write a NUL byte after a heap buffer, or output invalid addresses.
[These bugs were present in "the beginning".]
+ 'od -w0' will now issue a diagnostic and exit gracefully.
+ Previously it would have aborted.
+ [bug introduced in coreutils-9.3]
+
sort with key character offsets of SIZE_MAX, could induce
a read of 1 byte before an allocated heap buffer. For example:
'sort +0.18446744073709551615R input' on 64 bit systems.
{
intmax_t w_tmp;
s_err = xstrtoimax (optarg, nullptr, 10, &w_tmp, "");
- if (s_err != LONGINT_OK || w_tmp <= 0)
+ if (s_err == LONGINT_OK && w_tmp <= 0)
+ s_err = LONGINT_INVALID;
+ if (s_err != LONGINT_OK)
xstrtol_fatal (s_err, oi, c, long_options, optarg);
if (ckd_add (&desired_width, w_tmp, 0))
error (EXIT_FAILURE, 0, _("%s is too large"), quote (optarg));
# Turn off localization of executable's output.
@ENV{qw(LANGUAGE LANG LC_ALL)} = ('C') x 3;
+my $prog = 'od';
+
# Use a file in /proc whose size is not likely to
# change between the wc and od invocations.
my $proc_file = '/proc/version';
['wide-a', '-a -w65537 -An', {IN=>{g=>'x'}}, {OUT=>" x\n"}],
['wide-c', '-c -w65537 -An', {IN=>{g=>'x'}}, {OUT=>" x\n"}],
['wide-x', '-tx1 -w65537 -An', {IN=>{g=>'B'}}, {OUT=>" 42\n"}],
+
+ # Ensure that invalid widths do not cause trouble.
+ # From coreutils-9.3 through coreutils-9.7, these would abort
+ ['invalid-w-1', '-w0 -An', {IN=>""}, {EXIT=>1},
+ {ERR=>"$prog: invalid -w argument '0'\n"}],
+ ['invalid-w-2', '-w-1 -An', {IN=>""}, {EXIT=>1},
+ {ERR=>"$prog: invalid -w argument '-1'\n"}],
+ ['invalid-w-3', '-ww -An', {IN=>""}, {EXIT=>1},
+ {ERR=>"$prog: invalid -w argument 'w'\n"}],
);
my $save_temps = $ENV{DEBUG};
my $verbose = $ENV{VERBOSE};
-my $prog = 'od';
my $fail = run_tests ($program_name, $prog, \@Tests, $save_temps, $verbose);
exit $fail;
projects / thirdparty / coreutils.git / commitdiff
