#5 Fix for reverse video core dump
Aterm 0.4.0 core dumps here when I use reverse video.
The attached patch fixes it. Here are the purify
errors that indicate the problem site and where the
memory block being written past is allocated:
**** Purify instrumented ./aterm.pure (pid 819270)
****
ABR: Array bounds read:
* This is occurring while in:
scr_rvideo_mode+0xfff00f64 [screen.c:1586]
process_terminal_mode+0xffee9d60
[command.c:3202]
process_csi_seq+0xffee9760 [command.c:3055]
process_escape_seq+0xffee8894 [command.c:2871]
main_loop+0xffeeb060 [command.c:3482]
main+0xffef5e78 [main.c:1932]
__start+0xffee24e4 [crt1text.s:176]
* Reading 2 bytes from 0x100754c0 in the heap.
* Address 0x100754c0 is 1 byte past end of a malloc'd
block at 0x10075420 of 1
60 bytes.
* This block was allocated from:
_malloc+0x4c [malloc.c:886]
make_screen_mem+0xffef90d8 [screen.c:213]
scr_reset+0xffef9840 [screen.c:269]
main+0xffef56f0 [main.c:1845]
__start+0xffee24e4 [crt1text.s:176]
**** Purify instrumented ./aterm.pure (pid 819270)
****
ABW: Array bounds write:
* This is occurring while in:
scr_rvideo_mode+0xfff00f78 [screen.c:1586]
process_terminal_mode+0xffee9d60
[command.c:3202]
process_csi_seq+0xffee9760 [command.c:3055]
process_escape_seq+0xffee8894 [command.c:2871]
main_loop+0xffeeb060 [command.c:3482]
main+0xffef5e78 [main.c:1932]
__start+0xffee24e4 [crt1text.s:176]
* Writing 2 bytes to 0x100754c0 in the heap.
* Address 0x100754c0 is 1 byte past end of a malloc'd
block at 0x10075420 of 1
60 bytes.
* This block was allocated from:
_malloc+0x4c [malloc.c:886]
make_screen_mem+0xffef90d8 [screen.c:213]
scr_reset+0xffef9840 [screen.c:269]
main+0xffef56f0 [main.c:1845]
__start+0xffee24e4 [crt1text.s:176]
Logged In: YES
user_id=49685
Heh, well the "Check to Upload & Attach File" didn't work.
Here's the patch via cut-n-paste:
--- src/ORIG/screen.c Tue May 30 18:17:56 2000
+++ src/screen.c Thu Mar 8 10:38:31 2001
@@ -1582,7 +1582,7 @@
maxlines = TermWin.saveLines + TermWin.nrow;
for (i = TermWin.saveLines; i < maxlines; i++)
- for (j = 0; j < TermWin.bcol + 1; j++)
+ for (j = 0; j < TermWin.bcol; j++)
screen.rend[i][j] ^= RS_RVid;
scr_refresh(SLOW_REFRESH);