search

dvorka / hstr

bash and zsh shell history suggest box - easily view, navigate, search and manage your command history.
http://me.mindforger.com
Apache License 2.0
4.04k stars 231 forks source link

Crash finding with regexp #228

Closed aaferrari closed 6 years ago

aaferrari commented 7 years ago

Sometimes the program crashes when I look for commands with matching regular expressions activated. For example, when find something like echo.\+ and try to select a line like this:

{ for project in $(echo https://github.com/{12meses12katas/repositories,7shi/minix-tools,Aaron-Weaver/Stillicon-Waters-Website,Aluxian/WhatsApp-Desktop,Aluxian/Whatsie,Aris-t2/ClassicThemeRestorer,BahKoo/ChocolateStore,CleverRaven/Cataclysm-DDA,Cuevana/storm,CyanogenMod/android_bootable_recovery,Daenyth/Cockatrice,Delexious/alientube,Devuan,Diablo-D3/DiabloMiner,Diogenesthecynic/FullScreenMario,Dr-Terrible/go-overlay,EUA/wxHexEditor,Edaha,ElbertF/Wappalyzer,Fat-Zer/trinity,FrederickW/VideoDatabase,GNOME/gnome-clocks,GNOME/gtk,Hacksign/BaiduDoc,KeenSoftwareHouse/Miner-Wars-2081,Kobata/inventory-tweaks,LXDE,Legacy/Spoutcraft,Lokaltog/vim-powerline,M66B/XPrivacy,Milkyway-at-home/milkywayathome_client,MovingBlocks/CrashReporter,MovingBlocks/Terasology,MrS0m30n3/youtube-dl-gui,OhmResearch/KickassTorrentSurvey,Osse/double-tap,Owyn/HandyImage,PistonDevelopers/freetype-rs,Pita/etherpad-lite,Polymer/polymer,QtDesktop/qps,Quicksaver/FindBar-Tweak,QuiteRSS/quiterss,RReverser/hubot-skype4com,RequestPolicyContinued/requestpolicy,RingOV/gis-weather,Sabayon/for-gentoo,Sabayon/sabayon-distro,Skype4Py/Skype4Py,Stradex/doomerssurvival,Sub000/Sickrage-cannot-send-to-download-station,Sudzzuds,SwartzCr/nekoatsume,Tachyon-Team/Photon,TheDistributedBay/TheDistributedBay,TheFox/html2markdown,TimidScript/GreasyMonkey,TwinDrills,ValveSoftware/voglperf,Xylemon/xlennart,YePpHa/YouTubeCenter,YouWoTMA/stop-sopa,abrausch/StrikeOutLabel,adam-p/markdown-here,alankila,ali1234/fullscreenhack,ali1234/panel-switch,alireza7991/coreutils,amolenaar/gaphas,amsn/amsn2,and3k/and3k-sunrise,anders-larsson/gentoo-overlay,andig/videodb,androvm,anyc/mplugd,appfigures/memcached-sessionstore,apresta/tagger,aptinio/dosbox-mb6,arantius/resurrect-pages,arimus/jmimemagic,ariya/phantomjs,attardi/wikiextractor,aufziehvogel/cavr-crawler,aur-archive/libglfps,avz/pp,awahlig/skype4py,axet/json2xml,ayanamist/TwiShell,baedert/corebird,bagder/curl,beide/Bootimg-scripts,benibela/firefox-stuff,bitcoin/bitcoin,blog/1381-a-whole-new-code-search,blynn,blynn/gitmagic,bo0ts/ddate,bootchk/resynthesizer,brave/browser-laptop,brianto/concurrent-grep,brndnmtthws/omploader,brunoprog64/ecg-tesis,bundler/bundler,busyloop/lolcat,bwbaugh/wikipedia-extractor,bxm156/Java2CPP,c00w/bitHopper,c00w/btcnet_info,c00w/cgminer-multicoins,casperjs/casperjs,cdhowie/Bitcoin-mining-proxy,cdumez/qBittorrent-Search-Plugins,cecamp,ceryn/img,chocolatey/chocolatey,chrippa/livestreamer,chrisbra/SudoEdit.vim,chrisjlee/dotfiles,chrispederick/user-agent-switcher,chronomex/urlteam,chubin/pyphoon,chubin/wttr.in,ciderpunx/twitrssme,cmci/ImageJMacro_Highlighter,cmisenas/canny-edge-detection,compiz-reloaded/compiz,cosmos72/twin,crmarsh/discord-linux-bugs,crowdfavorite/wp-popularity-contest,cryptostorm-dev/website_katstorm.party,cvut/gentoo-overlay,cynthia/hypercube,dahu/SearchParty,dahu/SnippetsBar,dansmith65/git,darkwallet/darkwallet,darthbob88/CollectionLogger,davidgfnet/whatsapp-purple,davidgfnet/wireshark-whatsapp,davisp/python-spidermonkey,detly/arkfind,devendrachaplot/TicketMaster,dgl/cgiirc,dialelo/turses,diaspora/diaspora,diracdeltas/tabulous,discourse/discourse,dkobia/discourse-import-bbpress-plugin,doomtech/zandronum,doublec/solidcoin,drvymonkey,dsyph3r/symblog,dvorka/hstr,dwieeb/ownCloud-pwmanager,dylanaraps/neofetch,edx/edx-platform,efavry/sessionstore-extractor,egorkhmelev/jslider,ehmry/maelstrom,eliluminado/Guia-Tkinter,elundmark/tz-aio-userscript,endless-sky/endless-sky,enthought/enable,ericraio/VideoScraper,erikvold,etotheipi/BitcoinArmory,evllabs/JGAAP,ezyang/git-ftp,fabiomb/BotKillah,fancycode/pylzma,fasthyun,firebug/manual-tests,flaviotordini/minitube,fletcher/MultiMarkdown,freedoom/freedoom,freenet/fred-staging,fusebox/i0coin,fyvm/fyvm,gentoo/eudev,gentoo/gentoo,github/dmca,github/gitignore,github/linguist,github/markup,gitnacho,gitnacho/api,gitnacho/tnp,giuspen/x-tile,globaleaks,globaleaks/GlobaLeaks-0.1,globaleaks/fax2social,globaleaks/globaleaks,globaleaks/tor2web-2.0,gmarik/vundle,gmarty/hough-transform-js,google/google-api-php-client,gorhill/uBlock,gorhill/uMatrix,gpodder/GpodRoid,greasemonkey/greasemonkey,gregsexton/MatchTag,guoyunhe/fontweak,gustavosbarreto/antico,harisgx/jfilemagic,hlamer/cpp2python,honza/snipmate-snippets,hpricot/hpricot,hubsmoke/bro,i-rinat/freshplayerplugin,icsharpcode/ILSpy,iegor/rainyday,imathis/octopress,imiric/pythonhelper,inbasic/ignotifier,invesalius/invesalius3,ixcoin/ixcoin,iye/lightsOn,j0hn/guicavane,jackpal/Android-Terminal-Emulator,jaredly/codetalker,jcanfield/dotfiles_linux,jeremyevans/ruby-vorbis_comment,jeresig/jquery.hotkeys,jes5199/icfp2011,jfrazelle/weather,jgoerzen/twidge,jichu4n/JFBView,jim618/multibit,jlevy/the-art-of-command-line,jmechner/Prince-of-Persia-Apple-II,joero74/git-new-workdir,jorgicio/jorgicio-gentoo,jospergon/gvim,jtobey/bitcoin-abe,juj/emscripten-scummvm,jumanbar/cuest,jwu/exvim,jyr/opentumblr,k-takata/hg-vim,kaepora/cryptocat,karma-runner/karma-html2js-preprocessor,keniobats/BruterCrypt,keniobats/Knock-Knock-Admin,keniobats/Web-Monitor,kivy/kivy,kokoko3k/gopreload,ksv,languages,larsks/python-ftn,lazierthanthou/sqlite-manager,leeor/ff-activex-host,lemonsqueeze/FakeWifiConnection,leycec/raiagent,libyal/libvhdi,logsol/SynthReport,lucb1e/cookielesscookies,luis-pereira/portage,luqmana/mcchat,mafintosh/peerflix,mahatma-kaganovich,maksimr,maksimr/spliter-penta,maksimr/vim-jsbeautify,maksimr/vim-translator,maksimr/vim-yate,mate-desktop/mate-themes,matthiasbock/OpenSkype,matthiask/pdfdocument,mblondel,mdamt/linux-firmware,mdoege/grailbrowser,mdonatas/ILSpy.CopyFullyQualifiedTypeName.Plugin,megous/megatools,metapirate/LimeWire-Pirate-Edition,mgebert,mgroseman/sessionstore_utility,mikeage/expand,mjbrownie/browser.vim,mjg59/linux,moxie0/Convergence,mozilla/kitsune,mozilla/r2d2b2g,mozilla/socorro,mozilla/talkilla,muromec/pyepycs.rc4,mutaku/PyWGET,myrond/akcoin,naev/naev,nagueva/drowning,namecoin/namecoin,narrowtux/Shortcuts,natural/java2python,necrose99/necromancy-overlay,nickguletskii/GLXOSD,nicklan/pnmixer,nvie/vim-togglemouse,nylira/prism-break,odie5533/WarcMiddleware,othree/xml.vim,owncloud/apps,pabloq/hash-vs-sqlite-examples,panjandrum/obshutdown,paulolieuthier,pculture/unisubs,penk/mkxpud,pepgonzalez/VisionComputacional,piroor/popupalt,pisculichi/futbol-bash,plasticboy/vim-markdown,pointtonull/configs,polachok/echinus,polachok/skb,popcorn-official,prof7bit/TorChat,progit/progit,pydave/AsyncCommand,pyknite/catwm,python-openxml/python-docx,python-pillow/Pillow,qbittorrent/qBittorrent,qtile/qtile,rarosalion/sessionstoreParser,rctgamer3/ff2-default,reek/anti-adblock-killer,rg3/youtube-dl,rogerbinns/apsw,romanz/amodem,rupeshs/ExMplayer,rupeshs/machineye,rwaldron/idiomatic.js,sacarlson/MultiCoin,salfter/portage,sandikata/ROKO__,sargon/trayer-srg,satellogic/canopus,savetheinternet/Tinyboard,scrapinghub/adblockparser,scromega/tuentiAPI,scrooloose/nerdcommenter,scrooloose/nerdtree,seaofclouds/dotfiles,sede2/test,seisen/urllib2_file,sensepost/wikto,serghei/gentoo-trinity-overlay,shuebbel,slosd/guiconfig,smolleyes/StreamStudio,smolleyes/gmediafinder2,sqlitebrowser/sqlitebrowser,st33d/red-rogue,stuart/pngnq,superfeedr/superpipes,susam/vimtab,svadja/SessionStore,t1wk/bearded-nemesis,t9md/vim-textmanip,tantaman/Strut,tcrayford/bin,tdy/ctw,terencehonles/systemd,tgalal/yowsup,th3power/aegis-voat,thEpisode/CalculatorASM,thomasf/exitwp,tijuo/Silverbox-OS,timothycrosley/jiphy,tirino/freevana,tirino/freevana-player,tmbinc/bgrep,tmm1/macvim_vimshell,tomtom/tskeletons,tomtom/vimtlib,tpb-archive/repositories,tpope/vim-afterimage,tpope/vim-markdown,trapd00r/vim-highlight-default-highlight-groups,tthurman/imgur-integration,tuffy/python-audio-tools,tuxtor/manual-instalacion-gentoo,ukwa/webarchive-explorer,user-none/KDocker,uzbl/uzbl,vaeth/eix,vanowm/restartless-restart-ffext,veltman/clmystery,venomous0x/WhatsAPI,vhf/free-programming-books,viliusle/Hermite-resize,viliusle/miniPaint,vim-scripts/FavMenu.vim,vim-scripts/Google-translator,vim-scripts/Mines,vim-scripts/Sudoku-Solver,vim-scripts/Vdebug,vim-scripts/cmdline-completion,vim-scripts/fasm-compiler,vim-scripts/highlight_word_under_cursor.vim,vim-scripts/maximize.dll,vim-scripts/taglist.vim,vim-scripts/toggle_maximize.vim,vim-scripts/trans.vim,vim-scripts/vim-pomodoro,vim-scripts/vimwiki,vitalif/grive2,vlofgren/file-transfer-over-soundcard,voidlinux/void-packages,vvk-ehk/evalimine,w3c/Amaya,wavilen/wavilen-overlay,wescamp/Invasion_from_the_Unknown-1.8,wesleywerner/nova-pinball,whpthomas/GPX,why/unholy,wimmuskee/flavour,wongm3/strikeout,woxxy/lanczos-js,wp-cli/wp-cli,wxWidgets/wxPython,xflux-gui/xflux-gui,xolox/vim-session,xsawyerx/data-collector,yuvadm/whatsapp-py,zoofIO/flexx} ); do echo $project: $(curl --head $project |  head -n1); done; } | sort -k 3

The program crashes showing the following error:

*** buffer overflow detected ***: hh terminated6M;8f46fbd 2,======= Backtrace: =========f567 2,7M;f527910 2,7M;46e98ce 2,7M;11ef852 2,6M;8f46fbd 2,/lib/libc.so.6(+0x6614b)[0xb749f14b]M;f527910 2,7M;46e98ce 2,7M;11ef852 2,6M;8f46fbd 2,/lib/libc.so.6(__fortify_fail+0x37)[0xb752d487],7M;46e98ce 2,7M;11ef852 2,6M;8f46fbd 2,/lib/libc.so.6(+0xf2678)[0xb752b678] /lib/libc.so.6(+0xf1d85)[0xb752ad85] hh[0x804d6ee] hh[0x804e924] hh[0x804ed21] hh[0x804943e] /lib/libc.so.6(__libc_start_main+0xf7)[0xb74514e7]
hh[0x804948a]
======= Memory map: ========
08048000-08053000 r-xp 00000000 08:04 1988714    /usr/bin/hh
08053000-08054000 r--p 0000a000 08:04 1988714    /usr/bin/hh
08054000-08055000 rw-p 0000b000 08:04 1988714    /usr/bin/hh
09825000-0a9cc000 rw-p 00000000 00:00 0          [heap]
b6b7a000-b6c0e000 rw-p 00000000 00:00 0
b6f86000-b6f9f000 r-xp 00000000 08:04 2252540    /usr/lib/gcc/i686-pc-linux-gnu/5.4.0/libgcc_s.so.1
b6f9f000-b6fa0000 r--p 00018000 08:04 2252540    /usr/lib/gcc/i686-pc-linux-gnu/5.4.0/libgcc_s.so.1
b6fa0000-b6fa1000 rw-p 00019000 08:04 2252540    /usr/lib/gcc/i686-pc-linux-gnu/5.4.0/libgcc_s.so.1
b6fd6000-b71f2000 rw-p 00000000 00:00 0 
b71f2000-b73d4000 r--p 00000000 08:04 948017     /usr/lib/locale/locale-archive
b73d4000-b73d5000 rw-p 00000000 00:00 0 
b73d5000-b742e000 r-xp 00000000 08:04 2019358    /lib/libncurses.so.6.0
b742e000-b742f000 ---p 00059000 08:04 2019358    /lib/libncurses.so.6.0
b742f000-b7431000 r--p 00059000 08:04 2019358    /lib/libncurses.so.6.0
b7431000-b7432000 rw-p 0005b000 08:04 2019358    /lib/libncurses.so.6.0
b7432000-b7433000 rw-p 00000000 00:00 0 
b7433000-b7436000 r-xp 00000000 08:04 2028677    /lib/libdl-2.23.so
b7436000-b7437000 r--p 00002000 08:04 2028677    /lib/libdl-2.23.so
b7437000-b7438000 rw-p 00003000 08:04 2028677    /lib/libdl-2.23.so
b7438000-b7439000 rw-p 00000000 00:00 0 
b7439000-b75db000 r-xp 00000000 08:04 2035407    /lib/libc-2.23.so
b75db000-b75dc000 ---p 001a2000 08:04 2035407    /lib/libc-2.23.so
b75dc000-b75de000 r--p 001a2000 08:04 2035407    /lib/libc-2.23.so
b75de000-b75df000 rw-p 001a4000 08:04 2035407    /lib/libc-2.23.so
b75df000-b75e2000 rw-p 00000000 00:00 0 
b75e2000-b7633000 r-xp 00000000 08:04 2028575    /lib/libm-2.23.so
b7633000-b7634000 r--p 00050000 08:04 2028575    /lib/libm-2.23.so
b7634000-b7635000 rw-p 00051000 08:04 2028575    /lib/libm-2.23.so
b7635000-b7675000 r-xp 00000000 08:04 1987974    /lib/libreadline.so.6.3
b7675000-b7676000 ---p 00040000 08:04 1987974    /lib/libreadline.so.6.3
b7676000-b7677000 r--p 00040000 08:04 1987974    /lib/libreadline.so.6.3
b7677000-b767b000 rw-p 00041000 08:04 1987974    /lib/libreadline.so.6.3
b767b000-b767c000 rw-p 00000000 00:00 0 
b767c000-b76eb000 r-xp 00000000 08:04 2016281    /lib/libncursesw.so.6.0
b76eb000-b76ec000 ---p 0006f000 08:04 2016281    /lib/libncursesw.so.6.0
b76ec000-b76ee000 r--p 0006f000 08:04 2016281    /lib/libncursesw.so.6.0
b76ee000-b76ef000 rw-p 00071000 08:04 2016281    /lib/libncursesw.so.6.0
b76ef000-b76f0000 rw-p 00000000 00:00 0 
b76f7000-b76f8000 rw-p 00000000 00:00 0 
b76f8000-b771e000 r--p 00000000 08:04 2035237    /usr/share/locale/es/LC_MESSAGES/libc.mo
b771e000-b7725000 r--s 00000000 08:04 1051436    /usr/lib/gconv/gconv-modules.cache
b7725000-b7726000 rw-p 00000000 00:00 0 
b7726000-b7728000 r--p 00000000 00:00 0          [vvar]
b7728000-b7729000 r-xp 00000000 00:00 0          [vdso]
b7729000-b774c000 r-xp 00000000 08:04 2035430    /lib/ld-2.23.so
b774c000-b774d000 r--p 00022000 08:04 2035430    /lib/ld-2.23.so
b774d000-b774e000 rw-p 00023000 08:04 2035430    /lib/ld-2.23.so
bfdf2000-bfe13000 rw-p 00000000 00:00 0          [stack]
dvorka commented 6 years ago

Reproducible on WIP 1.28 c9a3cfc594d985d5a32408e461b8fdecb83f75d2 (check test/test-bug228.sh + change search type to regexp).

gdb backtrace:

#6  0x000000000040670e in strncpy (__len=8697, __src=<optimized out>, 
    __dest=0x7fffffffcc00 "echo https://github.com/{12meses12katas/repositories,7shi/minix-tools,Aaron-Weaver/Stillicon-Waters-Website,Aluxian/WhatsApp-Desktop,A19xian/Wha\320\314\377\377\377\177")
    at /usr/include/x86_64-linux-gnu/bits/string3.h:126
#7  highlight_selection (selectionCursorPosition=selectionCursorPosition@entry=0, 
    previousSelectionCursorPosition=previousSelectionCursorPosition@entry=0, 
    pattern=pattern@entry=0x7fffffffd4a0 "echo.\\+") at src/hstr.c:988
#8  0x0000000000407856 in loop_to_select () at src/hstr.c:1344
#9  0x0000000000407bf5 in hstr_interactive () at src/hstr.c:1482
#10 0x0000000000407e1f in hstr_main (argc=1, argv=0x7fffffffd808) at src/hstr.c:1554
#11 0x00007ffff7086830 in __libc_start_main (main=0x401ef0 <main>, argc=1, argv=0x7fffffffd808, 
    init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffffffd7f8)
    at ../csu/libc-start.c:291
dvorka commented 6 years ago

Fixed - it will be released with the next version.