Re: Segmentation fault in expassign when PS1='$[U[0S]+=]'

2017-05-16 Thread Chet Ramey 
On 5/15/17 3:58 PM, Eduardo Bustamante wrote:

> bash-4.4$ "$[U[0S]+=]"
> bash: 0S: value too great for base (error token is "0S")
> 
> It seems like the array index expression causes a longjmp in the
> second case, so it stops evaluating.
> 
> Found by fuzzing.
> 
> I think this might be similar to
> https://lists.gnu.org/archive/html/bug-bash/2017-05/msg00046.html
> (i.e. ``Segmentation fault in evalerror when xtrace and
> PS4='$[T[$]]'``)
> 
> I think the fix *may* be something like:

You're on the right track. Thanks for the report.

Chet

-- 
``The lyf so short, the craft so long to lerne.'' - Chaucer
 ``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, UTech, CWRUc...@case.eduhttp://cnswww.cns.cwru.edu/~chet/

Re: Infinite loop in bash glob matching

2017-05-16 Thread Zoltán Herczeg 
Hi,

bash version: GNU bash, version 4.3.11(1)-release (x86_64-pc-linux-gnu)
This command hangs in any directory on my machine (I don't have a directory 
without a dot file):

ls @(@()).

>> The shell globbing library seems to be interpreting this pattern
>> weirdly. I don't know the answer for this, but the glob() call in
>> glibc does what I expect:

Yes, glibc seems correct. Do you mean this is a bug in the shell?

Thank you for the help, bash is a great tool.

Regards,
Zoltan

Re: Segmentation fault in skip_to_delim / bash_directory_completion_hook

2017-05-16 Thread Chet Ramey 
On 5/15/17 3:20 PM, Eduardo Bustamante wrote:

> I think this is the fix:

Yeah, that looks right.  I see what happened. Thanks.

> dualbus@debian:~/src/gnu/bash$ git diff -- bashline.c
> diff --git a/bashline.c b/bashline.c
> index 7884416a..c92255d6 100644
> --- a/bashline.c
> +++ b/bashline.c
> @@ -3247,7 +3247,7 @@ bash_directory_completion_hook (dirname)
>   char delims[2];
> 
>   delims[0] = closer; delims[1] = 0;
> - p = skip_to_delim (t, t - local_dirname + 1, delims,
> SD_NOJMP|SD_COMPLETE);
> + p = skip_to_delim (t, 1, delims, SD_NOJMP|SD_COMPLETE);
>   if (t[p] != closer)
> should_expand_dirname = 0;
> }
> 


-- 
``The lyf so short, the craft so long to lerne.'' - Chaucer
 ``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, UTech, CWRUc...@case.eduhttp://cnswww.cns.cwru.edu/~chet/

Re: Infinite loop in bash glob matching

2017-05-16 Thread Daniel Mills 
The '[:' may be messing with it, 'a[[:alpha:]:abm[]' should work. It won't
match 'amm' because the range only matches a single character, you'd need
'a+([[:alpha:]:abm[])'

On Tue, May 16, 2017 at 10:49 AM, Eduardo Bustamante 
wrote:

> On Tue, May 16, 2017 at 2:48 AM, Zoltán Herczeg 
> wrote:
> > Hi,
> >
> > bash enter an infinite loop for this glob:
> >
> > ls @(@()).
>
> It works fine for me. What version of Bash are you using? And, what
> files are in the directory you're testing in?
>
> dualbus@debian:~/t$ ls
> a.1  a.2  a.3  a.4  b.1  b.2  b.3  b.4  c.1  c.2  c.3  c.4  d.1  d.2  d.3
> d.4
> dualbus@debian:~/t$ ls @(@()).
> a.1  a.2  a.3  a.4  b.1  b.2  b.3  b.4  c.1  c.2  c.3  c.4  d.1  d.2  d.3
> d.4
> dualbus@debian:~/t$
> GNU bash, version 4.4.11(1)-release (x86_64-pc-linux-gnu)
>
>
> > I have been trying to create a bash glob regex converter. It would be
> great if somebody (privately) could explain me  how !() and invalid []
> expressions exactly work. I have questions such as:
> >
> > ls a[[:alpha:][:abm]
> >
> > Why does this match to a: and nothing else (e.g. am or a[mm )?
>
> The shell globbing library seems to be interpreting this pattern
> weirdly. I don't know the answer for this, but the glob() call in
> glibc does what I expect:
>
> dualbus@debian:~/t$ ls
> a:  aa  ab
> dualbus@debian:~/t$ ls a[[:alpha:][:abm]
> a:
> dualbus@debian:~/t$ ../glob
> a:
> aa
> ab
> dualbus@debian:~/t$ cat ../glob.c
> #include 
> #include 
> #include 
>
> int main() {
> int i;
> glob_t pglob;
> if(glob("a[[:alpha:][:abm]", 0, NULL, ))
> perror(NULL);
> for(i = 0; i < pglob.gl_pathc; i++) {
> puts(pglob.gl_pathv[i]);
> }
> return 0;
> }
>
>

Re: Infinite loop in bash glob matching

2017-05-16 Thread Eduardo Bustamante 
On Tue, May 16, 2017 at 2:48 AM, Zoltán Herczeg  wrote:
> Hi,
>
> bash enter an infinite loop for this glob:
>
> ls @(@()).

It works fine for me. What version of Bash are you using? And, what
files are in the directory you're testing in?

dualbus@debian:~/t$ ls
a.1  a.2  a.3  a.4  b.1  b.2  b.3  b.4  c.1  c.2  c.3  c.4  d.1  d.2  d.3  d.4
dualbus@debian:~/t$ ls @(@()).
a.1  a.2  a.3  a.4  b.1  b.2  b.3  b.4  c.1  c.2  c.3  c.4  d.1  d.2  d.3  d.4
dualbus@debian:~/t$
GNU bash, version 4.4.11(1)-release (x86_64-pc-linux-gnu)


> I have been trying to create a bash glob regex converter. It would be great 
> if somebody (privately) could explain me  how !() and invalid [] expressions 
> exactly work. I have questions such as:
>
> ls a[[:alpha:][:abm]
>
> Why does this match to a: and nothing else (e.g. am or a[mm )?

The shell globbing library seems to be interpreting this pattern
weirdly. I don't know the answer for this, but the glob() call in
glibc does what I expect:

dualbus@debian:~/t$ ls
a:  aa  ab
dualbus@debian:~/t$ ls a[[:alpha:][:abm]
a:
dualbus@debian:~/t$ ../glob
a:
aa
ab
dualbus@debian:~/t$ cat ../glob.c
#include 
#include 
#include 

int main() {
int i;
glob_t pglob;
if(glob("a[[:alpha:][:abm]", 0, NULL, ))
perror(NULL);
for(i = 0; i < pglob.gl_pathc; i++) {
puts(pglob.gl_pathv[i]);
}
return 0;
}

Infinite loop in bash glob matching

2017-05-16 Thread Zoltán Herczeg 
Hi,

bash enter an infinite loop for this glob:

ls @(@()).

I have been trying to create a bash glob regex converter. It would be great if 
somebody (privately) could explain me  how !() and invalid [] expressions 
exactly work. I have questions such as:

ls a[[:alpha:][:abm]

Why does this match to a: and nothing else (e.g. am or a[mm )?

Regards,
Zoltan