From 81f84a8e5f7d8560e3bb92537d4c903b92816f41 Mon Sep 17 00:00:00 2001 From: h30032433 Date: Mon, 24 Jun 2024 16:09:43 +0800 Subject: [PATCH] =?UTF-8?q?cat/dd/split:=20don=E2=80=99t=20trust=20st=5Fsi?= =?UTF-8?q?ze=20on=20/proc=20files?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ...at-don-t-trust-st_size-on-proc-files.patch | 105 ++++++++++++++++++ ...dd-don-t-trust-st_size-on-proc-files.patch | 30 +++++ ...it-don-t-trust-st_size-on-proc-files.patch | 34 ++++++ coreutils.spec | 9 +- 4 files changed, 177 insertions(+), 1 deletion(-) create mode 100644 backport-cat-don-t-trust-st_size-on-proc-files.patch create mode 100644 backport-dd-don-t-trust-st_size-on-proc-files.patch create mode 100644 backport-split-don-t-trust-st_size-on-proc-files.patch diff --git a/backport-cat-don-t-trust-st_size-on-proc-files.patch b/backport-cat-don-t-trust-st_size-on-proc-files.patch new file mode 100644 index 0000000..ba457f9 --- /dev/null +++ b/backport-cat-don-t-trust-st_size-on-proc-files.patch @@ -0,0 +1,105 @@ +From 225cb8d7473eadb481a4884e929bf23589d4bd82 Mon Sep 17 00:00:00 2001 +From: Paul Eggert +Date: Sat, 6 Apr 2024 15:13:23 -0700 +Subject: [PATCH] =?UTF-8?q?cat:=20don=E2=80=99t=20trust=20st=5Fsize=20on?= + =?UTF-8?q?=20/proc=20files?= +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +* src/cat.c (main): +Improve test for when copying will exhaust the output device. +Do not rely on st_size, which is unreliable in /proc. +Use lseek instead; this is good enough here. +* tests/cat/cat-self.sh: Test the relaxation of the heuristic +for self-copying. +--- + src/cat.c | 31 +++++++++++++++++++++---------- + tests/cat/cat-self.sh | 20 ++++++++++++++++++++ + 2 files changed, 41 insertions(+), 10 deletions(-) + +diff --git a/src/cat.c b/src/cat.c +index ac39a48..14e6dfd 100644 +--- a/src/cat.c ++++ b/src/cat.c +@@ -646,9 +646,10 @@ main (int argc, char **argv) + /* Optimal size of i/o operations of output. */ + idx_t outsize = io_blksize (stat_buf); + +- /* Device and I-node number of the output. */ ++ /* Device, I-node number and lazily-acquired flags of the output. */ + dev_t out_dev = stat_buf.st_dev; + ino_t out_ino = stat_buf.st_ino; ++ int out_flags = -2; + + /* True if the output is a regular file. */ + bool out_isreg = S_ISREG (stat_buf.st_mode) != 0; +@@ -702,17 +703,27 @@ main (int argc, char **argv) + + fdadvise (input_desc, 0, 0, FADVISE_SEQUENTIAL); + +- /* Don't copy a nonempty regular file to itself, as that would +- merely exhaust the output device. It's better to catch this +- error earlier rather than later. */ ++ /* Don't copy a file to itself if that would merely exhaust the ++ output device. It's better to catch this error earlier ++ rather than later. */ + +- if (out_isreg +- && stat_buf.st_dev == out_dev && stat_buf.st_ino == out_ino +- && lseek (input_desc, 0, SEEK_CUR) < stat_buf.st_size) ++ if (stat_buf.st_dev == out_dev && stat_buf.st_ino == out_ino) + { +- error (0, 0, _("%s: input file is output file"), quotef (infile)); +- ok = false; +- goto contin; ++ if (out_flags < -1) ++ out_flags = fcntl (STDOUT_FILENO, F_GETFL); ++ bool exhausting = 0 <= out_flags && out_flags & O_APPEND; ++ if (!exhausting) ++ { ++ off_t in_pos = lseek (input_desc, 0, SEEK_CUR); ++ if (0 <= in_pos) ++ exhausting = in_pos < lseek (STDOUT_FILENO, 0, SEEK_CUR); ++ } ++ if (exhausting) ++ { ++ error (0, 0, _("%s: input file is output file"), quotef (infile)); ++ ok = false; ++ goto contin; ++ } + } + + /* Pointer to the input buffer. */ +diff --git a/tests/cat/cat-self.sh b/tests/cat/cat-self.sh +index ff2afdc..f412707 100755 +--- a/tests/cat/cat-self.sh ++++ b/tests/cat/cat-self.sh +@@ -30,4 +30,24 @@ echo y >doc.end || framework_failure_ + cat doc doc.end >doc || fail=1 + compare doc doc.end || fail=1 + ++# This terminates even though it copies a file to itself. ++# Coreutils 9.5 and earlier rejected this. ++echo x >fx || framework_failure_ ++echo y >fy || framework_failure_ ++cat fx fy >fxy || fail=1 ++for i in 1 2; do ++ cat fx >fxy$i || fail=1 ++done ++for i in 3 4 5 6; do ++ cat fx >fx$i || fail=1 ++done ++cat - fy fxy1 || fail=1 ++compare fxy fxy1 || fail=1 ++cat fxy2 fy 1<>fxy2 || fail=1 ++compare fxy fxy2 || fail=1 ++returns_ 1 cat fx fx3 1<>fx3 || fail=1 ++returns_ 1 cat - fx4 fx4 || fail=1 ++returns_ 1 cat fx5 >>fx5 || fail=1 ++returns_ 1 cat >fx6 || fail=1 ++ + Exit $fail +-- +2.27.0 + diff --git a/backport-dd-don-t-trust-st_size-on-proc-files.patch b/backport-dd-don-t-trust-st_size-on-proc-files.patch new file mode 100644 index 0000000..d28a5de --- /dev/null +++ b/backport-dd-don-t-trust-st_size-on-proc-files.patch @@ -0,0 +1,30 @@ +From ac6b8d8224de140f5a6f2ca66e6ce279604a37e6 Mon Sep 17 00:00:00 2001 +From: Paul Eggert +Date: Sat, 6 Apr 2024 15:15:04 -0700 +Subject: [PATCH] =?UTF-8?q?dd:=20don=E2=80=99t=20trust=20st=5Fsize=20on=20?= + =?UTF-8?q?/proc/files?= +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +* src/dd.c (skip): Don’t trust st_size == 0 +--- + src/dd.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/dd.c b/src/dd.c +index b50b841..a582111 100644 +--- a/src/dd.c ++++ b/src/dd.c +@@ -1813,7 +1813,7 @@ skip (int fdesc, char const *file, intmax_t records, idx_t blocksize, + struct stat st; + if (ifstat (STDIN_FILENO, &st) != 0) + error (EXIT_FAILURE, errno, _("cannot fstat %s"), quoteaf (file)); +- if (usable_st_size (&st) && 0 <= input_offset ++ if (usable_st_size (&st) && 0 < st.st_size && 0 <= input_offset + && st.st_size - input_offset < offset) + { + /* When skipping past EOF, return the number of _full_ blocks +-- +2.27.0 + diff --git a/backport-split-don-t-trust-st_size-on-proc-files.patch b/backport-split-don-t-trust-st_size-on-proc-files.patch new file mode 100644 index 0000000..40d12a5 --- /dev/null +++ b/backport-split-don-t-trust-st_size-on-proc-files.patch @@ -0,0 +1,34 @@ +From 11163675818ab877f20d3740a7c3e59d565b8e9c Mon Sep 17 00:00:00 2001 +From: Paul Eggert +Date: Sat, 6 Apr 2024 15:18:04 -0700 +Subject: [PATCH] =?UTF-8?q?split:=20don=E2=80=99t=20trust=20st=5Fsize=20on?= + =?UTF-8?q?=20/proc=20files?= +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +* src/split.c (create): Don’t trust st_size == 0. +--- + src/split.c | 6 ++---- + 1 file changed, 2 insertions(+), 4 deletions(-) + +diff --git a/src/split.c b/src/split.c +index a32b2d9..862f94b 100644 +--- a/src/split.c ++++ b/src/split.c +@@ -489,10 +489,8 @@ create (char const *name) + if (SAME_INODE (in_stat_buf, out_stat_buf)) + error (EXIT_FAILURE, 0, _("%s would overwrite input; aborting"), + quoteaf (name)); +- bool regularish +- = S_ISREG (out_stat_buf.st_mode) || S_TYPEISSHM (&out_stat_buf); +- if (! (regularish && out_stat_buf.st_size == 0) +- && ftruncate (fd, 0) < 0 && regularish) ++ if (ftruncate (fd, 0) < 0 ++ && (S_ISREG (out_stat_buf.st_mode) || S_TYPEISSHM (&out_stat_buf))) + error (EXIT_FAILURE, errno, _("%s: error truncating"), quotef (name)); + + return fd; +-- +2.27.0 + diff --git a/coreutils.spec b/coreutils.spec index acdc6e1..3c97cca 100644 --- a/coreutils.spec +++ b/coreutils.spec @@ -1,6 +1,6 @@ Name: coreutils Version: 9.4 -Release: 5 +Release: 6 License: GPLv3+ Summary: A set of basic GNU tools commonly used in shell scripts Url: https://www.gnu.org/software/coreutils/ @@ -25,6 +25,10 @@ patch10: backport-CVE-2024-0684-split-do-not-shrink-hold-buffer.patch patch11: test-skip-overlay-filesystem-because-of-no-inotify_add_watch.patch patch12: fix-coredump-if-enable-systemd.patch patch13: backport-sort-don-t-trust-st_size-on-proc-files.patch +patch14: backport-cat-don-t-trust-st_size-on-proc-files.patch +patch15: backport-dd-don-t-trust-st_size-on-proc-files.patch +patch16: backport-split-don-t-trust-st_size-on-proc-files.patch + %ifarch sw_64 Patch9001: coreutils-9.0-sw.patch %endif @@ -159,6 +163,9 @@ fi %{_mandir}/man*/* %changelog +* Mon Jun 24 2024 huyubiao - 9.4-6 +- backport patches from community + * Wed Jun 12 2024 yanglongkang - 9.4-5 - sort: don't trust st_size on /proc files -- Gitee