ddb9a903c59d most-5.2.0.tar.gz

  • package version(s): most 5.2.0-2
  • config and/or log files: No special config changes that I know of. I'd rather not upload core dumps.
  • link to upstream bug report, if any: None, this doesn't happen with upstream source.

Steps to reproduce:

  1. Fill clipboard with at least 145 characters, the minimum number I've found, but more will work. I use a command such as `openssl rand -base64 1000 | tr -d
  2. Open most to any file, e.g. most /etc/pacman.conf
  3. press forward slash.
  4. Paste clipboard into terminal.
  5. Wait for text to finish pasting.
  6. Press enter
  7. Observe crash.
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information