From: "SZEDER Gábor" <szeder.dev@gmail.com>
To: Elijah Newren <newren@gmail.com>
Cc: git@vger.kernel.org
Subject: Re: [PATCH] t6112: avoid tilde expansion
Date: Mon, 20 Apr 2026 22:52:16 +0200 [thread overview]
Message-ID: <aeaSAMOqg5RzfdIA@szeder.dev> (raw)
In-Reply-To: <CABPp-BGV4DGwoSDCjjW2NWBhWXNDfeXwb-tPWSH_13mF0DCiRg@mail.gmail.com>
On Sat, Apr 18, 2026 at 06:26:00PM -0700, Elijah Newren wrote:
> On Sat, Apr 18, 2026 at 9:33 AM SZEDER Gábor <szeder.dev@gmail.com> wrote:
> >
> > e987df5fe6 (list-objects-filter: implement composite filters,
> > 2019-06-27) introduced a test to "t6112-rev-list-filters-objects.sh"
> > that checks the output of a Git command with the following commands:
> >
> > grep ~$omitted_1 actual &&
> > grep ~$omitted_2 actual &&
> > grep ~$omitted_3 actual &&
> >
> > Since the leading tilde in the pattern is not quoted/escaped, it is
> > subject to tilde expansion. So if the system has a user whose
> > username happens to be equal to the content of one of those
> > "$omitted_*" variables, then "grep" would look for the user's home
> > directory. Luckily, those variables contain object hashes, so this is
> > not very likely.
On second thought, tilde expansion should happen before
parameter/variable expansion, so the above is wrong: we are looking
for a user named "$omitted_1" and not a user named like whatever
object hash the "$omitted_1" variable holds.
Still unlikely, but we should still avoid it.
> > Furthermore, Bash versions v5.0 and earlier seem to be buggy and don't
> > handle this particular tilde expansion very well, and either segfault
> > right away or, in case of v3.2, get stuck in an endless loop and
> > segfault upon receiving ctrl-c.
>
> Interesting find on the bash segfault behavior.
Actually, I'm going to take back that statement about the Bash
segfault.
I tested older Bash versions with binaries that I compiled myself from
the sources at git://git.savannah.gnu.org/bash.git, and those
exhibited the segfault in v5.0 and below. Bisect shows that v5.1 is
not just the first release but the first commit that doesn't segfault
on t6112.
However.
Bash v5.1 was released on 2020-12-06, about a year and a half after
those unintended tilde expansions were added. I find it hard to
believe that noone stumbled upon this issue during that time...
Suspicious, I booted my old laptop running an outdated Debian
derivative with distro shipped Bash 5.0.17, and, lo and behold, t6112
passed just fine.
So I'm inclined to think that something is wrong here... No idea
what, though. I can reproduce the segfault with something as simple
as "./bash-v5.0 -c 'v=~a'", and the segfault doesn't even come from
Bash but from within getpwnam() called during tilde expansion.
Oh, well.
Will send a patch with updated log message some time later.
next prev parent reply other threads:[~2026-04-20 20:52 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-18 16:32 [PATCH] t6112: avoid tilde expansion SZEDER Gábor
2026-04-19 1:26 ` Elijah Newren
2026-04-20 20:52 ` SZEDER Gábor [this message]
2026-04-21 19:21 ` [PATCH v2] " SZEDER Gábor
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aeaSAMOqg5RzfdIA@szeder.dev \
--to=szeder.dev@gmail.com \
--cc=git@vger.kernel.org \
--cc=newren@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox