On 10/13/10 15:38, Bruno Haible wrote:
> But why should this be a bug in libc? There are many functions in libc that
> can allocate an arbitrary amount of memory.
I agree that applications should set reasonable memory limits, but
this is still a bug in glob, because glob should not return duplicates.
For example, the pattern {.,.} should match just ".", not two instances
of "." as it does now. Just as the pattern x**y should not generate
multiple occurrences of "xfooy" merely because there are multiple ways
to match "xfooy", the pattern {.,.} should not generate multiple occurrences
of "." merely because there are multiple ways to match ".".
Filtering out duplicates would not fix all possible denial-of-service
attacks, but it will help, and it should be done anyway, because users
don't expect glob to return duplicates.
