While the root solution for the bug is "don't do that", we should at least try to detect the obviously wrong case more gracefully. Committed.
* argv.c (expandargv): Check for directories passed as @-files. Index: argv.c =================================================================== --- argv.c (revision 243279) +++ argv.c (working copy) @@ -32,12 +32,19 @@ Boston, MA 02110-1301, USA. */ /* Routines imported from standard C runtime libraries. */ #include <stddef.h> #include <string.h> #include <stdlib.h> #include <stdio.h> +#include <sys/types.h> +#ifdef HAVE_UNISTD_H +#include <unistd.h> +#endif +#if HAVE_SYS_STAT_H +#include <sys/stat.h> +#endif #ifndef NULL #define NULL 0 #endif #ifndef EOS @@ -384,22 +391,34 @@ expandargv (int *argcp, char ***argvp) char *buffer; /* Dynamically allocated storage for the options read from the response file. */ char **file_argv; /* The number of options read from the response file, if any. */ size_t file_argc; +#ifdef S_ISDIR + struct stat sb; +#endif /* We are only interested in options of the form "@file". */ filename = (*argvp)[i]; if (filename[0] != '@') continue; /* If we have iterated too many times then stop. */ if (-- iteration_limit == 0) { fprintf (stderr, "%s: error: too many @-files encountered\n", (*argvp)[0]); xexit (1); } +#ifdef S_ISDIR + if (stat (filename+1, &sb) < 0) + continue; + if (S_ISDIR(sb.st_mode)) + { + fprintf (stderr, "%s: error: @-file refers to a directory\n", (*argvp)[0]); + xexit (1); + } +#endif /* Read the contents of the file. */ f = fopen (++filename, "r"); if (!f) continue; if (fseek (f, 0L, SEEK_END) == -1) goto error;