* [PATCH] t6112: avoid tilde expansion @ 2026-04-18 16:32 SZEDER Gábor 2026-04-19 1:26 ` Elijah Newren 2026-04-21 19:21 ` [PATCH v2] " SZEDER Gábor 0 siblings, 2 replies; 4+ messages in thread From: SZEDER Gábor @ 2026-04-18 16:32 UTC (permalink / raw) To: git; +Cc: SZEDER Gábor e987df5fe6 (list-objects-filter: implement composite filters, 2019-06-27) introduced a test to "t6112-rev-list-filters-objects.sh" that checks the output of a Git command with the following commands: grep ~$omitted_1 actual && grep ~$omitted_2 actual && grep ~$omitted_3 actual && Since the leading tilde in the pattern is not quoted/escaped, it is subject to tilde expansion. So if the system has a user whose username happens to be equal to the content of one of those "$omitted_*" variables, then "grep" would look for the user's home directory. Luckily, those variables contain object hashes, so this is not very likely. Furthermore, Bash versions v5.0 and earlier seem to be buggy and don't handle this particular tilde expansion very well, and either segfault right away or, in case of v3.2, get stuck in an endless loop and segfault upon receiving ctrl-c. Quote those words starting with a tilde to avoid these issues. Signed-off-by: SZEDER Gábor <szeder.dev@gmail.com> --- t/t6112-rev-list-filters-objects.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/t/t6112-rev-list-filters-objects.sh b/t/t6112-rev-list-filters-objects.sh index 39211ef989..e0a825bccf 100755 --- a/t/t6112-rev-list-filters-objects.sh +++ b/t/t6112-rev-list-filters-objects.sh @@ -623,9 +623,9 @@ test_expect_success 'verify collecting omits in combined: filter' ' omitted_2=$(echo a | git hash-object --stdin) && omitted_3=$(echo abcde | git hash-object --stdin) && - grep ~$omitted_1 actual && - grep ~$omitted_2 actual && - grep ~$omitted_3 actual && + grep "~$omitted_1" actual && + grep "~$omitted_2" actual && + grep "~$omitted_3" actual && test_line_count = 3 actual ' -- 2.54.0.rc2.650.gc37764ecfc ^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] t6112: avoid tilde expansion 2026-04-18 16:32 [PATCH] t6112: avoid tilde expansion SZEDER Gábor @ 2026-04-19 1:26 ` Elijah Newren 2026-04-20 20:52 ` SZEDER Gábor 2026-04-21 19:21 ` [PATCH v2] " SZEDER Gábor 1 sibling, 1 reply; 4+ messages in thread From: Elijah Newren @ 2026-04-19 1:26 UTC (permalink / raw) To: SZEDER Gábor; +Cc: git On Sat, Apr 18, 2026 at 9:33 AM SZEDER Gábor <szeder.dev@gmail.com> wrote: > > e987df5fe6 (list-objects-filter: implement composite filters, > 2019-06-27) introduced a test to "t6112-rev-list-filters-objects.sh" > that checks the output of a Git command with the following commands: > > grep ~$omitted_1 actual && > grep ~$omitted_2 actual && > grep ~$omitted_3 actual && > > Since the leading tilde in the pattern is not quoted/escaped, it is > subject to tilde expansion. So if the system has a user whose > username happens to be equal to the content of one of those > "$omitted_*" variables, then "grep" would look for the user's home > directory. Luckily, those variables contain object hashes, so this is > not very likely. > > Furthermore, Bash versions v5.0 and earlier seem to be buggy and don't > handle this particular tilde expansion very well, and either segfault > right away or, in case of v3.2, get stuck in an endless loop and > segfault upon receiving ctrl-c. Interesting find on the bash segfault behavior. > Quote those words starting with a tilde to avoid these issues. > > Signed-off-by: SZEDER Gábor <szeder.dev@gmail.com> > --- > t/t6112-rev-list-filters-objects.sh | 6 +++--- > 1 file changed, 3 insertions(+), 3 deletions(-) > > diff --git a/t/t6112-rev-list-filters-objects.sh b/t/t6112-rev-list-filters-objects.sh > index 39211ef989..e0a825bccf 100755 > --- a/t/t6112-rev-list-filters-objects.sh > +++ b/t/t6112-rev-list-filters-objects.sh > @@ -623,9 +623,9 @@ test_expect_success 'verify collecting omits in combined: filter' ' > omitted_2=$(echo a | git hash-object --stdin) && > omitted_3=$(echo abcde | git hash-object --stdin) && > > - grep ~$omitted_1 actual && > - grep ~$omitted_2 actual && > - grep ~$omitted_3 actual && > + grep "~$omitted_1" actual && > + grep "~$omitted_2" actual && > + grep "~$omitted_3" actual && > test_line_count = 3 actual > ' > > -- > 2.54.0.rc2.650.gc37764ecfc Looks good to me. I wasn't able to find any other unquoted ~$ uses in the testsuite except mid-word (e.g. HEAD~$i), though I suspect your version of bash seg-faulting is a better check than my grep-fu anyway. ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] t6112: avoid tilde expansion 2026-04-19 1:26 ` Elijah Newren @ 2026-04-20 20:52 ` SZEDER Gábor 0 siblings, 0 replies; 4+ messages in thread From: SZEDER Gábor @ 2026-04-20 20:52 UTC (permalink / raw) To: Elijah Newren; +Cc: git On Sat, Apr 18, 2026 at 06:26:00PM -0700, Elijah Newren wrote: > On Sat, Apr 18, 2026 at 9:33 AM SZEDER Gábor <szeder.dev@gmail.com> wrote: > > > > e987df5fe6 (list-objects-filter: implement composite filters, > > 2019-06-27) introduced a test to "t6112-rev-list-filters-objects.sh" > > that checks the output of a Git command with the following commands: > > > > grep ~$omitted_1 actual && > > grep ~$omitted_2 actual && > > grep ~$omitted_3 actual && > > > > Since the leading tilde in the pattern is not quoted/escaped, it is > > subject to tilde expansion. So if the system has a user whose > > username happens to be equal to the content of one of those > > "$omitted_*" variables, then "grep" would look for the user's home > > directory. Luckily, those variables contain object hashes, so this is > > not very likely. On second thought, tilde expansion should happen before parameter/variable expansion, so the above is wrong: we are looking for a user named "$omitted_1" and not a user named like whatever object hash the "$omitted_1" variable holds. Still unlikely, but we should still avoid it. > > Furthermore, Bash versions v5.0 and earlier seem to be buggy and don't > > handle this particular tilde expansion very well, and either segfault > > right away or, in case of v3.2, get stuck in an endless loop and > > segfault upon receiving ctrl-c. > > Interesting find on the bash segfault behavior. Actually, I'm going to take back that statement about the Bash segfault. I tested older Bash versions with binaries that I compiled myself from the sources at git://git.savannah.gnu.org/bash.git, and those exhibited the segfault in v5.0 and below. Bisect shows that v5.1 is not just the first release but the first commit that doesn't segfault on t6112. However. Bash v5.1 was released on 2020-12-06, about a year and a half after those unintended tilde expansions were added. I find it hard to believe that noone stumbled upon this issue during that time... Suspicious, I booted my old laptop running an outdated Debian derivative with distro shipped Bash 5.0.17, and, lo and behold, t6112 passed just fine. So I'm inclined to think that something is wrong here... No idea what, though. I can reproduce the segfault with something as simple as "./bash-v5.0 -c 'v=~a'", and the segfault doesn't even come from Bash but from within getpwnam() called during tilde expansion. Oh, well. Will send a patch with updated log message some time later. ^ permalink raw reply [flat|nested] 4+ messages in thread
* [PATCH v2] t6112: avoid tilde expansion 2026-04-18 16:32 [PATCH] t6112: avoid tilde expansion SZEDER Gábor 2026-04-19 1:26 ` Elijah Newren @ 2026-04-21 19:21 ` SZEDER Gábor 1 sibling, 0 replies; 4+ messages in thread From: SZEDER Gábor @ 2026-04-21 19:21 UTC (permalink / raw) To: git; +Cc: Elijah Newren, SZEDER Gábor e987df5fe6 (list-objects-filter: implement composite filters, 2019-06-27) introduced a test to "t6112-rev-list-filters-objects.sh" that checks the output of a Git command with the following commands: grep ~$omitted_1 actual && grep ~$omitted_2 actual && grep ~$omitted_3 actual && Since the leading tilde in the pattern is not quoted/escaped, it is subject to tilde expansion. So if the system has a user whose username happens to be "$omitted_1", then "grep" would look for that user's home directory. Quote those words starting with a tilde to avoid this. Signed-off-by: SZEDER Gábor <szeder.dev@gmail.com> --- Same diff, updated commit message. t/t6112-rev-list-filters-objects.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/t/t6112-rev-list-filters-objects.sh b/t/t6112-rev-list-filters-objects.sh index 39211ef989..e0a825bccf 100755 --- a/t/t6112-rev-list-filters-objects.sh +++ b/t/t6112-rev-list-filters-objects.sh @@ -623,9 +623,9 @@ test_expect_success 'verify collecting omits in combined: filter' ' omitted_2=$(echo a | git hash-object --stdin) && omitted_3=$(echo abcde | git hash-object --stdin) && - grep ~$omitted_1 actual && - grep ~$omitted_2 actual && - grep ~$omitted_3 actual && + grep "~$omitted_1" actual && + grep "~$omitted_2" actual && + grep "~$omitted_3" actual && test_line_count = 3 actual ' -- 2.54.0.655.g69726bb9dc ^ permalink raw reply related [flat|nested] 4+ messages in thread
end of thread, other threads:[~2026-04-21 19:21 UTC | newest] Thread overview: 4+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2026-04-18 16:32 [PATCH] t6112: avoid tilde expansion SZEDER Gábor 2026-04-19 1:26 ` Elijah Newren 2026-04-20 20:52 ` SZEDER Gábor 2026-04-21 19:21 ` [PATCH v2] " SZEDER Gábor
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox