In case of string like "aaaa" and replacement "a" -> "xa" in following code snippet:
https://github.com/xrootd/xrootd/blob/367f86f21a3f232449096aec0c7646bfba9d049f/src/XrdOuc/XrdOucString.cc#L802-L811
after 4 iterations the algorithm replaces "aaaa" with "xaxaxaxa" and `at = 0` and `l1 = 1` (length of the to be replaced string) at that point we call:
https://github.com/xrootd/xrootd/blob/367f86f21a3f232449096aec0c7646bfba9d049f/src/XrdOuc/XrdOucString.cc#L811
substituting the variables with values: `at = rfind("a",-1);`, in the context of `rfind` the -1 constant has a special meaning (`STR_NPOS`) -> search starts from end of string, hence although we are basically done the algorithm starts again scanning the whole string and as a result at some point the output buffer gets miscalculated at some point which results with a segv.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/xrootd/xrootd/issues/1094#issuecomment-575674931
########################################################################
Use REPLY-ALL to reply to list
To unsubscribe from the XROOTD-DEV list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1
