#736410 ksh killed by SIGSEGV due to overflow in subshell loop

Package:
ksh
Source:
ksh93u+m
Submitter:
Christian Kujau
Date:
2026-06-08 07:49:02 UTC
Severity:
minor
Tags:
#736410#5
Date:
2014-01-23 11:53:00 UTC
From:
To:
This is basically a mirror of bug #1053938 reported for Fedora:
https://bugzilla.redhat.com/show_bug.cgi?id=1053938

The bug exists for the ksh package on Debian too (tried both
stable and sid on PowerPC) and can be reproduced pretty reliable
with the details in the above mentioned bug report.

Michal Hlavinka was able to provide a fix that has been included
the latest Fedora package of ksh.

I'll attach Michal's patch to that bug report. Moving this to
debian/patches and editing the series file built the package just fine
and fixed the bug.

#736410#10
Date:
2015-11-01 11:35:51 UTC
From:
To:
severity 736410 minor
found 736410 93u+20120801-1
tag 736410 - patch
thanks

If you follow the links to the stackoverflow page you get to a script
that I am not sure deserves to succeed.
It recurses generating exponential number of subshells. Enabling a patch
that would support that strikes me as risky at best.

Some better code would be:

#/bin/ksh93
#fibonacci sequence function
typeset -i ind=$1
typeset -a fibbo=(0 1)
typeset -i result

if (( $ind >= 2 ))
then
         for i in {2..$ind}
         do
                 (( fibbo[$i]=fibbo[$i-1]+fibbo[$i-2] ))
         done
fi
(( result = fibbo[$ind] ))

echo fibbonacci sequence number $ind is $result

This does not raise subshells. Hwoever it only goes up 46 before
reaching arithmetical overflow. I am not sure of the implications of
trying to address this, and certainly this does not strike me as a priority.

#736410#23
Date:
2026-06-08 07:41:41 UTC
From:
To:
Version: 1.0.0~beta.1-1

Closing as fixed. src:ksh was removed from Debian, and ksh93u+m had
this addressed upstream on 2020-08-11, before the first ksh93u+m
release.

Upstream reference: https://github.com/ksh93/ksh/pull/113

Anuradha