From: Pádraig Brady <P@draigBrady.com>
Date: Sat, 30 Aug 2025 11:08:24 +0000 (+0100)
Subject: b2sum: --length: fix upper bound check
X-Git-Tag: v9.8~85
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=735a4a27f3d3a4bb3a0381c45b7deb936cc293c2;p=thirdparty%2Fcoreutils.git

b2sum: --length: fix upper bound check

* src/digest.c (main): Don't saturate -l to BLAKE2B_MAX_LEN,
so that the subsequent bounds check is performed.
* tests/cksum/b2sum.sh: Add a test case.
* NEWS: Mention the fix introduced in commit v9.5-71-gf2c84fe63
---

diff --git a/NEWS b/NEWS
index f2e7c9e6ee..988cb96a88 100644
--- a/NEWS
+++ b/NEWS
@@ -4,6 +4,10 @@ GNU coreutils NEWS                                    -*- outline -*-
 
 ** Bug fixes
 
+  'b2sum' will diagnose --length values that are too big.
+  Previously it would have silently assumed 512 for any larger values.
+  [bug introduced in coreutils-9.6]
+
   'basenc -d -i' will now strip '=' characters from the input
   in encodings where padding characters are not valid.
   [bug introduced with the basenc program in coreutils-8.31]
diff --git a/src/digest.c b/src/digest.c
index 302739e9f5..0e4e62dee7 100644
--- a/src/digest.c
+++ b/src/digest.c
@@ -1402,7 +1402,7 @@ main (int argc, char **argv)
 #endif
 #if HASH_ALGO_BLAKE2 || HASH_ALGO_CKSUM
       case 'l':
-        digest_length = xnumtoumax (optarg, 10, 0, BLAKE2B_MAX_LEN * 8, "",
+        digest_length = xnumtoumax (optarg, 10, 0, UINTMAX_MAX, "",
                                     _("invalid length"), 0,
                                     XTOINT_MAX_QUIET);
         digest_length_str = optarg;
diff --git a/tests/cksum/b2sum.sh b/tests/cksum/b2sum.sh
index af3ead798a..731ddb38c7 100755
--- a/tests/cksum/b2sum.sh
+++ b/tests/cksum/b2sum.sh
@@ -18,6 +18,7 @@
 
 . "${srcdir=.}/tests/init.sh"; path_prepend_ ./src
 print_ver_ cksum
+getlimits_
 
 for prog in 'b2sum' 'cksum -a blake2b'; do
 # Also check b2sum if built
@@ -69,6 +70,17 @@ returns_ 1 $prog -c overflow.check || fail=1
 # Only validate the last specified, used length
 $prog -l 123 -l 128 /dev/null || fail=1
 
+# This would not flag an error in coreutils 9.6 and 9.7
+for len in 513 1024 $UINTMAX_OFLOW; do
+  returns_ 1 $prog -l $len /dev/null 2>err || fail=1
+  progname=$(echo "$prog" | cut -f1 -d' ')
+  cat <<EOF > exp || framework_failure_
+$progname: invalid length: '$len'
+$progname: maximum digest length for 'BLAKE2b' is 512 bits
+EOF
+  compare exp err || fail=1
+done
+
 done
 
 Exit $fail