[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bash core dumps doing glob pattern on long string

From: Phi Debian
Subject: bash core dumps doing glob pattern on long string
Date: Sun, 9 Oct 2022 10:07:31 +0200

I was looking at a bug on ksh93 that is
"core dumps doing glob pattern on long string" and it happen that bash
suffer the same.

$ [[ $(printf '%0100000d' 0) == +(0) ]]

I see 3 way of fixing this

1)  [[ string == pattern ]] is for glob pattern, so string should be
limited to PATH_MAX, so an upfront string length on string could prevent to
call the glob pattern recursive functions, and then avoid the core dump.

2) Since some may have abused the glob pattern with long string bigger then
PATH_MAX but smaller than core dump, imposing a PATH_MAX limit may break
some wrong scripts, so instead we could have a fix recursion deep level, as
we do have for shell functions calling,  this hopefully should allow  wrong
doing script with abused string length to continue to run, yet avoiding
core dump when reaching the limit, i.e break the call path.

3) Implement a stack deep check in the recursion, when getting close to the
end of stack break the function trail (like function too deep for recursive

A last possibility is 'do nothing', since most of the people/scripts that
works, don't care. Yet, the core dump limit is not the same on between bash
and ksh93 then making porting hazardous. If the bash team plan to fix it,
I'd like to know which way, so we could make ksh93 behave the same, for 1)
and 2) it would be the exact same limit, for 3) it would be depending on
stack usage, would not be the same exact string length that would break,
but it would breaks instead of core dumping.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]