mirror of
git://git.sv.gnu.org/findutils.git
synced 2026-01-30 13:18:59 +01:00
Bernhard Voelker
a5659a42fa
Prompted by the following warning of GCC-11.1.1:
tree.c: In function 'get_expr':
tree.c:140:31: warning: dereference of NULL 'prev_pred' [CWE-476] \
[-Wanalyzer-null-dereference]
140 | if ((UNI_OP == prev_pred->p_type
| ~~~~~~~~~^~~~~~~~
Former versions of find are not vulnerable to this, because a closing
parenthesis ')' without anything before was treated as a pathname
rather than an option.
But this is possible now with the recent introduction of the -files0-from
option (see commit 11576f4e6a) - yet still an invalid invocation.
Reproducer for a crash:
$ find -files0-from FILE ')' -print
Segmentation fault (core dumped)
In the similar case when the user didn't specify any action, and find(1)
adds the default action via '( user-expr ) -print', the error diagnostic
was very confusing, too:
$ find -files0-from FILE ')'
find: invalid expression; empty parentheses are not allowed.
* find/tree.c (get_expr): Handle the cases when there's no predicate
before CLOSE_PAREN, and output a useful error diagnostic.
* tests/find/files0-from.sh: Add a test case for it.