10a327
From d844b7bbf3952998a906f21ba432aa62a3b9c7c6 Mon Sep 17 00:00:00 2001
10a327
From: Bernhard Voelker <mail@bernhard-voelker.de>
10a327
Date: Tue, 14 Jun 2016 20:49:42 +0200
10a327
Subject: [PATCH] Fix bug #48180: find: avoid segfault for internal '-noop'
10a327
 option
10a327
10a327
The pseudo-option '-noop' was never meant to be exposed to the user
10a327
interface.  If specified by the user, find(1) segfaulted.
10a327
Bug introduced in commit FINDUTILS_4_3_0-1-12-g6b8a4db.
10a327
10a327
* find/parser.c (struct parser_table): Rename the parser_name element of
10a327
the ARG_NOOP entry from 'noop' to '--noop', thus indicating its pure
10a327
internal character.
10a327
(found_parser): Return NULL when the user has passed the '---noop' option;
10a327
the caller does the error handling.
10a327
* find/testsuite/sv-48180-refuse-noop.sh: Add test.
10a327
* find/testsuite/Makefile.am (test_shell_progs): Reference the test.
10a327
* NEWS (Bug fixes): Document the fix.
10a327
10a327
Reported by Tavian Barnes <tavianator@tavianator.com> in
10a327
    https://savannah.gnu.org/bugs/?48180
10a327
10a327
Upstream-commit: 595060f28eb5f658fa8d98970959c617fab0f078
10a327
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
10a327
---
10a327
 find/parser.c                          |   6 +-
10a327
 find/testsuite/Makefile.am             |   3 +-
10a327
 find/testsuite/sv-48180-refuse-noop.sh | 117 +++++++++++++++++++++++++++++++++
10a327
 3 files changed, 124 insertions(+), 2 deletions(-)
10a327
 create mode 100644 find/testsuite/sv-48180-refuse-noop.sh
10a327
10a327
diff --git a/find/parser.c b/find/parser.c
10a327
index 2d45349..697b2a2 100644
10a327
--- a/find/parser.c
10a327
+++ b/find/parser.c
10a327
@@ -321,7 +321,8 @@ static struct parser_table const parse_table[] =
10a327
    */
10a327
   {ARG_TEST, "false",                 parse_false,   pred_false}, /* GNU */
10a327
   {ARG_TEST, "true",                  parse_true,    pred_true }, /* GNU */
10a327
-  {ARG_NOOP, "noop",                  NULL,          pred_true }, /* GNU, internal use only */
10a327
+  /* Internal pseudo-option, therefore 3 minus: ---noop.  */
10a327
+  {ARG_NOOP, "--noop",                NULL,          pred_true }, /* GNU, internal use only */
10a327
 
10a327
   /* Various other cases that don't fit neatly into our macro scheme. */
10a327
   {ARG_TEST, "help",                  parse_help,    NULL},       /* GNU */
10a327
@@ -596,6 +597,9 @@ found_parser (const char *original_arg, const struct parser_table *entry)
10a327
    */
10a327
   if (entry->type != ARG_POSITIONAL_OPTION)
10a327
     {
10a327
+      if (entry->type == ARG_NOOP)
10a327
+        return NULL;  /* internal use only, trap -noop here.  */
10a327
+
10a327
       /* Something other than -follow/-daystart.
10a327
        * If this is an option, check if it followed
10a327
        * a non-option and if so, issue a warning.
10a327
diff --git a/find/testsuite/Makefile.am b/find/testsuite/Makefile.am
10a327
index ab5dbe8..1371c70 100644
10a327
--- a/find/testsuite/Makefile.am
10a327
+++ b/find/testsuite/Makefile.am
10a327
@@ -259,7 +259,8 @@ test_escape_c.sh \
10a327
 test_inode.sh \
10a327
 sv-34079.sh \
10a327
 sv-34976-execdir-fd-leak.sh \
10a327
-sv-48030-exec-plus-bug.sh
10a327
+sv-48030-exec-plus-bug.sh \
10a327
+sv-48180-refuse-noop.sh
10a327
 
10a327
 EXTRA_DIST = $(EXTRA_DIST_EXP) $(EXTRA_DIST_XO) $(EXTRA_DIST_GOLDEN) \
10a327
 	$(test_shell_progs) binary_locations.sh checklists.py
10a327
diff --git a/find/testsuite/sv-48180-refuse-noop.sh b/find/testsuite/sv-48180-refuse-noop.sh
10a327
new file mode 100755
10a327
index 0000000..974f0f0
10a327
--- /dev/null
10a327
+++ b/find/testsuite/sv-48180-refuse-noop.sh
10a327
@@ -0,0 +1,117 @@
10a327
+#! /bin/sh
10a327
+# Copyright (C) 2016 Free Software Foundation, Inc.
10a327
+#
10a327
+# This program is free software: you can redistribute it and/or modify
10a327
+# it under the terms of the GNU General Public License as published by
10a327
+# the Free Software Foundation, either version 3 of the License, or
10a327
+# (at your option) any later version.
10a327
+#
10a327
+# This program is distributed in the hope that it will be useful,
10a327
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
10a327
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
10a327
+# GNU General Public License for more details.
10a327
+#
10a327
+# You should have received a copy of the GNU General Public License
10a327
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
10a327
+#
10a327
+
10a327
+# This test verifies that find refuses the internal -noop, ---noop option.
10a327
+# Between findutils-4.3.1 and 4.6, find dumped core ($? = 139).
10a327
+
10a327
+testname="$(basename $0)"
10a327
+
10a327
+. "${srcdir}"/binary_locations.sh
10a327
+
10a327
+die() {
10a327
+  echo "$@" >&2
10a327
+  exit 1
10a327
+}
10a327
+
10a327
+# This is used to simplify checking of the return value
10a327
+# which is useful when ensuring a command fails as desired.
10a327
+# I.e., just doing `command ... &&fail=1` will not catch
10a327
+# a segfault in command for example.  With this helper you
10a327
+# instead check an explicit exit code like
10a327
+#   returns_ 1 command ... || fail
10a327
+returns_ () {
10a327
+  # Disable tracing so it doesn't interfere with stderr of the wrapped command
10a327
+  { set +x; } 2>/dev/null
10a327
+
10a327
+  local exp_exit="$1"
10a327
+  shift
10a327
+  "$@"
10a327
+  test $? -eq $exp_exit && ret_=0 || ret_=1
10a327
+
10a327
+  set -x
10a327
+  { return $ret_; } 2>/dev/null
10a327
+}
10a327
+
10a327
+# Define the nicest compare available (borrowed from gnulib).
10a327
+if diff_out_=`exec 2>/dev/null; diff -u "$0" "$0" < /dev/null` \
10a327
+   && diff -u Makefile "$0" 2>/dev/null | grep '^[+]#!' >/dev/null; then
10a327
+  # diff accepts the -u option and does not (like AIX 7 'diff') produce an
10a327
+  # extra space on column 1 of every content line.
10a327
+  if test -z "$diff_out_"; then
10a327
+    compare () { diff -u "$@"; }
10a327
+  else
10a327
+    compare ()
10a327
+    {
10a327
+      if diff -u "$@" > diff.out; then
10a327
+        # No differences were found, but Solaris 'diff' produces output
10a327
+        # "No differences encountered". Hide this output.
10a327
+        rm -f diff.out
10a327
+        true
10a327
+      else
10a327
+        cat diff.out
10a327
+        rm -f diff.out
10a327
+        false
10a327
+      fi
10a327
+    }
10a327
+  fi
10a327
+elif diff_out_=`exec 2>/dev/null; diff -c "$0" "$0" < /dev/null`; then
10a327
+  if test -z "$diff_out_"; then
10a327
+    compare () { diff -c "$@"; }
10a327
+  else
10a327
+    compare ()
10a327
+    {
10a327
+      if diff -c "$@" > diff.out; then
10a327
+        # No differences were found, but AIX and HP-UX 'diff' produce output
10a327
+        # "No differences encountered" or "There are no differences between the
10a327
+        # files.". Hide this output.
10a327
+        rm -f diff.out
10a327
+        true
10a327
+      else
10a327
+        cat diff.out
10a327
+        rm -f diff.out
10a327
+        false
10a327
+      fi
10a327
+    }
10a327
+  fi
10a327
+elif cmp -s /dev/null /dev/null 2>/dev/null; then
10a327
+  compare () { cmp -s "$@"; }
10a327
+else
10a327
+  compare () { cmp "$@"; }
10a327
+fi
10a327
+
10a327
+set -x
10a327
+tmpdir="$(mktemp -d)" \
10a327
+  && cd "$tmpdir" \
10a327
+  || die "FAIL: failed to set up the test in ${tmpdir}"
10a327
+
10a327
+fail=0
10a327
+# Exercise both the previous name of the pseudo-option '-noop',
10a327
+# and the now renamed '---noop' option for both find executables.
10a327
+for exe in "${ftsfind}" "${oldfind}"; do
10a327
+  for opt in 'noop' '--noop'; do
10a327
+    out="${exe}${opt}.out"
10a327
+    err="${exe}${opt}.err"
10a327
+    returns_ 1 "$exe" "-${opt}" >"$out" 2> "$err" || fail=1
10a327
+    compare /dev/null "$out" || fail=1
10a327
+    grep "find: unknown predicate .-${opt}." "$err" \
10a327
+      || { cat "$err"; fail=1; }
10a327
+  done
10a327
+done
10a327
+
10a327
+cd ..
10a327
+rm -rf "$tmpdir" || exit 1
10a327
+exit $fail
10a327
-- 
10a327
2.5.5
10a327