public inbox for libc-alpha@sourceware.org
 help / color / mirror / Atom feed
From: Adhemerval Zanella <adhemerval.zanella@linaro.org>
To: Paul Eggert <eggert@cs.ucla.edu>, libc-alpha@sourceware.org
Subject: Re: [PATCH 9/9] posix: Fix glob with GLOB_NOCHECK returning modified patterns (BZ#10246)
Date: Fri, 08 Sep 2017 09:16:00 -0000	[thread overview]
Message-ID: <caf37ff1-497f-a091-60af-ef813d71e888@linaro.org> (raw)
In-Reply-To: <2a8058e8-4859-d75b-a16d-7ea0dd61ffd7@cs.ucla.edu>



On 08/09/2017 00:14, Paul Eggert wrote:
> Although this is a definite bug and the patch fixes this instance of
> it, I'm afraid other instances remain unfixed. For example:
>
>    glob_t g; glob ("//a*b", 0, NULL, &g)
>
> can do the wrong thing, since glob calls opendir on "/" instead of
> "//", and on some platforms "/" and "//" are different directories
> (POSIX allows this as a special exception).
>
> A more serious example. If you do this:
>
>   ln -s /no-such-file globlink1
>   ln -s . globlink2
>
> then:
>
>       glob_t g;
>       int res = glob ("globlink[12]/", 0, NULL, &g);
>       assert (res == 0 && g.gl_pathc == 1);
>       assert (strcmp (g.gl_pathv[0], "globlink2/") == 0);
>
> fails, since glob gets confused about directories and slashes and
> mistakenly returns two results. Although this bug is seemingly
> unrelated, the underlying cause is the same: glob gets confused about
> whether to include or exclude slashes when doing its tests.
>
> I'll take a look at it, though the fix won't be trivial.
>
> PS. This finishes my review of this patchset. Patches 1-8 are OK to be
> installed, with the trivial changes I suggested earlier. This patch
> (patch 9) I'd like to hold off on, until we've had a chance to work
> out a more-comprehensive fix.
Fair enough, I will hold patch 9 push and take a look at the examples you
brought up.  Thanks for the follow up.

>
> PPS. I'm still slowly wending my way through your original patchset.
> Most recently I looked at "[PATCH 07/18] posix: User LOGIN_NAME_MAX
> for all user names in glob"
> <https://sourceware.org/ml/libc-alpha/2017-08/msg00447.html>. I'm
> afraid a good fix needs to be hairier there too, as POSIX does not
> require LOGIN_NAME_MAX to be suitable for a stack-based buffer, or
> even to be defined. I have a partly-drafted patch which I hope to
> finish in the not-too-distant future.
Alright, my initial patch was to adequate it to glibc code (which does
define a actual limit suitable to stack allocation) and get rid of any
alloca usage.  My understanding, based on gnulib commit 064df0b0c,
is it should not impose a limit on user name length. 

So currently in a patchset I am intended to send after this one, user
name handling is now based on my char_array struct and thus allocates
the user_name dinamically if required.

  reply	other threads:[~2017-09-08  9:16 UTC|newest]

Thread overview: 62+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-09-05 20:25 [PATCH 0/9] posix: glob fixes and refactor Adhemerval Zanella
2017-09-05 20:25 ` [PATCH 9/9] posix: Fix glob with GLOB_NOCHECK returning modified patterns (BZ#10246) Adhemerval Zanella
2017-09-07 22:14   ` Paul Eggert
2017-09-08  9:16     ` Adhemerval Zanella [this message]
2017-09-05 20:25 ` [PATCH 3/9] posix: Allow glob to match dangling symlinks [BZ #866] Adhemerval Zanella
2017-09-06  1:27   ` Paul Eggert
2017-09-06 12:57     ` Adhemerval Zanella
2017-09-09  9:50   ` Andreas Schwab
2017-09-09 11:56     ` Adhemerval Zanella
2017-09-09 17:02       ` Paul Eggert
2017-09-09 17:11         ` Zack Weinberg
2017-09-09 17:26           ` Andreas Schwab
2017-09-09 17:33             ` Zack Weinberg
2017-09-10  8:19         ` Adhemerval Zanella
2017-09-10 17:13           ` Paul Eggert
2017-09-11 14:34           ` Joseph Myers
2017-09-11 14:38             ` Zack Weinberg
2017-09-11 16:53               ` Paul Eggert
2017-09-11 17:25                 ` Zack Weinberg
2017-09-11 17:38                   ` Paul Eggert
2017-09-11 17:56                     ` Zack Weinberg
2017-09-11 18:03                       ` Paul Eggert
2017-09-11 20:09                         ` Adhemerval Zanella
2017-09-13  9:14                           ` Paul Eggert
2017-09-13 12:22                             ` Adhemerval Zanella
2017-09-14 10:05                               ` Szabolcs Nagy
2017-09-14 13:43                                 ` Adhemerval Zanella
2017-09-15 20:18                             ` Florian Weimer
2017-09-15 20:27                               ` Adhemerval Zanella
2017-09-17  7:16                               ` Paul Eggert
2017-09-17  7:48                                 ` Florian Weimer
2017-09-17 14:18                                   ` Adhemerval Zanella
2017-09-05 20:25 ` [PATCH 6/9] posix: fix glob bugs with long login names Adhemerval Zanella
2017-09-05 20:25 ` [PATCH 8/9] posix: Use enum for __glob_pattern_type result Adhemerval Zanella
2017-09-06  1:30   ` Paul Eggert
2017-09-06  4:18   ` Paul Eggert
2017-09-06 13:04     ` Adhemerval Zanella
2017-09-06 16:18       ` Paul Eggert
2017-09-06 16:54         ` Adhemerval Zanella
2017-09-05 20:25 ` [PATCH 5/9] posix: Fix getpwnam_r usage (BZ #1062) Adhemerval Zanella
2017-09-05 20:25 ` [PATCH 7/9] posix: Consolidate glob implementation Adhemerval Zanella
2017-09-12  7:35   ` Andreas Schwab
2017-09-12 14:08     ` Adhemerval Zanella
2017-09-12 14:17       ` Andreas Schwab
2017-09-12 14:29     ` Joseph Myers
2017-09-12 14:39       ` Andreas Schwab
2017-09-12 14:50         ` Joseph Myers
2017-09-12 12:56   ` Andreas Schwab
2017-09-12 14:22     ` Adhemerval Zanella
2017-09-12 14:34       ` Andreas Schwab
2017-09-13 12:26         ` Adhemerval Zanella
2017-09-05 20:25 ` [PATCH 2/9] posix: accept inode 0 is a valid inode number (BZ #19971) Adhemerval Zanella
2017-09-05 20:25 ` [PATCH 4/9] Sync scratch_buffer with gnulib Adhemerval Zanella
2017-09-18  6:09   ` Florian Weimer
2017-09-18 11:43     ` Adhemerval Zanella
2017-09-18 11:57       ` Florian Weimer
2017-09-18 12:25         ` Adhemerval Zanella
2017-09-05 20:25 ` [PATCH 1/9] posix: Sync glob with gnulib [BZ #1062] Adhemerval Zanella
2017-09-06  2:01   ` Paul Eggert
2017-09-06 12:52     ` Adhemerval Zanella
2017-09-12 14:20   ` Andreas Schwab
2017-09-12 17:06     ` Adhemerval Zanella

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=caf37ff1-497f-a091-60af-ef813d71e888@linaro.org \
    --to=adhemerval.zanella@linaro.org \
    --cc=eggert@cs.ucla.edu \
    --cc=libc-alpha@sourceware.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).