regularExp.c contains an off by one error. Default_Delimiters is defined as static unsigned char Default_Delimiters [UCHAR_MAX] = {0}; Note, that UCHAR_MAX == 255 on most architectures. Later, makeDelimiterTable does the following on line 4089: memset (table, 0, 256); This overwrites one byte of an adjacent variable with 0, Most likely the Current_Delimiters variable. When compiling with "-O2 -finline-functions" this will cause a crash. (Also some versions of gcc will give a warning about the buffer overflow: In file included from /usr/include/string.h:640, from regularExp.c:83: In function \u2018memset\u2019, inlined from \u2018SetREDefaultWordDelimiters\u2019 at regularExp.c:4089: /usr/include/bits/string3.h:85: warning: call to __builtin___memset_chk will always overflow destination buffer Changing the declaration to be: static unsigned char Default_Delimiters [UCHAR_MAX + 1] = {0}; or static unsigned char Default_Delimiters [256] = {0}; /* since we are using magic numbers later, why not just hard code it! */ solves the problem. I have reported this problem upstream, but I feel that a gentoo patch will probably be prudent until they decide to address the issue. I will attach a patch. https://sourceforge.net/tracker/?func=detail&aid=2858723&group_id=11005&atid=111005 Reproducible: Always NOTE: I have taken the offending -finline-functions flag out of my CFLAGS so I have a working nedit, so it is not in the following dump: $ emerge --info Portage 2.2_rc40 (default/linux/x86/2008.0/desktop, gcc-4.4.1, glibc-2.10.1-r0, 2.6.30-gentoo-r6 i686) ================================================================= System uname: Linux-2.6.30-gentoo-r6-i686-Intel-R-_Core-TM-2_Duo_CPU_T7700_@_2.40GHz-with-gentoo-2.0.1 Timestamp of tree: Mon, 14 Sep 2009 15:25:01 +0000 app-shells/bash: 3.2_p39 dev-java/java-config: 2.1.8-r1 dev-lang/python: 2.6.2-r1 dev-util/cmake: 2.6.4 sys-apps/baselayout: 2.0.1 sys-apps/openrc: 0.4.3-r3 sys-apps/sandbox: 1.6-r2 sys-devel/autoconf: 2.13, 2.63-r1 sys-devel/automake: 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10.2 sys-devel/binutils: 2.19.1-r1 sys-devel/gcc-config: 1.4.1 sys-devel/libtool: 1.5.26 virtual/os-headers: 2.6.30-r1 ACCEPT_KEYWORDS="x86" CBUILD="i686-pc-linux-gnu" CFLAGS="-march=native -O2 -fomit-frame-pointer -pipe" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/config /var/lib/hsqldb" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c /etc/udev/rules.d" CXXFLAGS="-march=native -O2 -fomit-frame-pointer -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="assume-digests collision-protect distlocks fixpackages parallel-fetch preserve-libs protect-owned sandbox sfperms strict unmerge-logs unmerge-orphans userfetch" GENTOO_MIRRORS="http://distfiles.gentoo.org http://distro.ibiblio.org/pub/linux/distributions/gentoo" LANG="en_US.UTF-8" LDFLAGS="-Wl,-O1" LINGUAS="en_US en" MAKEOPTS="-j1" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY=" " SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="X a52 aac accessibility acl acpi alsa apache2 avahi bash-completion berkdb bluetooth boost branding bzip2 cairo cdr chroot cleartype cli consolekit cracklib crypt cups curl cvs dbus debugger dell dhcp divx doc dri dts dvd dvdr eds emboss encode esd evo examples expat fam ffmpeg firefox flac gdbm gif glitz gmp gnome gnutls gpm graphviz gstreamer gtk hal iconv imagemagick inotify ipv6 isdnlog jadetex java java6 jpeg jpeg2k kde kpathsea lame ldap libnotify lm_sensors mad mdnsresponder-compat mikmod mjpeg mmap mmx mng mono mp3 mp4 mpeg mplayer mudflap mysql ncurses network-cron nls nptl nptlonly nsplugin ogg openal openexr opengl openmp pam pango pch pcre pdf perl phonon php pmu png posix ppds pppd python qt3 qt3support qt4 quicktime readline reflection rss samba sdl semantic-desktop session spell spl sqlite sqlite3 sse sse2 ssl ssse3 startup-notification subversion svg sysfs tcl tcpd templates theora threads thumbnail thunar tiff tk truetype unicode usb utempter v4l vcd vim-syntax vnc vorbis webkit win32codecs wmf wmp wxwidgets wxwindows x264 x86 xanim xcomposite xft xine xinerama xml xorg xpm xscreensaver xulrunner xv xvid zeroconf zip zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1 emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic auth_digest authn_anon authn_dbd authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock dbd deflate dir disk_cache env expires ext_filter file_cache filter headers ident imagemap include info log_config logio mem_cache mime mime_magic negotiation proxy proxy_ajp proxy_balancer proxy_connect proxy_http rewrite setenvif so speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="keyboard mouse synaptics evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en_US en" USERLAND="GNU" VIDEO_CARDS="nvidia" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LC_ALL, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
Created attachment 204108 [details, diff] patch to fix off by one error
Great! patch was accepted by upstream. Thanks and applying it + 15 Sep 2009; Víctor Ostorga <vostorga@gentoo.org> nedit-5.5-r1.ebuild, + +files/nedit-5.5-off-by-one.patch: + Fixing off by one error in regularExp.c . Patch thanks to Evan Teran + <eteran@alum.rit.edu> bug 284965
