URL: <http://savannah.gnu.org/bugs/?51841>
Summary: find buffer-overflow with -printf '%T+' Project: findutils Submitted by: ametzler Submitted on: Thu 24 Aug 2017 07:54:37 PM CEST Category: find Severity: 3 - Normal Item Group: None Status: None Privacy: Public Assigned to: None Originator Name: Originator Email: Open/Closed: Open Discussion Lock: Any Release: None Fixed Release: None _______________________________________________________ Details: Hello, this is https://bugs.debian.org/873032 reported by Ryan <r...@ddn.com>: ------------------------------------- The findutils/find version now in buster 4.6.0+git+20170729-2 fails when I use find with -printf '%T+'. If I change the time format away from + to @, it works fine. Example bad run: ➜ find . -mindepth 1 -maxdepth 1 -printf '%T+=%p\n' *** buffer overflow detected ***: find terminated ======= Backtrace: ========= /lib/x86_64-linux-gnu/libc.so.6(+0x70bfb)[0x7efe96d69bfb] /lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x37)[0x7efe96df21e7] /lib/x86_64-linux-gnu/libc.so.6(+0xf7320)[0x7efe96df0320] find(+0xe56b)[0x558ab5db156b] find(+0xf273)[0x558ab5db2273] find(+0xdbe9)[0x558ab5db0be9] find(+0xdbe9)[0x558ab5db0be9] find(+0x7de9)[0x558ab5daade9] find(+0x74d1)[0x558ab5daa4d1] /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf1)[0x7efe96d192e1] find(+0x761a)[0x558ab5daa61a] ======= Memory map: ======== 558ab5da3000-558ab5ddb000 r-xp 00000000 fe:01 6554946 /usr/bin/find 558ab5fdb000-558ab5fdd000 r--p 00038000 fe:01 6554946 /usr/bin/find 558ab5fdd000-558ab5fde000 rw-p 0003a000 fe:01 6554946 /usr/bin/find 558ab5fde000-558ab5fdf000 rw-p 00000000 00:00 0 558ab6b5b000-558ab6b7c000 rw-p 00000000 00:00 0 [heap] 7efe9644e000-7efe96464000 r-xp 00000000 fe:01 6422603 /lib/x86_64-linux-gnu/libgcc_s.so.1 7efe96464000-7efe96663000 ---p 00016000 fe:01 6422603 /lib/x86_64-linux-gnu/libgcc_s.so.1 7efe96663000-7efe96664000 r--p 00015000 fe:01 6422603 /lib/x86_64-linux-gnu/libgcc_s.so.1 7efe96664000-7efe96665000 rw-p 00016000 fe:01 6422603 /lib/x86_64-linux-gnu/libgcc_s.so.1 7efe96665000-7efe9667d000 r-xp 00000000 fe:01 6422812 /lib/x86_64-linux-gnu/libpthread-2.24.so 7efe9667d000-7efe9687c000 ---p 00018000 fe:01 6422812 /lib/x86_64-linux-gnu/libpthread-2.24.so 7efe9687c000-7efe9687d000 r--p 00017000 fe:01 6422812 /lib/x86_64-linux-gnu/libpthread-2.24.so 7efe9687d000-7efe9687e000 rw-p 00018000 fe:01 6422812 /lib/x86_64-linux-gnu/libpthread-2.24.so 7efe9687e000-7efe96882000 rw-p 00000000 00:00 0 7efe96882000-7efe96884000 r-xp 00000000 fe:01 6422773 /lib/x86_64-linux-gnu/libdl-2.24.so 7efe96884000-7efe96a84000 ---p 00002000 fe:01 6422773 /lib/x86_64-linux-gnu/libdl-2.24.so 7efe96a84000-7efe96a85000 r--p 00002000 fe:01 6422773 /lib/x86_64-linux-gnu/libdl-2.24.so 7efe96a85000-7efe96a86000 rw-p 00003000 fe:01 6422773 /lib/x86_64-linux-gnu/libdl-2.24.so 7efe96a86000-7efe96af8000 r-xp 00000000 fe:01 6422696 /lib/x86_64-linux-gnu/libpcre.so.3.13.3 7efe96af8000-7efe96cf7000 ---p 00072000 fe:01 6422696 /lib/x86_64-linux-gnu/libpcre.so.3.13.3 7efe96cf7000-7efe96cf8000 r--p 00071000 fe:01 6422696 /lib/x86_64-linux-gnu/libpcre.so.3.13.3 7efe96cf8000-7efe96cf9000 rw-p 00072000 fe:01 6422696 /lib/x86_64-linux-gnu/libpcre.so.3.13.3 7efe96cf9000-7efe96e8c000 r-xp 00000000 fe:01 6422769 /lib/x86_64-linux-gnu/libc-2.24.so 7efe96e8c000-7efe9708c000 ---p 00193000 fe:01 6422769 /lib/x86_64-linux-gnu/libc-2.24.so 7efe9708c000-7efe97090000 r--p 00193000 fe:01 6422769 /lib/x86_64-linux-gnu/libc-2.24.so 7efe97090000-7efe97092000 rw-p 00197000 fe:01 6422769 /lib/x86_64-linux-gnu/libc-2.24.so 7efe97092000-7efe97096000 rw-p 00000000 00:00 0 7efe97096000-7efe97199000 r-xp 00000000 fe:01 6422783 /lib/x86_64-linux-gnu/libm-2.24.so 7efe97199000-7efe97398000 ---p 00103000 fe:01 6422783 /lib/x86_64-linux-gnu/libm-2.24.so 7efe97398000-7efe97399000 r--p 00102000 fe:01 6422783 /lib/x86_64-linux-gnu/libm-2.24.so 7efe97399000-7efe9739a000 rw-p 00103000 fe:01 6422783 /lib/x86_64-linux-gnu/libm-2.24.so 7efe9739a000-7efe973bf000 r-xp 00000000 fe:01 6422612 /lib/x86_64-linux-gnu/libselinux.so.1 7efe973bf000-7efe975be000 ---p 00025000 fe:01 6422612 /lib/x86_64-linux-gnu/libselinux.so.1 7efe975be000-7efe975bf000 r--p 00024000 fe:01 6422612 /lib/x86_64-linux-gnu/libselinux.so.1 7efe975bf000-7efe975c0000 rw-p 00025000 fe:01 6422612 /lib/x86_64-linux-gnu/libselinux.so.1 7efe975c0000-7efe975c2000 rw-p 00000000 00:00 0 7efe975c2000-7efe975e5000 r-xp 00000000 fe:01 6422605 /lib/x86_64-linux-gnu/ld-2.24.so 7efe97629000-7efe977c4000 r--p 00000000 fe:01 6567535 /usr/lib/locale/locale-archive 7efe977c4000-7efe977c9000 rw-p 00000000 00:00 0 7efe977e1000-7efe977e5000 rw-p 00000000 00:00 0 7efe977e5000-7efe977e6000 r--p 00023000 fe:01 6422605 /lib/x86_64-linux-gnu/ld-2.24.so 7efe977e6000-7efe977e7000 rw-p 00024000 fe:01 6422605 /lib/x86_64-linux-gnu/ld-2.24.so 7efe977e7000-7efe977e8000 rw-p 00000000 00:00 0 7ffda1b71000-7ffda1b92000 rw-p 00000000 00:00 0 [stack] 7ffda1bf8000-7ffda1bfb000 r--p 00000000 00:00 0 [vvar] 7ffda1bfb000-7ffda1bfd000 r-xp 00000000 00:00 0 [vdso] [1] 29180 abort find . -mindepth 1 -maxdepth 1 -printf '%T+=%p\n' ------------------------------------- Reproducing requires building find with -D_FORTIFY_SOURCE=2 in CPPFLAGS. I have bisected the issue, the point of breakage is not very surprising: 95816b29d46fb6b64754d4a66e7d918b3f134a1f is the first bad commit commit 95816b29d46fb6b64754d4a66e7d918b3f134a1f Author: James Youngman <j...@gnu.org> Date: Sun Jul 23 22:19:42 2017 +0100 find: avoid strftime's non-portable %F specifier. * find/print.c (format_date): Avoid passing %F to strftime since some implementation lack it. Pass the synonymous %Y-%m-%d instead. This fixes a bug manifesting on HP Tru64 UNIX V5.1B. Reported by Steven M. Schweda <s...@antinode.info>. cu Andreas _______________________________________________________ Reply to this item at: <http://savannah.gnu.org/bugs/?51841> _______________________________________________ Message sent via/by Savannah http://savannah.gnu.org/