find: Fix buffer overflow in token stack
The stack is used for two purposes: storing operators for the shunting yard algorithm, and storing primitives when arranging the operators into a tree. The number of operators is bounded by the number of arguments, since we only insert at most one extra operator per primitive. However, the number of primitives may be as high as argc + 1, since -print may have been added implicitly. This can triggered with an empty expression, `find .`, since in this case argc is 0, but we still try to store -print in the stack. Detected with musl's WIP allocator, mallocng-draft.master
parent
6ff6bb57ce
commit
e6b6f34506
Loading…
Reference in New Issue