Standish Parsley wrote: > In grep 2.6, savedir.c is broken. The following will produce a segfault with > grep 2.6, but works fine with grep 2.5.4: > > grep -rl --exclude-dir=foo NEEDLE $HOME > > It looks like, in savedir.c's isdir1(), path is being accessed before it is > allocated.
Thanks for the report! That is definitely a bug. This makes me regret not removing savedir a couple months ago when I converted to gnulib... Here's the fix. I'll push shortly, once I've added a test to exercise the code in question. >From 4e8e9fc468ddc500ac533a2648894a18a47dc793 Mon Sep 17 00:00:00 2001 From: Jim Meyering <[email protected]> Date: Fri, 26 Mar 2010 11:34:27 +0100 Subject: [PATCH] grep: don't segfault upon use of --exclude or --exclude-dir * lib/savedir.c (isdir1): Fix typo: test "dir" argument, not the global (NULL) "path". Reported by Standish Parsley. --- THANKS | 1 + lib/savedir.c | 2 +- 2 files changed, 2 insertions(+), 1 deletions(-) diff --git a/THANKS b/THANKS index f7d8970..e1273de 100644 --- a/THANKS +++ b/THANKS @@ -73,6 +73,7 @@ Ruslan Ermilov <[email protected]> Santiago Vila <[email protected]> Shannon Hill <[email protected]> Sotiris Vassilopoulos <[email protected]> +Standish Parsley <[email protected]> Stewart Levin <[email protected]> Sven Joachim <[email protected]> Sydoruk Stepan <[email protected]> diff --git a/lib/savedir.c b/lib/savedir.c index 91fd77b..94e5f12 100644 --- a/lib/savedir.c +++ b/lib/savedir.c @@ -48,7 +48,7 @@ isdir1 (const char *dir, const char *file) size_t dirlen = strlen (dir); size_t filelen = strlen (file); - while (dirlen && path[dirlen - 1] == '/') + while (dirlen && dir[dirlen - 1] == '/') dirlen--; if ((dirlen + filelen + 2) > pathlen) -- 1.7.0.3.448.g82eeb
