From: "René Scharfe" <l.s.r@web.de>
To: Matthew Hughes <matthewhughes934@gmail.com>, git@vger.kernel.org
Cc: "Junio C Hamano" <gitster@pobox.com>,
"Ævar Arnfjörð Bjarmason" <avarab@gmail.com>
Subject: [PATCH v2] grep: report missing left operand of --and
Date: Wed, 30 Jun 2021 18:12:43 +0200 [thread overview]
Message-ID: <1eeb34cf-3229-21f8-23ca-ab3c6d4dff2e@web.de> (raw)
In-Reply-To: <20210628121748.f3yrc72v4mynknl3@debianXPS.lan>
Git grep allows combining two patterns with --and. It checks and
reports if the second pattern is missing when compiling the expression.
A missing first pattern, however, is only reported later at match time.
Thus no error is returned if no matching is done, e.g. because no file
matches the also given pathspec.
When that happens we get an expression tree with an GREP_NODE_AND node
and a NULL pointer to the missing left child. free_pattern_expr()
tries to dereference it during the cleanup at the end, which results
in a segmentation fault.
Fix this by verifying the presence of the left operand at expression
compilation time.
Reported-by: Matthew Hughes <matthewhughes934@gmail.com>
Helped-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
Signed-off-by: René Scharfe <l.s.r@web.de>
---
Changes since v2:
- more specific error message,
- grammar error fix in commit message,
- no test of already working behavior.
grep.c | 2 ++
t/t7810-grep.sh | 9 +++++++++
2 files changed, 11 insertions(+)
diff --git a/grep.c b/grep.c
index 8f91af1cb0..424a39591b 100644
--- a/grep.c
+++ b/grep.c
@@ -657,6 +657,8 @@ static struct grep_expr *compile_pattern_and(struct grep_pat **list)
x = compile_pattern_not(list);
p = *list;
if (p && p->token == GREP_AND) {
+ if (!x)
+ die("--and not preceded by pattern expression");
if (!p->next)
die("--and not followed by pattern expression");
*list = p->next;
diff --git a/t/t7810-grep.sh b/t/t7810-grep.sh
index 5830733f3d..6b6423a07c 100755
--- a/t/t7810-grep.sh
+++ b/t/t7810-grep.sh
@@ -11,6 +11,13 @@ export GIT_TEST_DEFAULT_INITIAL_BRANCH_NAME
. ./test-lib.sh
+test_invalid_grep_expression() {
+ params="$@" &&
+ test_expect_success "invalid expression: grep $params" '
+ test_must_fail git grep $params -- nonexisting
+ '
+}
+
cat >hello.c <<EOF
#include <assert.h>
#include <stdio.h>
@@ -89,6 +96,8 @@ test_expect_success 'grep should not segfault with a bad input' '
test_must_fail git grep "("
'
+test_invalid_grep_expression --and -e A
+
for H in HEAD ''
do
case "$H" in
--
2.32.0
prev parent reply other threads:[~2021-06-30 16:12 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-06-28 12:17 segfault on invalid 'git grep' invocation Matthew Hughes
2021-06-28 18:53 ` Ævar Arnfjörð Bjarmason
2021-06-28 18:58 ` [PATCH] grep: report missing left operand of --and René Scharfe
2021-06-29 17:52 ` Ævar Arnfjörð Bjarmason
2021-06-29 18:35 ` René Scharfe
2021-06-30 16:12 ` René Scharfe [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1eeb34cf-3229-21f8-23ca-ab3c6d4dff2e@web.de \
--to=l.s.r@web.de \
--cc=avarab@gmail.com \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=matthewhughes934@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).