Bug#765577: (no subject)

Wed Apr 22 13:25:16 BST 2015

reopen 765577 !
found 765577 215-14
thanks

On Mon, Mar 30, 2015 at 06:06:47AM +0200, Marco d'Itri wrote:
> I see that we have independently devised the same fix, I am attaching 
> a test case and a more refined version of your patch.

I tried Jessie RC3 today and immediately found that the fix is,
unfortunately, buggy. Your patch constructs a regexp and takes care to
escape metacharacters "?" and "*" with a sed but does not escape "{" and
"}" that are also metacharacters in the extended set of POSIX regexps.
These are always found in the string-to-be-matched here with
'ATTR{dev_id}=="0x0"' and 'ATTR{type}=="1"', so the if always fails.

This was likely not caught by your test case (and was harder to debug
and figure out!) because GNU grep's -E mode handles { as both a literal
and a metacharacter heuristically for historic reasons (consult grep's
manpage for that) but busybox grep does not:
  $ echo 'foo{bar}' > test
  $ egrep 'foo{bar}' test 
  foo{bar}
  $ busybox egrep 'foo{bar}' test 
  egrep: bad regex 'foo{bar}'
  $ egrep 'fo{1,2}' test 
  foo{bar}
  $ busybox egrep 'fo{1,2}' test 
  foo{bar}
Note that this is NOT a bug in busybox; foo{bar} is indeed an invalid
extended POSIX regexp and busybox is right to complain and error out.

The very minimal last-minute fix below did the trick for me but I have
to say... constructing regexps in shell is tricky and the whole
escaping-with-sed logic feels like a hack. I think a literal grep (i.e.
-F) would be better here, especially since I don't see the point of an
exact match (even if the file was modified by the sysadmin, the right
thing would to not write a new rule anyway). This is probably something
to be considered post-jessie.

Thanks,
Faidon

diff --git a/debian/extra/write_net_rules b/debian/extra/write_net_rules
index 38a3ca0..fedc0f1 100644
--- a/debian/extra/write_net_rules
+++ b/debian/extra/write_net_rules
@@ -118,7 +118,7 @@ basename=${INTERFACE%%[0-9]*}
 match="$match, KERNEL==\"$basename*\""
 
 # build a regular expression that matches the new rule that we want to write
-new_rule_pattern=$(echo "^SUBSYSTEM==\"net\", ACTION==\"add\"$match" | sed -re 's/([\?\*])/\\\1/g')
+new_rule_pattern=$(echo "^SUBSYSTEM==\"net\", ACTION==\"add\"$match" | sed -re 's/([\?\*\{\}])/\\\1/g')
 
 # Double check if the new rule has already been written. This happens if
 # multiple add events are generated before the script returns and udevd

