[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug #39162] -printf option reads beyond arguments terminated by \

From: anonymous
Subject: [bug #39162] -printf option reads beyond arguments terminated by \
Date: Wed, 05 Jun 2013 02:11:58 +0000
User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1453.93 Safari/537.36

Follow-up Comment #2, bug #39162 (project findutils):

Yes, I meant one of the commands that you listed. I don't have a run which
shows the problem and I'm not sure whether that can be produced on an x64 box
because of the stack layout, but I could imagine a memory violation happening
on other architectures.

However, you can easily see the issue by adding a print statement inside the
for loop from insert_fprintf. This will print not only the -printf argument
but also part of envp (which follows on stack). Using the same command line, a
change like

--- a/find/print.c
+++ b/find/print.c
@@ -329,6 +329,7 @@ insert_fprintf (struct format_val *vec,
   for (fmt_editpos = segstart; *fmt_editpos; fmt_editpos++)
+      printf("%c", *fmt_editpos);
       if (fmt_editpos[0] == '\' && fmt_editpos[1] == 'c')
          make_segment (segmentp, segstart, fmt_editpos - segstart,


%find/find: warning: unrecognized escape `'

TERM=xterm-256color should not be there.


Reply to this item at:


  Message sent via/by Savannah

reply via email to

[Prev in Thread] Current Thread [Next in Thread]