Re: [PATCH] expand: Always quote caret when using fnmatch

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 18/01/2022 06:13, Herbert Xu wrote:
This patch forces ^ to be a literal when we use fnmatch.

Fixes: 7638476c18f2 ("shell: Enable fnmatch/glob by default")
Reported-by: Christoph Anton Mitterer <calestyo@xxxxxxxxxxxx>
Suggested-by: Harald van Dijk <harald@xxxxxxxxxxx>
Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>

diff --git a/src/expand.c b/src/expand.c
index aea5cc4..04bf8fb 100644
--- a/src/expand.c
+++ b/src/expand.c
@@ -47,6 +47,9 @@
  #include <string.h>
  #ifdef HAVE_FNMATCH
  #include <fnmatch.h>
+#define FNMATCH_IS_ENABLED 1
+#else
+#define FNMATCH_IS_ENABLED 0
  #endif
  #ifdef HAVE_GLOB
  #include <glob.h>
@@ -1693,8 +1696,11 @@ _rmescapes(char *str, int flag)
  			notescaped = 0;
  			goto copy;
  		}
+		if (FNMATCH_IS_ENABLED && *p == '^')
+			goto add_escape;
  		if (*p == (char)CTLESC) {
  			p++;
+add_escape:
  			if (notescaped)
  				*q++ = '\\';
  		}


The loop that is modified by this patch is only taken after any qchars are seen, so for e.g.

  var=abc
  echo ${var#[^a]}

it has no effect. More importantly though, _rmescapes is used to modify strings in place. This patch causes _rmescapes to try and grow strings, which cannot ever work. A test case for this is

  case aa in \a[^a]) echo match ;; esac

which fails with a segfault after this patch is applied.

Cheers,
Harald van Dijk



[Index of Archives]     [LARTC]     [Bugtraq]     [Yosemite Forum]     [Photo]

  Powered by Linux