Bug 251081 - Grep Crashes with both «--after-context» «--max-count» Switches are Used
Summary: Grep Crashes with both «--after-context» «--max-count» Switches are Used
Status: New
Alias: None
Product: Base System
Classification: Unclassified
Component: bin (show other bugs)
Version: 12.2-RELEASE
Hardware: Any Any
: --- Affects Some People
Assignee: freebsd-bugs (Nobody)
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2020-11-12 19:05 UTC by CrazyMihey
Modified: 2020-11-15 17:26 UTC (History)
1 user (show)

See Also:


Attachments
Grep Memory Dump 12.2 x64 (41.41 KB, application/x-xz)
2020-11-12 19:05 UTC, CrazyMihey
no flags Details
Include eol when calling execute in prpending (567 bytes, text/plain)
2020-11-14 06:52 UTC, Igor Kolesnik
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description CrazyMihey 2020-11-12 19:05:19 UTC
Created attachment 219606 [details]
Grep Memory Dump 12.2 x64

FreeBSD Grep Utility Crushes in a case of simultaneously specifying two Switches: «--after-context=NUM» (-A NUM) and «--max-count=NUM» (-m NUM). This happens when Russian Language (for Example) is Used.
The Example to ReProduce this Error (EveryOne can Try, if Brave enough):
# id -c
russian
#grep --after-context="10" --max-count="2" "" "/etc/passwd"
# $FreeBSD: releng/12.2/etc/master.passwd 359447 2020-03-30 17:07:05Z brooks $
#
Segmentation fault (стек памяти сброшен на диск)

or, without specifying the «Russian» LogIn Class (ReProduced on any System):
# env LANG="ru_RU.UTF-8" grep --after-context="10" --max-count="2" "" "/etc/passwd" || printf "Error Number: %u (0x%.2X).\n" "${?}" "${?}"
# $FreeBSD: releng/12.2/etc/master.passwd 359447 2020-03-30 17:07:05Z brooks $
#
Segmentation fault (стек памяти сброшен на диск)
Error Number: 139 (0x8B).	# Looks like 0x80 + 0x0B: «SIGSEGV».

shows the same Result. «egrep» does the same.
# grep --version
grep (GNU grep) 2.5.1-FreeBSD
This Issue was found with these Systems:
 ● FreeBSD 11.2-RELEASE #0 r335510: Fri Jun 22 04:32:14 UTC 2018 GENERIC amd64
 ● FreeBSD 12.1-RELEASE-p2 r358570 CrazyBook i386
 ● FreeBSD 12.2-RELEASE r366954 GENERIC i386
 ● FreeBSD 12.2-RELEASE r366954 GENERIC amd64
This is not a Critical Error, but IMHO, Developers should Know about It.
Thank You and Sorry, if It is not Important.
Comment 1 Igor Kolesnik 2020-11-14 06:51:53 UTC
Looks like it strips out the trailing eol character when calling execute in prpending().  Inside execute memchr() fails to find eol and returns NULL.

This occurs in 13.0-CURRENT as well.

BSD grep does not contain such bug.

Attached is a proposed patch.
Comment 2 Igor Kolesnik 2020-11-14 06:52:02 UTC
Created attachment 219672 [details]
Include eol when calling execute in prpending
Comment 3 CrazyMihey 2020-11-15 14:47:31 UTC
(In reply to Igor Kolesnik from comment #2)
Great & Quickly!
But ToDay (ReVision 367710) I did not see This Change neither in «RelEng 12.2», not in «Head» (Current).
SVN Says, «/[base]/head/gnu/usr.bin/grep/grep.c» File is 7 Years old.
Do You Recommend to Apply Your Patch by MySelf after Source DownLoad?
Sorry, maybe I do not understand the Development Stadies of BugFixing, will This Patch be Allpied to Current or RelEng Tree? Or maybe it is better not to Use the Bugging-Flags together?
I did not touch WITH_BSD_GREP/WITHOUT_GNU_GREP/WITH_GNU_GREP_COMPAT in «etc\src.conf», so it seems, I newer used «BSD grep»: always try to use Distribution-Default Utilities first.
				Thank You!
Comment 4 Igor Kolesnik 2020-11-15 17:26:11 UTC
(In reply to CrazyMihey from comment #3)

I'm not a FreeBSD developer.  The fix only exists as the proposed patch
attached to this ticket.  Actually, I don't know how it goes further from
here.

I searched for bugs related to grep

https://bugs.freebsd.org/bugzilla/buglist.cgi?quicksearch=grep&list_id=387710

and found that this bug already reported a quite time ago

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=193835

Also, it seems that gnugrep is going to be dropped away in favor of bsdgrep.
And there is a port/package textproc/gnugrep which is free of this bug.