Hi people,
there's a tiny bug in find that causes a segmentation fault in find. The
following C program can be used to replicate a pathological directory
structure:
#include <sys/stat.h>
#include <string.h>
#include <unistd.h>
int main(void) {
char s[256]; int i;
memset(s, 'x', sizeof s);
s[255] = 0;
for (i = 0; i < 200; i++) {
mkdir(s, 0777);
chdir(s);
}
return 0;
}
Calling
find /path/to/structure -exec true '{}' ';'
on the directory structure created by the program causes a segmentation
fault in brace_subst(). The following patch fixes that by using the
return value of realloc() instead of stashing it away and continuing
with the old value.
--
Gregor
Index: misc.c
===================================================================
RCS file: /mnt/media/cvs/src/usr.bin/find/misc.c,v
retrieving revision 1.12
diff -u -p -u -r1.12 misc.c
--- misc.c 18 May 2014 08:10:00 -0000 1.12
+++ misc.c 14 Jul 2015 15:41:20 -0000
@@ -66,6 +66,7 @@ brace_subst(char *orig, char **store, ch
if (!(newstore = realloc(*store, newlen)))
err(1, NULL);
*store = newstore;
+ p = newstore;
len = newlen;
}
memmove(p, path, plen);
