OpenSolaris

Printable Version Enter a New Search
Bug ID 6513046
Synopsis find incorrectly processes action arguments if multiple paths and no -print
State 10-Fix Delivered (Fix available in build)
Category:Subcategory utility:file
Keywords rtiq_reviewed
Responsible Engineer Keerthi Kondaka
Reported Against
Duplicate Of
Introduced In solaris_8
Commit to Fix snv_70
Fixed In snv_70
Release Fixed solaris_nevada(snv_70) , solaris_10u5(s10u5_01) (Bug ID:2152087)
Related Bugs 1161396 , 4159420
Submit Date 15-January-2007
Last Update Date 17-September-2007
Description 
Customer found that occasionally -prune was not working in their find command

find /a /b /c /d /e /f /g /h /i /j /k /l /m /n /o -prune -ctime +7

investigation of the code to find. shows that if no -print option is specified
find will create a parse tree for its arguments then append a node for ( and -print

the code should save this updated parse tree and revert to is for each subsequent path.

customer sees this issue on solaris 9. but the code is relatively the same for all versions of solaris.

i shall include the open solaris code to clarify the bug.

    292 	/* allocate enough space for the compiler */
    293 	topnode = malloc((argc + 1) * sizeof (struct Node));
    294 	savetnode = malloc((argc + 1) * sizeof (struct Node));
///
    298 	if (compile(argv + paths, topnode, &action_expression) == 0) {
    299 		/* no expression, default to -print */
    300 		(void) memcpy(topnode, &PRINT_NODE, sizeof (struct Node));
    301 	} else if (!action_expression) {
    302 		/*
    303 		 * if no action expression, insert an LPAREN node above topnode,
    304 		 * with a PRINT node as its next node
    305 		 */
    306 		struct Node *savenode;
    307 
    308 		if (freenode == NULL) {
    309 			(void) fprintf(stderr, gettext("%s: can't append -print"
    310 				" implicitly; try explicit -print option\n"),
    311 				cmdname);
    312 			exit(1);
    313 		}
    314 		savenode = topnode;
    315 		topnode = freenode++;
    316 		(void) memcpy(topnode, &LPAREN_NODE, sizeof (struct Node));
    317 		topnode->next = freenode;
    318 		topnode->first.np = savenode;
    319 		(void) memcpy(topnode->next, &PRINT_NODE, sizeof (struct Node));
    320 	}
    321 	(void) memcpy(savetnode, topnode, ((argc + 1) * sizeof (struct Node)));
    322 
    323 	while (paths--) {
...
    363 
    364 		if (paths > 1)
    365 			(void) memcpy(topnode, savetnode,
    366 			    ((argc + 1) * sizeof (struct Node)));
    367 	}
    368 

note: only the ( -print onwards is copied back to the parse tree and also that the memcpy
at 365 will overwrite the heap beyond the topnode allocation and scrible on the savetnode
allocation and hecne may cause issues with the next iteration.

should be able to fix by copying the whole parse tree not just the end.
Work Around 
problem is only seen when no actions. appending -print works around the issue.
Comments 
N/A