[Toybox] Fixing find segfault: questions
Tom Marshall
tom at cyngn.com
Mon Apr 11 14:02:55 PDT 2016
Currently toybox find (toys/posix/find.c) will segfault when the -iname
predicate is used on both sides of an -o predicate, the LHS evaluates to
true, and the expression followed with the -exec action. This is
because the initial parsing pass saves both the iname patterns in
lowercase form and the exec arguments on TT.arglist, but subsequent
passes do not pop the iname pattern for the RHS. The exec then attempts
to use the RHS pattern as the exec arguments.
Example, run on Debian 8.x amd64:
$ ./toybox find d \( -iname Exists.txt -o -iname foo \) -exec echo {} \;
Segmentation fault
There are several possible strategies to fix this issue. The simplest
fix in terms of code change may be simply to always pop the iname
pattern regardless of whether it will be checked. However, it would be
more efficient to avoid putting the iname pattern in arglist
altogether. If we are to avoid putting the iname pattern in arglist, I
see the two options below. Any preferences which to go with?
1. We could directly convert the argument to lowercase in the initial
parsing pass instead of storing it in arglist. This would require
underlying support for modifying argv strings. This works on Debian 8.x
amd64 and on Android 6.x, and I don't see any documentation in POSIX
that indicates it is disallowed. Are there any known supported platform
for which this would not work?
2. We could leverage the FNM_CASEFOLD flag to fnmatch(3). This is a GNU
extension but it is supported on both mainline Linux (glibc) and Android
(bionic). It also seems supported on FreeBSD, and probably other
*BSDs. Are there any known supported platforms that do not support this
flag?
Thanks!
More information about the Toybox
mailing list