Malformed match spec triggers crashes / uncaught exceptions #11999
Description
Checklist
- I added a descriptive title
- I searched open reports and couldn't find a duplicate
What happened?
Fuzzing efforts have found a few malformed match specs that can reliably trigger crashes.
One of the errors occurs when user input is used to generate a regular expression as part of match spec parsing. Match specs of this sort should be identified and rejected (possibly by raising InvalidMatchSpec).
The other two trigger logic bugs in version.py resulting in string and index related exceptions. These might be a bit trickier.
Steps to reproduce:
# Regex Crasher
conda search "*/lin(ux-65::f/o>=>1y"
#Version Crasher 1
conda search "c +, 0/|0 *"
#Version Crasher 2
conda search "fo= "
Impact:
These crashes can likely be triggered anywhere a match spec is handed to conda. In the simple case above, the user's conda execution crashes. In more complicated cases, conda executions made as part of unattended scripts could crash causing the script to fail.
Crash reporter output:
Traceback (most recent call last):
File "/Users/preston/code/conda/conda/exceptions.py", line 1129, in __call__
return func(*args, **kwargs)
File "/Users/preston/code/conda/conda/cli/main.py", line 86, in main_subshell
exit_code = do_call(args, p)
File "/Users/preston/code/conda/conda/cli/conda_argparse.py", line 93, in do_call
return getattr(module, func_name)(args, parser)
File "/Users/preston/code/conda/conda/cli/main_search.py", line 24, in execute
spec = MatchSpec(args.match_spec)
File "/Users/preston/code/conda/conda/models/match_spec.py", line 56, in __call__
return super(MatchSpecType, cls).__call__(**parsed)
File "/Users/preston/code/conda/conda/models/match_spec.py", line 177, in __init__
self._match_components = self._build_components(**kwargs)
File "/Users/preston/code/conda/conda/models/match_spec.py", line 403, in _build_components
return frozendict(_make_component(key, value) for key, value in kwargs.items())
File "/Users/preston/code/conda/conda/_vendor/frozendict/__init__.py", line 21, in __init__
self._dict = self.dict_cls(*args, **kwargs)
File "/Users/preston/code/conda/conda/models/match_spec.py", line 403, in <genexpr>
return frozendict(_make_component(key, value) for key, value in kwargs.items())
File "/Users/preston/code/conda/conda/models/match_spec.py", line 417, in _make_component
matcher = _implementors[field_name](value)
File "/Users/preston/code/conda/conda/models/match_spec.py", line 945, in __init__
self._re_match = re.compile(r'^(?:%s)$' % value.replace('*', r'.*')).match
File "/Users/preston/code/conda/devenv/Darwin/envs/devenv-3.8-c/lib/python3.8/re.py", line 252, in compile
return _compile(pattern, flags)
File "/Users/preston/code/conda/devenv/Darwin/envs/devenv-3.8-c/lib/python3.8/re.py", line 304, in _compile
p = sre_compile.compile(pattern, flags)
File "/Users/preston/code/conda/devenv/Darwin/envs/devenv-3.8-c/lib/python3.8/sre_compile.py", line 764, in compile
p = sre_parse.parse(p, flags)
File "/Users/preston/code/conda/devenv/Darwin/envs/devenv-3.8-c/lib/python3.8/sre_parse.py", line 948, in parse
p = _parse_sub(source, state, flags & SRE_FLAG_VERBOSE, 0)
File "/Users/preston/code/conda/devenv/Darwin/envs/devenv-3.8-c/lib/python3.8/sre_parse.py", line 443, in _parse_sub
itemsappend(_parse(source, state, verbose, nested + 1,
File "/Users/preston/code/conda/devenv/Darwin/envs/devenv-3.8-c/lib/python3.8/sre_parse.py", line 836, in _parse
raise source.error("missing ), unterminated subpattern",
re.error: missing ), unterminated subpattern at position 1
`$ /Users/preston/code/conda/devenv/Darwin/envs/devenv-3.8-c/bin/conda search */lin(ux-65::f/o>=>1y`
### Conda Info
```shell
active environment : base
active env location : /Users/preston/code/conda/devenv/Darwin/envs/devenv-3.8-c
shell level : 1
user config file : /Users/preston/.condarc
populated config files : /Users/preston/code/conda/devenv/Darwin/envs/devenv-3.8-c/.condarc
/Users/preston/.condarc
conda version : 4.14.0.post19+f7d22f3f8
conda-build version : 3.22.0
python version : 3.8.13.final.0
virtual packages : __osx=10.16=0
__unix=0=0
__archspec=1=x86_64
base environment : /Users/preston/code/conda/devenv/Darwin/envs/devenv-3.8-c (writable)
conda av data dir : /Users/preston/code/conda/devenv/Darwin/envs/devenv-3.8-c/etc/conda
conda av metadata url : None
channel URLs : https://conda.anaconda.org/test/osx-64
https://conda.anaconda.org/test/noarch
https://conda.anaconda.org/conda-forge/osx-64
https://conda.anaconda.org/conda-forge/noarch
package cache : /Users/preston/code/conda/devenv/Darwin/envs/devenv-3.8-c/pkgs
/Users/preston/.conda/pkgs
envs directories : /Users/preston/code/conda/devenv/Darwin/envs/devenv-3.8-c/envs
/Users/preston/.conda/envs
platform : osx-64
user-agent : conda/4.14.0.post19+f7d22f3f8 requests/2.28.1 CPython/3.8.13 Darwin/21.4.0 OSX/10.16
UID:GID : 501:20
netrc file : None
offline mode : False
Conda Config
==> /Users/preston/code/conda/devenv/Darwin/envs/devenv-3.8-c/.condarc <==
channels:
- conda-forge
==> /Users/preston/.condarc <==
channels:
- test
- conda-forgeConda list
# packages in environment at /Users/preston/code/conda/devenv/Darwin/envs/devenv-3.8-c:
#
# Name Version Build Channel
anaconda-client 1.11.0 py38hecd8cb5_0 defaults
appdirs 1.4.4 pyhd3eb1b0_0 defaults
asv 0.5.1 py38h1c67a95_0 conda-forge
atheris 2.0.12 py38h038c8f4_0 conda-forge
attrs 21.4.0 pyhd3eb1b0_0 defaults
backports 1.1 pyhd3eb1b0_0 defaults
backports.functools_lru_cache 1.6.4 pyhd3eb1b0_0 defaults
backports.tempfile 1.0 pyhd3eb1b0_1 defaults
backports.weakref 1.0.post1 py_1 defaults
beautifulsoup4 4.11.1 py38hecd8cb5_0 defaults
boto3 1.24.28 py38hecd8cb5_0 defaults
botocore 1.27.28 py38hecd8cb5_0 defaults
brotlipy 0.7.0 py38h9ed2024_1003 defaults
bzip2 1.0.8 h1de35cc_0 defaults
c-ares 1.18.1 hca72f7f_0 defaults
ca-certificates 2022.07.19 hecd8cb5_0 defaults
cctools 949.0.1 h9abeeb2_23 defaults
cctools_osx-64 949.0.1 hc7db93f_23 defaults
certifi 2022.9.24 py38hecd8cb5_0 defaults
cffi 1.15.1 py38hc55c11b_0 defaults
cfgv 3.3.1 pyhd8ed1ab_0 conda-forge
chardet 4.0.0 py38hecd8cb5_1003 defaults
charset-normalizer 2.0.4 pyhd3eb1b0_0 defaults
click 8.0.4 py38hecd8cb5_0 defaults
clyent 1.2.2 py38_1 defaults
conda 4.14.0.post19+f7d22f3f8 dev_0 <develop>
conda-build 3.22.0 py38hecd8cb5_0 defaults
conda-content-trust 0.1.3 pypi_0 pypi
conda-package-handling 1.9.0 py38hca72f7f_0 defaults
conda-verify 3.4.2 py_1 defaults
coverage 6.3.2 py38hca72f7f_0 defaults
cryptography 37.0.1 py38hf6deb26_0 defaults
curl 7.84.0 hca72f7f_0 defaults
cytoolz 0.11.0 py38haf1e3a3_0 defaults
distlib 0.3.2 pyhd3eb1b0_0 defaults
execnet 1.9.0 pyhd3eb1b0_0 defaults
expat 2.4.4 he9d5cce_0 defaults
filelock 3.6.0 pyhd3eb1b0_0 defaults
flake8 4.0.1 pyhd3eb1b0_1 defaults
future 0.18.2 py38_1 defaults
gettext 0.21.0 h7535e17_0 defaults
git 2.34.1 pl5262h74264fa_0 defaults
glob2 0.7 pyhd3eb1b0_0 defaults
icu 58.2 h0a44026_3 defaults
identify 2.5.3 pyhd8ed1ab_0 conda-forge
idna 3.3 pyhd3eb1b0_0 defaults
importlib-metadata 4.11.3 py38hecd8cb5_0 defaults
importlib_resources 5.2.0 pyhd3eb1b0_1 defaults
iniconfig 1.1.1 pyhd3eb1b0_0 defaults
jinja2 2.11.3 pyhd8ed1ab_2 conda-forge
jmespath 0.10.0 pyhd3eb1b0_0 defaults
jsonschema 4.4.0 py38hecd8cb5_0 defaults
jupyter_core 4.10.0 py38hecd8cb5_0 defaults
krb5 1.19.2 hcd88c3b_0 defaults
ld64 530 h20443b4_23 defaults
ld64_osx-64 530 h70f3046_23 defaults
ldid 2.1.2 h2d21305_2 defaults
libarchive 3.5.2 ha0e9c3a_0 defaults
libcurl 7.84.0 h6dfd666_0 defaults
libcxx 14.0.6 hccf4f1f_0 conda-forge
libedit 3.1.20210910 hca72f7f_0 defaults
libev 4.33 h9ed2024_1 defaults
libffi 3.3 hb1e8313_2 defaults
libiconv 1.16 hca72f7f_2 defaults
liblief 0.11.5 he9d5cce_1 defaults
libllvm12 12.0.0 h9b2ccf5_3 defaults
libnghttp2 1.46.0 ha29bfda_0 defaults
libssh2 1.10.0 h0a4fc7d_0 defaults
libxml2 2.9.14 hbf8cd5e_0 defaults
llvm-openmp 12.0.0 h0dcd299_1 defaults
lz4-c 1.9.3 h23ab428_1 defaults
markupsafe 2.0.1 py38h9ed2024_0 defaults
mccabe 0.7.0 pyhd3eb1b0_0 defaults
mock 4.0.3 pyhd3eb1b0_0 defaults
nbformat 5.5.0 py38hecd8cb5_0 defaults
ncurses 6.3 hca72f7f_3 defaults
nodeenv 1.7.0 pyhd8ed1ab_0 conda-forge
openssl 1.1.1q hca72f7f_0 defaults
packaging 21.3 pyhd3eb1b0_0 defaults
patch 2.7.6 h1de35cc_1001 defaults
pcre2 10.37 he7042d7_1 defaults
perl 5.26.2 h4e221da_0 defaults
pexpect 4.8.0 pyhd3eb1b0_3 defaults
pip 22.2.2 py38hecd8cb5_0 defaults
pkginfo 1.8.2 pyhd3eb1b0_0 defaults
pluggy 1.0.0 py38hecd8cb5_1 defaults
pre-commit 2.20.0 py38h50d1736_0 conda-forge
psutil 5.9.0 py38hca72f7f_0 defaults
ptyprocess 0.7.0 pyhd3eb1b0_2 defaults
py 1.11.0 pyhd3eb1b0_0 defaults
py-lief 0.11.5 py38he9d5cce_1 defaults
pycodestyle 2.8.0 pyhd3eb1b0_0 defaults
pycosat 0.6.3 py38h1de35cc_1 defaults
pycparser 2.21 pyhd3eb1b0_0 defaults
pycrypto 2.6.1 py38haf1e3a3_10 defaults
pyflakes 2.4.0 pyhd3eb1b0_0 defaults
pyopenssl 22.0.0 pyhd3eb1b0_0 defaults
pyparsing 3.0.9 py38hecd8cb5_0 defaults
pyrsistent 0.18.0 py38hca72f7f_0 defaults
pysocks 1.7.1 py38_1 defaults
pytest 7.1.2 py38hecd8cb5_0 defaults
pytest-cov 3.0.0 pyhd3eb1b0_0 defaults
pytest-forked 1.3.0 pyhd3eb1b0_0 defaults
pytest-mock 3.7.0 py38hecd8cb5_0 defaults
pytest-rerunfailures 10.1 pyhd3eb1b0_0 defaults
pytest-split 0.8.0 pyhd8ed1ab_0 conda-forge
pytest-timeout 1.4.2 py_0 defaults
pytest-xdist 2.5.0 pyhd3eb1b0_0 defaults
pytest-xprocess 0.20.0 pyhd8ed1ab_0 conda-forge
python 3.8.13 hdfd78df_0 defaults
python-dateutil 2.8.2 pyhd3eb1b0_0 defaults
python-fastjsonschema 2.16.2 py38hecd8cb5_0 defaults
python-libarchive-c 2.9 pyhd3eb1b0_1 defaults
python_abi 3.8 2_cp38 conda-forge
pytz 2022.1 py38hecd8cb5_0 defaults
pyyaml 6.0 py38hca72f7f_1 defaults
readline 8.1.2 hca72f7f_1 defaults
requests 2.28.1 py38hecd8cb5_0 defaults
responses 0.13.3 pyhd3eb1b0_0 defaults
ripgrep 13.0.0 hc2228c6_0 defaults
ruamel_yaml 0.15.100 py38h9ed2024_0 defaults
s3transfer 0.6.0 py38hecd8cb5_0 defaults
setuptools 63.4.1 py38hecd8cb5_0 defaults
six 1.16.0 pyhd3eb1b0_1 defaults
soupsieve 2.3.1 pyhd3eb1b0_0 defaults
sqlite 3.39.2 h707629a_0 defaults
tapi 1000.10.8 ha1b3eb9_0 defaults
tk 8.6.12 h5d9f67b_0 defaults
toml 0.10.2 pyhd3eb1b0_0 defaults
tomli 2.0.1 py38hecd8cb5_0 defaults
toolz 0.11.2 pyhd3eb1b0_0 defaults
tqdm 4.64.0 py38hecd8cb5_0 defaults
traitlets 5.1.1 pyhd3eb1b0_0 defaults
ukkonen 1.0.1 py38h12bbefe_1 conda-forge
urllib3 1.26.11 py38hecd8cb5_0 defaults
virtualenv 20.4.6 py38hecd8cb5_1 defaults
wheel 0.37.1 pyhd3eb1b0_0 defaults
xdoctest 1.1.0 pyhd8ed1ab_0 conda-forge
xz 5.2.5 hca72f7f_1 defaults
yaml 0.2.5 haf1e3a3_0 defaults
zipp 3.8.0 py38hecd8cb5_0 defaults
zlib 1.2.12 h4dc903c_2 defaults
zstd 1.5.2 hcb37349_0 defaultsAdditional Context
No response
Metadata
Metadata
Assignees
Labels
Type
Projects
Status