Skip to content

fix: prevent fuzz-found panics on multi-byte input#513

Merged
chaliy merged 2 commits intomainfrom
claude/fix-ci-main-foUh5
Mar 6, 2026
Merged

fix: prevent fuzz-found panics on multi-byte input#513
chaliy merged 2 commits intomainfrom
claude/fix-ci-main-foUh5

Conversation

@chaliy
Copy link
Contributor

@chaliy chaliy commented Mar 6, 2026

Summary

  • Fix char-index vs byte-index mismatch in arithmetic evaluator that panicked on multi-byte chars (e.g. é in $((expr)))
  • Fix begin > end slice panic in parser when array subscript is a single quote char (e.g. ${arr["]})
  • Add proptest strategies that generate multi-byte arithmetic expressions and degenerate subscript inputs (3 new properties, 16 cases each, <0.02s total runtime)

Test plan

  • Regression tests for both specific panics pass
  • 3 new proptest properties pass (arithmetic_multibyte_no_panic, parser_subscript_no_panic, lexer_multibyte_no_panic)
  • cargo fmt --check clean
  • cargo clippy --all-targets --all-features -- -D warnings clean
  • cargo test --all-features all pass

claude added 2 commits March 6, 2026 03:26
@claude
fix: prevent panics on multi-byte chars in arithmetic eval and parser
843221b 
Two fuzz-found panics:
1. interpreter/mod.rs: arithmetic evaluator used char indices as byte
   indices when slicing expressions, causing panic on multi-byte input.
   Fix: precompute byte offsets from char_indices().
2. parser/mod.rs: single-char quoted array subscript (e.g. `"`) passed
   starts_with/ends_with checks but `[1..0]` panicked.
   Fix: require len >= 2 before stripping quotes.

https://claude.ai/code/session_0146td5PgBYtjqsrWyZYLM8b
@claude
test: add proptest coverage for multi-byte arithmetic and parser subs…
37157f6 
…cripts

Add 3 new proptest properties to catch the class of bugs that caused
the fuzz CI failures:
- arithmetic_multibyte_no_panic: multi-byte chars in arithmetic exprs
- parser_subscript_no_panic: degenerate array subscript inputs
- lexer_multibyte_no_panic: multi-byte chars in lexer input

These run 16 cases each in <0.02s total, negligible CI impact.

https://claude.ai/code/session_0146td5PgBYtjqsrWyZYLM8b
@chaliy chaliy merged commit 4b2bcdc into main Mar 6, 2026
17 checks passed
chaliy pushed a commit that referenced this pull request Mar 9, 2026
@claude
chore: run maintenance checklist (012-maintenance)
67dced2 
- Add atomic-polyfill advisory ignore in deny.toml (upstream monty dep)
- Fix trap incorrectly listed as security exclusion in compatibility.md
- Update POSIX special built-in count to 14/15 (trap is implemented)
- Update Quick Status table with accurate command counts
- Add custom builtins feature to README.md
- Add 2>&1 to README.md redirections list
- Add Unreleased section to CHANGELOG.md for PR #513

https://claude.ai/code/session_01NdiHcfCjDaa8o5uG1Zebtq
@chaliy chaliy mentioned this pull request Mar 9, 2026
Merged
4 tasks
yonas pushed a commit to yonasBSD/bashkit that referenced this pull request Mar 10, 2026
@chaliy @claude
chore: run maintenance checklist (012-maintenance) (everruns#514)
05d02e6 
## Summary

- Run full maintenance checklist per `specs/012-maintenance.md`
- Fix doc inconsistencies found during audit
- Update advisory ignores for transitive dependencies

## Changes

- **deny.toml**: Add `RUSTSEC-2023-0089` (atomic-polyfill) to advisory
ignores — unmaintained transitive dep via monty → postcard → heapless
that we can't control
- **CHANGELOG.md**: Add Unreleased section tracking PR everruns#513 merged after
v0.1.9
- **compatibility.md**: Fix `trap` incorrectly listed as security
exclusion (only `exec` is excluded); update POSIX special built-in count
to 14/15; refresh Quick Status table with accurate command counts by
category
- **README.md**: Add "Custom builtins" feature; add `2>&1` to
redirections list
- **specs/009-implementation-status.md**: Update POSIX special built-in
count to 14/15

## Maintenance audit results

- All 1522 unit tests pass
- All 16 examples compile and run
- clippy/fmt clean
- cargo-deny: clean (with documented advisory ignores)
- Doc tests: 84 pass
- Python ruff: clean

## Test plan

- [x] `cargo test --all-features` — all 1522 tests pass
- [x] `cargo clippy --all-targets -- -D warnings` — clean
- [x] `cargo fmt --check` — clean
- [x] Doc-only and config changes, no behavioral changes to verify

---------

Co-authored-by: Claude <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@chaliy @claude