https://gcc.gnu.org/bugzilla/show_bug.cgi?id=117968
Bug ID: 117968
Summary: running "cpp" with malformed arguments can cause input
file deletion
Product: gcc
Version: 13.2.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: preprocessor
Assignee: unassigned at gcc dot gnu.org
Reporter: [email protected]
Target Milestone: ---
When running the "cpp" command, if the command's arguments contain two values
that cannot be associated with a flag (eg "cpp arg1 arg2"), it will result in:
- case 1, if file "arg1" exists in your file system, then a file named "arg2"
will be overwritten with the output of the "cpp" command.
- case 2, if file "arg1" does not exist in your file system, then if file
"arg2" exists in the file system, it will be deleted.
Example:
Given a source file "main.c".
Let's run "cpp" on the source file while setting up a macro:
> "cpp -DMACRO=1 main.c"
The command is correct, nothing will happen.
However, if I make a typo in the command and forget to use the equal sign ('=')
to affect a value to my macro:
> "cpp -DMACRO 1 main.c"
The file "main.c" will be deleted.
If the file "1" exists, then running:
> "cpp -DMACRO 1 main.c"
Will overwrite the file "main.c" with the output of the "cpp" command.
Reproduction case 1:
> touch main.c
> cpp -DMACRO 1 main.c
...
> cat main.c
cat: main.c: No such file or directory
Reproduction case 2:
> touch 1
> touch main.c
> cpp -DMACRO 1 main.c
> cat main.c
# 0 "1"
# 0 "<built-in>"
...
Comment:
I could not find explanation for this behavior on the internet and after a talk
with chatgpt.
I don't know if this behavior is correct and apologize if there is a mechanism
under the hood that I don't understand.
What would make sense to me would be if I explicitly redirected the output of
my cpp command (eg "cpp ... >") or if I used an output flag (eg "cpp ... -o
...")
