GNU bug report logs - #72756
Potential Bug/Vuln in test.c

Previous Next

Package: coreutils;

Reported by: Nathan Hays <nathan.hays <at> nccgroup.com>

Date: Thu, 22 Aug 2024 05:47:01 UTC

Severity: normal

Done: Paul Eggert <eggert <at> cs.ucla.edu>

Bug is archived. No further changes may be made.

Full log

Message #8 received at 72756 <at> debbugs.gnu.org (full text, mbox):

From: Paul Eggert <eggert <at> cs.ucla.edu>
To: Nathan Hays <nathan.hays <at> nccgroup.com>
Cc: 72756 <at> debbugs.gnu.org
Subject: Re: bug#72756: Potential Bug/Vuln in test.c
Date: Wed, 21 Aug 2024 23:21:07 -0700

I don't see a bug there. 'test' is behaving as documented.

> Expectation:
> `var=''; [ -n $var ]; echo $?` should NOT return `0`

This expectation is incorrect, because that command should exit with 
status 0. This is because the command '[ -n $var ]' is equivalent to:

  [ -n ]

which is equivalent to:

  test -n

and this is is defined to exit successfully, because '-n' is not the 
empty string.

The presence of the shell variable is irrelevant, because the shell 
omits the expansion of $var in the context you give.

Admittedly the usage of "test" is confusing, but it's been standardized 
for decades and it's not something we'd lightly change. You can see the 
current standard here:

https://pubs.opengroup.org/onlinepubs/9799919799/utilities/test.html

and the relevant text says:

  1 argument:
      Exit true (0) if $1 is not null; otherwise, exit false.
This bug report was last modified 97 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.