parse_glob fails when the input of ^] is very large - OSS-Fuzz issue 64502 #5584
Labels
good first issue
For newcomers!
Comments
sylvestre
changed the title
|
when the input of the function is 174571 times |
|
probably in this function: |
|
I'm looking into this at the moment, on question which came up: when that function finds a |
|
Looking at it more there is a trivial fix: if we doesn't find any |
|
Btw. if I omit the timeout, the test completes after ~4 hours with the original code ... |
|
ah ah, fun fact, thanks :) |
|
And looking at it again it made me think: why do we look for the closing |
cj-zoltan-kiss
added a commit
to cj-zoltan-kiss/coreutils
that referenced
this issue
Mar 1, 2024
This solves uutils#5584, where the fuzzing would take hours without this.
cj-zoltan-kiss
added a commit
to cj-zoltan-kiss/coreutils
that referenced
this issue
Mar 11, 2024
This solves uutils#5584, where the fuzzing would take hours without this.
cj-zoltan-kiss
added a commit
to cj-zoltan-kiss/coreutils
that referenced
this issue
Mar 11, 2024
This solves uutils#5584, where the fuzzing would take hours without this.
|
OSS-Fuzz has closed this bug. Please see https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=64502 for details. |
zhitkoff
added a commit
to zhitkoff/coreutils
that referenced
this issue
Mar 12, 2024
* ci: use codecov token in CICD/GnuTests workflows * tee: fail test if string setup fails * sort: add skipped test for combined flags Now that clap#2624 has been resolved, we can and should test both variants. * cat: don't flake even on exotic pipe buffer sizes See also 9995c63. There is a race condition between the writing thread and the command. It is easily possible that on the developer's machine, the writing thread is always faster, filling the kernel's buffer of the stdin pipe, thus succeeding the write. It is also easily possible that on the busy CI machines, the child command runs first for whatever reason, and exits early, thus killing the pipe, which causes the later write to fail. This results in a flaky test. Let's prevent flaky tests. * numfmt: don't flake even on exotic pipe buffer sizes * split: don't flake even on exotic pipe buffer sizes * simulate terminal utility (squash) * workaround: run builds with retry (a) * added configurable terminal size * chore(deps): update rust crate rayon to 1.9 * cargo: fix feature = "cargo-clippy" deprecation * tests/printf: Fix char_as_byte test, add char and string padding tests * printf: Change get_char and write_padded to handle bytes instead of chars * uucore/format: add padlen to spell-checker:ignore * tests/printf: Verify the correct error behavior of printf when provided with '%0c' or '%0s' * printf: Raise error on '%0c' and '%0s' formats * cp: fix flaky test test_cp_arg_interactive_update, document adjacent bug * chore(deps): update rust crate walkdir to 2.5 * cat: permit repeating command-line flags * cat: fix -b and -n anti-symmetry * cat: ignore -u flag, just like GNU does * tests/common/util.rs: add cfg(feature = "env") * cat: prefix two test fns with "test_" * Bump mio from 0.8.10 to 0.8.11 * extend error message for case when writer instanciation fails second time * Bump chrono from 0.4.34 to 0.4.35 * ls: use chrono::TimeDelta::try_seconds instead of deprecated chrono::TimeDelta::seconds * touch: replace use of deprecated chrono functions * chmod: slightly adjust error message when preserve-root is triggered One of the GNU tests checks for the exact error message. * chgrp+chown: also trigger preserve-root during dirwalking, fix error message This is explicitly tested in the GNU tests. * uucore: drop unused function resolve_relative_path This function is by necessity ill-defined: Depending on the context, '..' is either the logical parent directory, sometimes the physical parent directory. This function can only work for the latter case, in which case `Path::canonicalize` is often a better approach. * split: close as much fds as needed for opening new one * use std::command::pre_exec() to set limits on child before exec * chore(deps): update softprops/action-gh-release action to v2 * dd: treat arg as bytes if it contains 'B' * Fix clippy warnings * tr: stream output instead of buffering This should lower memory consumption, and fixes OOM in some scenarios. * shuf: fix and test off-by-one errors around ranges * shuf: fix error message text on negative-sized ranges Found by @cakebaker: uutils#6011 (comment) * chcon: allow overriding between --dereference and --no-dereference * chcon: allow repeated flags and arguments * touch: Respect -h when getting metadata (uutils#5951) * Add tests that stat symlinks * Check follow first in stat * Don't run tests on FreeBSD It would be possible to get them to run on FreeBSD by avoiding get_symlink_times, but the behavior we're testing is not platform-specific, so it's fine to not test it on FreeBSD. --------- Co-authored-by: Sylvestre Ledru <sylvestre@debian.org> * pr: fix deprecation warnings & remove comment * chgrp: fix clippy warning * cut: allow non utf8 characters for delimiters (uutils#6037) * cp: improve the support of --attributes-only (uutils#6051) * cp: improve the support of --attributes-only * remove useless comments Co-authored-by: Daniel Hofstetter <daniel.hofstetter@42dh.com> --------- Co-authored-by: Daniel Hofstetter <daniel.hofstetter@42dh.com> * cp: Split the copy_file function a bit * parser: if closing square bracket not found, stop looking for it again This solves uutils#5584, where the fuzzing would take hours without this. * Fix install: invalid link at destination also remove some FixMEs for FreeBsd * Bump nix from 0.27 to 0.28 * uucore/pipes: adapt to new return type of nix fn nix 0.28 changed the return type of unistd::pipe() from Result<(RawFd, RawFd), Error> to Result<(OwnedFd, OwnedFd), Error> * tty: unistd::ttyname takes AsFd instead of RawFd change introduced by nix 0.28 * stty: remove ofill output flag flag was removed from nix::sys::termios::OutputFlags in nix 0.28 * cat: adapt to type change of unistd::write() nix 0.28 changed "write(fd: RawFd, buf: &[u8]) -> Result<usize>" to "write<Fd: AsFd>(fd: Fd, buf: &[u8]) -> Result<usize>" * chore(deps): update rust crate blake3 to 1.5.1 --------- Co-authored-by: Daniel Hofstetter <daniel.hofstetter@42dh.com> Co-authored-by: Ben Wiederhake <BenWiederhake.GitHub@gmx.de> Co-authored-by: Ulrich Hornung <hornunguli@gmx.de> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Sylvestre Ledru <sylvestre@debian.org> Co-authored-by: Dimitris Apostolou <dimitris.apostolou@icloud.com> Co-authored-by: Dorian Péron <dorianperon.i@gmail.com> Co-authored-by: Terts Diepraam <terts.diepraam@gmail.com> Co-authored-by: mhead <mtrxhead@protonmail.com> Co-authored-by: Yash Thakur <45539777+ysthakur@users.noreply.github.com> Co-authored-by: Zoltan Kiss <121870572+cj-zoltan-kiss@users.noreply.github.com>
zhitkoff
added a commit
to zhitkoff/coreutils
that referenced
this issue
Mar 12, 2024
* ci: use codecov token in CICD/GnuTests workflows * tee: fail test if string setup fails * sort: add skipped test for combined flags Now that clap#2624 has been resolved, we can and should test both variants. * cat: don't flake even on exotic pipe buffer sizes See also 9995c63. There is a race condition between the writing thread and the command. It is easily possible that on the developer's machine, the writing thread is always faster, filling the kernel's buffer of the stdin pipe, thus succeeding the write. It is also easily possible that on the busy CI machines, the child command runs first for whatever reason, and exits early, thus killing the pipe, which causes the later write to fail. This results in a flaky test. Let's prevent flaky tests. * numfmt: don't flake even on exotic pipe buffer sizes * split: don't flake even on exotic pipe buffer sizes * simulate terminal utility (squash) * workaround: run builds with retry (a) * added configurable terminal size * chore(deps): update rust crate rayon to 1.9 * cargo: fix feature = "cargo-clippy" deprecation * tests/printf: Fix char_as_byte test, add char and string padding tests * printf: Change get_char and write_padded to handle bytes instead of chars * uucore/format: add padlen to spell-checker:ignore * tests/printf: Verify the correct error behavior of printf when provided with '%0c' or '%0s' * printf: Raise error on '%0c' and '%0s' formats * cp: fix flaky test test_cp_arg_interactive_update, document adjacent bug * chore(deps): update rust crate walkdir to 2.5 * cat: permit repeating command-line flags * cat: fix -b and -n anti-symmetry * cat: ignore -u flag, just like GNU does * tests/common/util.rs: add cfg(feature = "env") * cat: prefix two test fns with "test_" * Bump mio from 0.8.10 to 0.8.11 * extend error message for case when writer instanciation fails second time * Bump chrono from 0.4.34 to 0.4.35 * ls: use chrono::TimeDelta::try_seconds instead of deprecated chrono::TimeDelta::seconds * touch: replace use of deprecated chrono functions * chmod: slightly adjust error message when preserve-root is triggered One of the GNU tests checks for the exact error message. * chgrp+chown: also trigger preserve-root during dirwalking, fix error message This is explicitly tested in the GNU tests. * uucore: drop unused function resolve_relative_path This function is by necessity ill-defined: Depending on the context, '..' is either the logical parent directory, sometimes the physical parent directory. This function can only work for the latter case, in which case `Path::canonicalize` is often a better approach. * split: close as much fds as needed for opening new one * use std::command::pre_exec() to set limits on child before exec * chore(deps): update softprops/action-gh-release action to v2 * dd: treat arg as bytes if it contains 'B' * Fix clippy warnings * tr: stream output instead of buffering This should lower memory consumption, and fixes OOM in some scenarios. * shuf: fix and test off-by-one errors around ranges * shuf: fix error message text on negative-sized ranges Found by @cakebaker: uutils#6011 (comment) * chcon: allow overriding between --dereference and --no-dereference * chcon: allow repeated flags and arguments * touch: Respect -h when getting metadata (uutils#5951) * Add tests that stat symlinks * Check follow first in stat * Don't run tests on FreeBSD It would be possible to get them to run on FreeBSD by avoiding get_symlink_times, but the behavior we're testing is not platform-specific, so it's fine to not test it on FreeBSD. --------- Co-authored-by: Sylvestre Ledru <sylvestre@debian.org> * pr: fix deprecation warnings & remove comment * chgrp: fix clippy warning * cut: allow non utf8 characters for delimiters (uutils#6037) * cp: improve the support of --attributes-only (uutils#6051) * cp: improve the support of --attributes-only * remove useless comments Co-authored-by: Daniel Hofstetter <daniel.hofstetter@42dh.com> --------- Co-authored-by: Daniel Hofstetter <daniel.hofstetter@42dh.com> * cp: Split the copy_file function a bit * parser: if closing square bracket not found, stop looking for it again This solves uutils#5584, where the fuzzing would take hours without this. * Fix install: invalid link at destination also remove some FixMEs for FreeBsd * Bump nix from 0.27 to 0.28 * uucore/pipes: adapt to new return type of nix fn nix 0.28 changed the return type of unistd::pipe() from Result<(RawFd, RawFd), Error> to Result<(OwnedFd, OwnedFd), Error> * tty: unistd::ttyname takes AsFd instead of RawFd change introduced by nix 0.28 * stty: remove ofill output flag flag was removed from nix::sys::termios::OutputFlags in nix 0.28 * cat: adapt to type change of unistd::write() nix 0.28 changed "write(fd: RawFd, buf: &[u8]) -> Result<usize>" to "write<Fd: AsFd>(fd: Fd, buf: &[u8]) -> Result<usize>" * chore(deps): update rust crate blake3 to 1.5.1 --------- Co-authored-by: Daniel Hofstetter <daniel.hofstetter@42dh.com> Co-authored-by: Ben Wiederhake <BenWiederhake.GitHub@gmx.de> Co-authored-by: Ulrich Hornung <hornunguli@gmx.de> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Sylvestre Ledru <sylvestre@debian.org> Co-authored-by: Dimitris Apostolou <dimitris.apostolou@icloud.com> Co-authored-by: Dorian Péron <dorianperon.i@gmail.com> Co-authored-by: Terts Diepraam <terts.diepraam@gmail.com> Co-authored-by: mhead <mtrxhead@protonmail.com> Co-authored-by: Yash Thakur <45539777+ysthakur@users.noreply.github.com> Co-authored-by: Zoltan Kiss <121870572+cj-zoltan-kiss@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
OSS-Fuzz has found a bug in this project. Please see https://oss-fuzz.com/testcase?key=5339499714183168 for details and reproducers.
This issue is mirrored from https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=64502 and will auto-close if the status changes there.
If you have trouble accessing this report, please file an issue at https://github.com/google/oss-fuzz/issues/new.
The text was updated successfully, but these errors were encountered: