diff options
| -rw-r--r-- | MEMORY_BUGS.md | 6 | ||||
| -rw-r--r-- | NEWS.md | 4 | ||||
| -rw-r--r-- | include/version.h | 2 | ||||
| -rw-r--r-- | src/history.c | 1 |
4 files changed, 12 insertions, 1 deletions
diff --git a/MEMORY_BUGS.md b/MEMORY_BUGS.md index 1acf80a0297b..d675b28b342a 100644 --- a/MEMORY_BUGS.md +++ b/MEMORY_BUGS.md @@ -11,6 +11,12 @@ right after, which was embarrassing. This list is sorted by the first version a bug exists in, not the last it existed in. +* In versions `1.1.0` until `6.2.0` (inclusive) of `bc` and `dc`, there is a + out of bounds read and write in history when pressing ctrl+r (or any other + unused letter) then inserting two characters. + + The first version without this bug is `6.2.1`. + * In versions `3.0.0` until `6.0.1` (inclusive) of `bc` and `dc`, there is a double-free on `SIGINT` when using command-line expressions with `-e` and `-f`. This was caused by not properly ending a jump series. @@ -1,5 +1,9 @@ # News +## 6.2.1 + +This is a production release with one bug fix for a memory bug in history. + ## 6.2.0 This is a production release with a new feature and a few bug fixes. diff --git a/include/version.h b/include/version.h index d7f8ef5bcc18..a9abf5be6c67 100644 --- a/include/version.h +++ b/include/version.h @@ -37,6 +37,6 @@ #define BC_VERSION_H /// The current version. -#define VERSION 6.2.0 +#define VERSION 6.2.1 #endif // BC_VERSION_H diff --git a/src/history.c b/src/history.c index b289cf73a24a..472eec55c25d 100644 --- a/src/history.c +++ b/src/history.c @@ -1788,6 +1788,7 @@ bc_history_printCtrl(BcHistory* h, unsigned int c) // Pop the string. bc_vec_npop(&h->buf, sizeof(str)); bc_vec_pushByte(&h->buf, '\0'); + h->pos = 0; if (c != BC_ACTION_CTRL_C && c != BC_ACTION_CTRL_D) { |