Menu

#256 crash in AffixMgr::suffix_check

0.60
closed
Kevin Atkinson
crash (5)
5
2016-12-11
2012-01-25
Andriy Gapon
No

Many people report a crash in AffixMgr::suffix_check.
Examples:
http://code.google.com/p/psi-dev/issues/detail?id=396
https://bugs.kde.org/show_bug.cgi?id=233026

I have run into a similar crash (using aspell in xchat) myself.
My debugging shows that the problem seems to be that a zero-length value of the word parameter doesn't get handled by the first loop (starting at sStart[0]).
The code after the loop is not equipped to deal with a zero length word correctly. E.g.:
byte sp = *((const byte *)(word + word.size() - 1));

The attached work-around prevents the crash, but I am not familiar enough with the code to be sure what the root cause is and, thus, that the patch is sufficiently correct.

I am using aspell-0.60.6.1 built via the FreeBSD ports.

Discussion

  • Andriy Gapon

    Andriy Gapon - 2012-01-25

    The patch/workaround.

     
    affix.patch

  • Kevin Atkinson

    Kevin Atkinson - 2016-12-11

    This issue has moved to GitHub: https://github.com/GNUAspell/aspell/issues/496

     

  • Kevin Atkinson

    Kevin Atkinson - 2016-12-11
    • Status: open --> closed