diff --git a/0001-basenc-fix-bug49741-using-wrong-decoding-buffer-leng.patch b/0001-basenc-fix-bug49741-using-wrong-decoding-buffer-leng.patch new file mode 100644 index 0000000000000000000000000000000000000000..bcbc04f194cc3489c6ebad761237482537dbbb6a --- /dev/null +++ b/0001-basenc-fix-bug49741-using-wrong-decoding-buffer-leng.patch @@ -0,0 +1,66 @@ +From 709d1f8253072804cc27189a6f2b873d8d563399 Mon Sep 17 00:00:00 2001 +From: Assaf Gordon +Date: Mon, 16 Aug 2021 15:03:36 -0600 +Subject: [PATCH] basenc: fix bug49741: using wrong decoding buffer length + +Emil Lundberg reports in +https://bugs.gnu.org/49741 about a 'basenc --base64 -d' decoding bug. +The input buffer length was not divisible by 3, resulting in +decoding errors. + +* NEWS: Mention fix. +* src/basenc.c (DEC_BLOCKSIZE): Change from 1024*5 to 4200 (35*3*5*8) +which is divisible by 3,4,5,8 - satisfying both base32 and base64; +Use compile-time verify() macro to enforce the above. +* tests/misc/basenc.pl: Add test. +--- + NEWS | 4 ++++ + src/basenc.c | 4 +++- + tests/misc/basenc.pl | 9 +++++++++ + 3 files changed, 16 insertions(+), 1 deletion(-) + +diff --git a/src/basenc.c b/src/basenc.c +index 19a7b0aad..f4ca87267 100644 +--- a/src/basenc.c ++++ b/src/basenc.c +@@ -214,7 +214,9 @@ verify (DEC_BLOCKSIZE % 12 == 0); /* So complete encoded blocks are used. */ + + /* Note that increasing this may decrease performance if --ignore-garbage + is used, because of the memmove operation below. */ +-# define DEC_BLOCKSIZE (1024*5) ++# define DEC_BLOCKSIZE (4200) ++verify (DEC_BLOCKSIZE % 40 == 0); /* complete encoded blocks for base32 */ ++verify (DEC_BLOCKSIZE % 12 == 0); /* complete encoded blocks for base64 */ + + static int (*base_length) (int i); + static bool (*isbase) (char ch); +diff --git a/tests/misc/basenc.pl b/tests/misc/basenc.pl +index 3383aaeef..ac5394731 100755 +--- a/tests/misc/basenc.pl ++++ b/tests/misc/basenc.pl +@@ -37,6 +37,13 @@ my $base64url_out_nl = $base64url_out; + $base64url_out_nl =~ s/(..)/\1\n/g; # add newline every two characters + + ++# Bug 49741: ++# The input is 'abc' in base64, in an 8K buffer (larger than 1024*5, ++# the buffer size which caused the bug). ++my $base64_bug49741_in = "YWJj" x 2000 ; ++my $base64_bug49741_out = "abc" x 2000 ; ++ ++ + my $base32_in = "\xfd\xd8\x07\xd1\xa5"; + my $base32_out = "7XMAPUNF"; + my $x = $base32_out; +@@ -111,6 +118,8 @@ my @Tests = + ['b64u_7', '--base64url -d', {IN=>$base64_out}, + {EXIT=>1}, {ERR=>"$prog: invalid input\n"}], + ++ ['b64_bug49741', '--base64 -d', {IN=>$base64_bug49741_in}, ++ {OUT=>$base64_bug49741_out}], + + + +-- +2.42.0.windows.2 + diff --git a/coreutils.spec b/coreutils.spec index 418e4bf3085d40037bb73252add28473b3291b4d..1224dd8361dcf308e0c6093835ef83a2eb03eb3a 100644 --- a/coreutils.spec +++ b/coreutils.spec @@ -1,6 +1,6 @@ Name: coreutils Version: 8.32 -Release: 6 +Release: 7 License: GPLv3+ Summary: A set of basic GNU tools commonly used in shell scripts Url: https://www.gnu.org/software/coreutils/ @@ -38,6 +38,7 @@ Patch20: backport-df-fix-memory-leak.patch Patch21: backport-ls-avoid-triggering-automounts.patch Patch22: backport-stat-only-automount-with-cached-never.patch Patch23: test-skip-overlay-filesystem-because-of-no-inotify_add_watch.patch +Patch24: 0001-basenc-fix-bug49741-using-wrong-decoding-buffer-leng.patch Conflicts: filesystem < 3 # To avoid clobbering installs @@ -156,6 +157,9 @@ fi %{_mandir}/man*/* %changelog +* Sat Nov 25 2023 liningjie - 8.32-7 +- fix baseenc using wrong decoding buffer length + * Sat Nov 25 2023 jiangchuangang - 8.32-6 - skip testcase for overlay filesystem because of no inotify_add_watch add test-skip-overlay-filesystem-because-of-no-inotify_add_watch.patch