| Summary: | 'find ... -print | xargs rm -rf' versus 'find ... -print0 | xargs -0 rm -rf' | ||
|---|---|---|---|
| Product: | Gentoo Linux | Reporter: | Toralf Förster <toralf> |
| Component: | [OLD] Development | Assignee: | Gentoo Quality Assurance Team <qa> |
| Status: | RESOLVED CANTFIX | ||
| Severity: | normal | ||
| Priority: | High | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
| Attachments: |
all affected ebuilds
better grep of affected ebuilds all ebuilds with 'find ... | xargs ... chmod ...' lines output of the command below output of the command seen below |
||
please include a list of the problem ebuilds. Created attachment 53331 [details]
all affected ebuilds
all ebuilds, command was
$>find /usr/portage/ -type f -name '*.ebuild' -print0 | xargs -0 grep xargs |
grep rm | grep -v print0 | cut -f1 -d' ' > find.txt
Created attachment 53333 [details]
better grep of affected ebuilds
find /usr/portage/ -type f -name '*.ebuild' -print0 | xargs -0 egrep
"find.*xargs.* rm" | grep -v print0 > find.txt
Created attachment 53335 [details]
all ebuilds with 'find ... | xargs ... chmod ...' lines
used command:
$>find /usr/portage/ -type f -name '*.ebuild' -print0 | xargs -0 egrep
"find.*xargs.*chmod" | grep -v -e print0 -e 'rm -rf' > find.txt
really packages should only use 'rm -rf' if they know for sure 'rm -r' wont work ... Why don't you use '-exec command {} \;' instead of xargs?
Like in "find . -iname 'foobar' -exec the_command {} \;"
because that'll runs chmod a lot more than if you use xargs Created attachment 73183 [details]
output of the command below
currently 15 ebuilds found with the command
$> find /usr/portage/ -type f -name '*.ebuild' -print0 | xargs -0 egrep
"find.*xargs.*chmod" | grep -v -e print0 -e 'rm -rf' > find.txt
Created attachment 78155 [details]
output of the command seen below
find /usr/portage/ -type f -name '*.ebuild' -print0 | xargs -0 egrep "find.*xargs.*chmod" | grep -v -e print0 -e 'rm -rf'
close this bug, should be included in a general guideline of writing ebuilds |
There are currently 88 ebuilds using the 'find' together with 'xargs' in a vulnerable manner. Instead of using $>find . -type d -name 'CVS' -print | xargs rm -rf it is recommended to use $>find . -type d -name 'CVS' -print0 | xargs -0 rm -rf to prevent issues with uncommon file names. Reproducible: Always Steps to Reproduce: 1./cd /usr/portage 2.find . -type f -name '*.ebuild' -exec grep -H find {} \; | grep xargs | grep rm | grep -v print0 3.