Johannes Altmanninger <aclopte@xxxxxxxxx> wrote:
> I'm hitting an easily reproducible crash.
> It bisects to c5bf970 (expand: Add multi-byte support to pmatch, 2024-06-02).
>
> After bisecting I reduced it to this example (probably not minimal)
>
> echo \\ | dash -c 'foo=$(cat; printf .); foo=${foo%.}'
Thanks for the report. This patch should fix the problem:
---8<---
When our own pmatch is used, loc2 is unused in scanleft/right
when quotes is true. However, it is still needed when quotes
is false.
Fix the scanleft/right code so that loc2 is always updated (so
it will be garbage when quotes is true) but only returned depending
on the value of quotes.
Fixes: c5bf9702ea11 ("expand: Add multi-byte support to pmatch")
Reported-by: Johannes Altmanninger <aclopte@xxxxxxxxx>
Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
diff --git a/src/expand.c b/src/expand.c
index d73f29c..7a30648 100644
--- a/src/expand.c
+++ b/src/expand.c
@@ -621,18 +621,15 @@ static char *scanleft(char *startp, char *endp, char *rmesc, char *rmescend,
match = pmatch(str, s);
*(FNMATCH_IS_ENABLED ? loc2 : loc) = c;
if (match)
- return FNMATCH_IS_ENABLED && quotes ? loc : loc2;
+ return quotes ? loc : loc2;
if (!c)
break;
mb = mbnext(loc);
loc += (mb & 0xff) + (mb >> 8);
- if (unlikely(FNMATCH_IS_ENABLED || !quotes)) {
- ml = (mb >> 8) > 3 ? (mb >> 8) - 2 : 1;
- loc2 += ml;
- } else
- loc2 = loc;
+ ml = (mb >> 8) > 3 ? (mb >> 8) - 2 : 1;
+ loc2 += ml;
} while (1);
return 0;
}
@@ -645,8 +642,7 @@ static char *scanright(char *startp, char *endp, char *rmesc, char *rmescend,
char *loc;
char *loc2;
- for (loc = endp, loc2 = rmescend;;
- FNMATCH_IS_ENABLED ? loc2-- : (loc2 = loc)) {
+ for (loc = endp, loc2 = rmescend;; loc2--) {
char *s = FNMATCH_IS_ENABLED ? loc2 : loc;
char c = *s;
unsigned ml;
@@ -659,7 +655,7 @@ static char *scanright(char *startp, char *endp, char *rmesc, char *rmescend,
match = pmatch(str, s);
*(FNMATCH_IS_ENABLED ? loc2 : loc) = c;
if (match)
- return FNMATCH_IS_ENABLED && quotes ? loc : loc2;
+ return quotes ? loc : loc2;
if (--loc < startp)
break;
if (!esc--)
@@ -676,8 +672,7 @@ static char *scanright(char *startp, char *endp, char *rmesc, char *rmescend,
loc -= ml + 2;
if (*loc == (char)CTLESC)
loc--;
- if (FNMATCH_IS_ENABLED)
- loc2 -= ml - 1;
+ loc2 -= ml - 1;
}
return 0;
}
--
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
[PATCH] expand: Fix scanleft/right for !FNMATCH_IS_ENABLED && quotes
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: [PATCH] expand: Fix scanleft/right for !FNMATCH_IS_ENABLED && quotes
- From: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
- Date: Sun, 17 Nov 2024 10:25:03 +0800
- Cc: dash@xxxxxxxxxxxxxxx
- In-reply-to: <ZuS3PI7He-T7pugf@gmail.com>
- Follow-Ups:
- Re: [PATCH] expand: Fix scanleft/right for !FNMATCH_IS_ENABLED && quotes
- From: Johannes Altmanninger
- Re: [PATCH] expand: Fix scanleft/right for !FNMATCH_IS_ENABLED && quotes
- References:
- Crash in expandarg
- From: Johannes Altmanninger
- Crash in expandarg
- Prev by Date: Re: [PATCH] Portability of dash to legacy systems, such as AT&T Unix PC : 01-remove-extraneous
- Next by Date: [PATCH] bltin: fix timescmd with C23
- Previous by thread: Crash in expandarg
- Next by thread: Re: [PATCH] expand: Fix scanleft/right for !FNMATCH_IS_ENABLED && quotes
- Index(es):
 |