Git grep allows combining two patterns with --and. It checks and
reports if the second pattern is missing when compiling the expression.
A missing first pattern, however, is only reported later at match time.
Thus no error is returned if no matching is done, e.g. because no file
matches the also given pathspec.
When that happens we get an expression tree with an GREP_NODE_AND node
and a NULL pointer to the missing left child. free_pattern_expr()
tries to dereference it during the cleanup at the end, which results
in a segmentation fault.
Fix this by verifying the presence of the left operand at expression
compilation time.
Reported-by: Matthew Hughes <matthewhughes934@gmail.com>
Helped-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
Signed-off-by: René Scharfe <l.s.r@web.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
x = compile_pattern_not(list);
p = *list;
if (p && p->token == GREP_AND) {
+ if (!x)
+ die("--and not preceded by pattern expression");
if (!p->next)
die("--and not followed by pattern expression");
*list = p->next;
. ./test-lib.sh
+test_invalid_grep_expression() {
+ params="$@" &&
+ test_expect_success "invalid expression: grep $params" '
+ test_must_fail git grep $params -- nonexisting
+ '
+}
+
cat >hello.c <<EOF
#include <assert.h>
#include <stdio.h>
test_must_fail git grep "("
'
+test_invalid_grep_expression --and -e A
+
for H in HEAD ''
do
case "$H" in
projects / thirdparty / git.git / commitdiff
