diff --git a/backport-cksum-consistently-validate-length-attributes.patch b/backport-cksum-consistently-validate-length-attributes.patch new file mode 100644 index 0000000000000000000000000000000000000000..0e9e4c88ee87c032b4a717098d180c87489dcc6f --- /dev/null +++ b/backport-cksum-consistently-validate-length-attributes.patch @@ -0,0 +1,64 @@ +From fea833591ba787b1232d13ac4b985bea1e7601de Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?P=C3=A1draig=20Brady?= +Date: Mon, 4 Mar 2024 16:33:23 +0000 +Subject: [PATCH] cksum: consistently validate --length attributes + +* src/digest.c (main): Only validate the last used --length +for being a multiple of 8. +* tests/cksum/b2sum.sh: Add a test case. +Fixes https://bugs.gnu.org/69546 + +Reference:https://github.com/coreutils/coreutils/commit/fea833591ba787b1232d13ac4b985bea1e7601de +Conflict:Adapt to src/digest.c. Adapt to tests/misc/b2sum.sh. + +--- + src/digest.c | 10 +++++----- + tests/misc/b2sum.sh | 4 ++++ + 2 files changed, 9 insertions(+), 5 deletions(-) + +diff --git a/src/digest.c b/src/digest.c +index 2dfc877..84e2a6b 100644 +--- a/src/digest.c ++++ b/src/digest.c +@@ -1299,11 +1299,6 @@ main (int argc, char **argv) + digest_length = xdectoumax (optarg, 0, UINTMAX_MAX, "", + _("invalid length"), 0); + digest_length_str = optarg; +- if (digest_length % 8 != 0) +- { +- error (0, 0, _("invalid length: %s"), quote (digest_length_str)); +- die (EXIT_FAILURE, 0, _("length is not a multiple of 8")); +- } + break; + #endif + #if !HASH_ALGO_SUM +@@ -1374,6 +1369,11 @@ main (int argc, char **argv) + die (EXIT_FAILURE, 0, + _("--length is only supported with --algorithm=blake2b")); + # endif ++ if (digest_length % 8 != 0) ++ { ++ error (0, 0, _("invalid length: %s"), quote (digest_length_str)); ++ error (EXIT_FAILURE, 0, _("length is not a multiple of 8")); ++ } + if (digest_length > BLAKE2B_MAX_LEN * 8) + { + error (0, 0, _("invalid length: %s"), quote (digest_length_str)); +diff --git a/tests/misc/b2sum.sh b/tests/misc/b2sum.sh +index 99982ca..3b02ecd 100755 +--- a/tests/misc/b2sum.sh ++++ b/tests/misc/b2sum.sh +@@ -59,6 +59,10 @@ printf '%s\n' 'BLAKE2' 'BLAKE2b' 'BLAKE2-' 'BLAKE2(' 'BLAKE2 (' > crash.check \ + || framework_failure_ + returns_ 1 $prog -c crash.check || fail=1 + ++# This would fail before coreutil-9.4 ++# Only validate the last specified, used length ++$prog -l 123 -l 128 /dev/null || fail=1 ++ + done + + Exit $fail +-- +2.33.0 + diff --git a/backport-coreutils-df-direct.patch b/backport-coreutils-df-direct.patch new file mode 100644 index 0000000000000000000000000000000000000000..eabe6ed9e594cda3d42ada33d34d5eb54fa22ec8 --- /dev/null +++ b/backport-coreutils-df-direct.patch @@ -0,0 +1,189 @@ +From 6e36198f10a2f63b89c89ebb5d5c185b20fb3a63 Mon Sep 17 00:00:00 2001 +From: Kamil Dudka +Date: Mon, 29 Mar 2010 17:20:34 +0000 +Subject: [PATCH] coreutils-df-direct.patch + +--- + doc/coreutils.texi | 7 ++++++ + src/df.c | 34 ++++++++++++++++++++++++++-- + tests/df/direct.sh | 55 ++++++++++++++++++++++++++++++++++++++++++++++ + 3 files changed, 94 insertions(+), 2 deletions(-) + create mode 100755 tests/df/direct.sh + +Reference: https://src.fedoraproject.org/rpms/coreutils/blob/rawhide/f/coreutils-df-direct.patch +Conflict: NA + +diff --git a/doc/coreutils.texi b/doc/coreutils.texi +index a507280..400e135 100644 +--- a/doc/coreutils.texi ++++ b/doc/coreutils.texi +@@ -11303,6 +11303,13 @@ some systems (notably SunOS), doing this yields more up to date results, + but in general this option makes @command{df} much slower, especially when + there are many or very busy file systems. + ++@item --direct ++@opindex --direct ++@cindex direct statfs for a file ++Do not resolve mount point and show statistics directly for a file. It can be ++especially useful for NFS mount points if there is a boundary between two ++storage policies behind the mount point. ++ + @item --total + @opindex --total + @cindex grand total of file system size, usage and available space +diff --git a/src/df.c b/src/df.c +index 8f760db..a7385fd 100644 +--- a/src/df.c ++++ b/src/df.c +@@ -120,6 +120,9 @@ static bool print_type; + /* If true, print a grand total at the end. */ + static bool print_grand_total; + ++/* If true, show statistics for a file instead of mount point. */ ++static bool direct_statfs; ++ + /* Grand total data. */ + static struct fs_usage grand_fsu; + +@@ -247,13 +250,15 @@ enum + NO_SYNC_OPTION = CHAR_MAX + 1, + SYNC_OPTION, + TOTAL_OPTION, +- OUTPUT_OPTION ++ OUTPUT_OPTION, ++ DIRECT_OPTION + }; + + static struct option const long_options[] = + { + {"all", no_argument, NULL, 'a'}, + {"block-size", required_argument, NULL, 'B'}, ++ {"direct", no_argument, NULL, DIRECT_OPTION}, + {"inodes", no_argument, NULL, 'i'}, + {"human-readable", no_argument, NULL, 'h'}, + {"si", no_argument, NULL, 'H'}, +@@ -509,7 +514,10 @@ get_header (void) + for (col = 0; col < ncolumns; col++) + { + char *cell = NULL; +- char const *header = _(columns[col]->caption); ++ char const *header = (columns[col]->field == TARGET_FIELD ++ && direct_statfs)? ++ _("File") : ++ _(columns[col]->caption); + + if (columns[col]->field == SIZE_FIELD + && (header_mode == DEFAULT_MODE +@@ -1397,6 +1405,19 @@ get_point (const char *point, const struct stat *statp) + static void + get_entry (char const *name, struct stat const *statp) + { ++ if (direct_statfs) ++ { ++ char *resolved = canonicalize_file_name (name); ++ if (resolved) ++ { ++ char *mp = find_mount_point (name, statp); ++ get_dev (NULL, mp, resolved, NULL, NULL, false, false, NULL, false); ++ free(mp); ++ free (resolved); ++ return; ++ } ++ } ++ + if ((S_ISBLK (statp->st_mode) || S_ISCHR (statp->st_mode)) + && get_device (name)) + return; +@@ -1467,6 +1488,7 @@ or all file systems by default.\n\ + -B, --block-size=SIZE scale sizes by SIZE before printing them; e.g.,\n\ + '-BM' prints sizes in units of 1,048,576 bytes;\n\ + see SIZE format below\n\ ++ --direct show statistics for a file instead of mount point\n\ + -h, --human-readable print sizes in powers of 1024 (e.g., 1023M)\n\ + -H, --si print sizes in powers of 1000 (e.g., 1.1G)\n\ + "), stdout); +@@ -1557,6 +1579,9 @@ main (int argc, char **argv) + xstrtol_fatal (e, oi, c, long_options, optarg); + } + break; ++ case DIRECT_OPTION: ++ direct_statfs = true; ++ break; + case 'i': + if (header_mode == OUTPUT_MODE) + { +@@ -1653,6 +1678,13 @@ main (int argc, char **argv) + } + } + ++ if (direct_statfs && show_local_fs) ++ { ++ error (0, 0, _("options --direct and --local (-l) are mutually " ++ "exclusive")); ++ usage (EXIT_FAILURE); ++ } ++ + if (human_output_opts == -1) + { + if (posix_format) +diff --git a/tests/df/direct.sh b/tests/df/direct.sh +new file mode 100755 +index 0000000..8e4cfb8 +--- /dev/null ++++ b/tests/df/direct.sh +@@ -0,0 +1,55 @@ ++#!/bin/sh ++# Ensure "df --direct" works as documented ++ ++# Copyright (C) 2010 Free Software Foundation, Inc. ++ ++# This program is free software: you can redistribute it and/or modify ++# it under the terms of the GNU General Public License as published by ++# the Free Software Foundation, either version 3 of the License, or ++# (at your option) any later version. ++ ++# This program is distributed in the hope that it will be useful, ++# but WITHOUT ANY WARRANTY; without even the implied warranty of ++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++# GNU General Public License for more details. ++ ++# You should have received a copy of the GNU General Public License ++# along with this program. If not, see . ++ ++. "${srcdir=.}/init.sh"; path_prepend_ ../src ++print_ver_ df ++ ++df || skip_ "df fails" ++ ++DIR=`pwd` || framework_failure ++FILE="$DIR/file" ++touch "$FILE" || framework_failure ++echo "$FILE" > file_exp || framework_failure ++echo "Mounted on" > header_mounted_exp || framework_failure ++echo "File" > header_file_exp || framework_failure ++ ++fail=0 ++ ++df --portability "$FILE" > df_out || fail=1 ++df --portability --direct "$FILE" > df_direct_out || fail=1 ++df --portability --direct --local "$FILE" > /dev/null 2>&1 && fail=1 ++ ++# check df header ++$AWK '{ if (NR==1) print $6 " " $7; }' df_out > header_mounted_out \ ++ || framework_failure ++$AWK '{ if (NR==1) print $6; }' df_direct_out > header_file_out \ ++ || framework_failure ++compare header_mounted_out header_mounted_exp || fail=1 ++compare header_file_out header_file_exp || fail=1 ++ ++# check df output (without --direct) ++$AWK '{ if (NR==2) print $6; }' df_out > file_out \ ++ || framework_failure ++compare file_out file_exp && fail=1 ++ ++# check df output (with --direct) ++$AWK '{ if (NR==2) print $6; }' df_direct_out > file_out \ ++ || framework_failure ++compare file_out file_exp || fail=1 ++ ++Exit $fail diff --git a/backport-df-fix-memory-leak.patch b/backport-df-fix-memory-leak.patch new file mode 100644 index 0000000000000000000000000000000000000000..59cc45e10f5851469804b87a56bbe0b960cee046 --- /dev/null +++ b/backport-df-fix-memory-leak.patch @@ -0,0 +1,58 @@ +From fb7579768d688a300c4ac76451e1fc7cad59e3e8 Mon Sep 17 00:00:00 2001 +From: Paul Eggert +Date: Mon, 31 Jan 2022 19:52:43 -0800 +Subject: [PATCH] df: fix memory leak + +* src/df.c (devlist_free): Remove. +(filter_mount_list): Free all of devlist, instead of merely +the entries in devlist_table. + +Reference:https://github.com/coreutils/coreutils/commit/fb7579768d688a300c4ac76451e1fc7cad59e3e8 +Conflict:NA + +--- + src/df.c | 14 ++++---------- + 1 file changed, 4 insertions(+), 10 deletions(-) + +diff --git a/src/df.c b/src/df.c +index 7d3207807..4b2cfb77a 100644 +--- a/src/df.c ++++ b/src/df.c +@@ -710,12 +710,6 @@ devlist_for_dev (dev_t dev) + return found->seen_last; + } + +-static void +-devlist_free (void *p) +-{ +- free (p); +-} +- + /* Filter mount list by skipping duplicate entries. + In the case of duplicates - based on the device number - the mount entry + with a '/' in its me_devname (i.e., not pseudo name like tmpfs) wins. +@@ -736,9 +730,7 @@ filter_mount_list (bool devices_only) + mount_list_size++; + + devlist_table = hash_initialize (mount_list_size, NULL, +- devlist_hash, +- devlist_compare, +- devlist_free); ++ devlist_hash, devlist_compare, NULL); + if (devlist_table == NULL) + xalloc_die (); + +@@ -845,7 +837,9 @@ filter_mount_list (bool devices_only) + me = device_list->me; + me->me_next = mount_list; + mount_list = me; +- device_list = device_list->next; ++ struct devlist *next = device_list->next; ++ free (device_list); ++ device_list = next; + } + + hash_free (devlist_table); +-- +2.33.0 + diff --git a/backport-head-off_t-not-uintmax_t-for-file-offset.patch b/backport-head-off_t-not-uintmax_t-for-file-offset.patch new file mode 100644 index 0000000000000000000000000000000000000000..f150b5b4d41178770b3a70afd84529c790586463 --- /dev/null +++ b/backport-head-off_t-not-uintmax_t-for-file-offset.patch @@ -0,0 +1,32 @@ +From 0f9e2719e0dd2366f0381daa832f9415f3162af2 Mon Sep 17 00:00:00 2001 +From: Paul Eggert +Date: Sat, 10 Aug 2024 18:55:09 -0700 +Subject: [PATCH] head: off_t not uintmax_t for file offset + +* src/head.c (elide_tail_lines_pipe): +Use off_t, not uintmax_t, for a local var that is +a file offset. + +Reference:https://github.com/coreutils/coreutils/commit/0f9e2719e0dd2366f0381daa832f9415f3162af2 +Conflict:NA + +--- + src/head.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/head.c b/src/head.c +index 2795ae486..a9155c24c 100644 +--- a/src/head.c ++++ b/src/head.c +@@ -504,7 +504,7 @@ elide_tail_lines_pipe (char const *filename, int fd, uintmax_t n_elide, + size_t nlines; + struct linebuffer *next; + }; +- uintmax_t desired_pos = current_pos; ++ off_t desired_pos = current_pos; + typedef struct linebuffer LBUFFER; + LBUFFER *first, *last, *tmp; + size_t total_lines = 0; /* Total number of newlines in all buffers. */ +-- +2.43.0 + diff --git a/backport-ls-avoid-triggering-automounts.patch b/backport-ls-avoid-triggering-automounts.patch new file mode 100644 index 0000000000000000000000000000000000000000..38c356920f82f518a0c0f7c606e654cad7a0e57d --- /dev/null +++ b/backport-ls-avoid-triggering-automounts.patch @@ -0,0 +1,53 @@ +From 85c975df2c25bd799370b04bb294e568e001102f Mon Sep 17 00:00:00 2001 +From: Rohan Sable +Date: Mon, 7 Mar 2022 14:14:13 +0000 +Subject: [PATCH] ls: avoid triggering automounts + +statx() has different defaults wrt automounting +compared to stat() or lstat(), so explicitly +set the AT_NO_AUTOMOUNT flag to suppress that behavior, +and avoid unintended operations or potential errors. + +* src/ls.c (do_statx): Pass AT_NO_AUTOMOUNT to avoid this behavior. +* NEWS: Mention the change in behavior. +Fixes https://bugs.gnu.org/54286 + +Signed-off-by: Rohan Sable + +Reference:https://github.com/coreutils/coreutils/commit/85c975df2c25bd799370b04bb294e568e001102f +Conflict:Context adaptation + +--- + NEWS | 2 ++ + src/ls.c | 2 +- + 2 files changed, 3 insertions(+), 1 deletion(-) + +diff --git a/NEWS b/NEWS +index d1fd1dc..0ce883f 100644 +--- a/NEWS ++++ b/NEWS +@@ -30,6 +30,8 @@ GNU coreutils NEWS -*- outline -*- + invalid speed arguments. Now they're validated against both the + general accepted set, and the system supported set of valid speeds. + [This bug was present in "the beginning".] ++ ls no longer tries to automount files, reverting to the behavior ++ before the statx() call was introduced in coreutils-8.32. + + chmod -v no longer misreports modes of dangling symlinks. + [bug introduced in coreutils-5.3.0] +diff --git a/src/ls.c b/src/ls.c +index 1047801..fe0e9f8 100644 +--- a/src/ls.c ++++ b/src/ls.c +@@ -1175,7 +1175,7 @@ do_statx (int fd, char const *name, struct stat *st, int flags, + { + struct statx stx; + bool want_btime = mask & STATX_BTIME; +- int ret = statx (fd, name, flags, mask, &stx); ++ int ret = statx (fd, name, flags | AT_NO_AUTOMOUNT, mask, &stx); + if (ret >= 0) + { + statx_to_stat (&stx, st); +-- +2.33.0 + diff --git a/backport-maint-basenc-consistently-check-buffer-bounds-when-e.patch b/backport-maint-basenc-consistently-check-buffer-bounds-when-e.patch new file mode 100644 index 0000000000000000000000000000000000000000..5aabf9f032b20375d9950b30b794e3c474df8f0a --- /dev/null +++ b/backport-maint-basenc-consistently-check-buffer-bounds-when-e.patch @@ -0,0 +1,74 @@ +From a46f34bb56d545369a6b1321c2d78ac08b676c06 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?P=C3=A1draig=20Brady?= +Date: Tue, 19 Mar 2024 15:55:18 +0000 +Subject: [PATCH] maint: basenc: consistently check buffer bounds when encoding + +* src/basenc.c (base16_encode, base2msbf_encode, base2lsbf_encode): +Ensure we don't overflow the output buffer, whose length is +passed in the OUTLEN parameter. This issue was flagged by clang +with -Wunused-but-set-parameter. + +Reference:https://github.com/coreutils/coreutils/commit/a46f34bb56d545369a6b1321c2d78ac08b676c06 +Conflict:Adapt to context. + +--- + src/basenc.c | 10 +++++++--- + 1 file changed, 7 insertions(+), 3 deletions(-) + +diff --git a/src/basenc.c b/src/basenc.c +index f4ca872..a3f89da 100644 +--- a/src/basenc.c ++++ b/src/basenc.c +@@ -508,12 +508,14 @@ static void + base16_encode (char const *restrict in, idx_t inlen, + char *restrict out, idx_t outlen) + { +- while (inlen--) ++ while (inlen && outlen) + { + unsigned char c = *in; + *out++ = base16[c >> 4]; + *out++ = base16[c & 0x0F]; + ++in; ++ inlen--; ++ outlen -= 2; + } + } + +@@ -784,7 +786,7 @@ inline static void + base2msbf_encode (char const *restrict in, idx_t inlen, + char *restrict out, idx_t outlen) + { +- while (inlen--) ++ while (inlen && outlen) + { + unsigned char c = *in; + for (int i = 0; i < 8; i++) +@@ -792,6 +794,7 @@ base2msbf_encode (char const *restrict in, idx_t inlen, + *out++ = c & 0x80 ? '1' : '0'; + c <<= 1; + } ++ inlen--; + outlen -= 8; + ++in; + } +@@ -801,7 +804,7 @@ inline static void + base2lsbf_encode (char const *restrict in, idx_t inlen, + char *restrict out, idx_t outlen) + { +- while (inlen--) ++ while (inlen && outlen) + { + unsigned char c = *in; + for (int i = 0; i < 8; i++) +@@ -809,6 +812,7 @@ base2lsbf_encode (char const *restrict in, idx_t inlen, + *out++ = c & 0x01 ? '1' : '0'; + c >>= 1; + } ++ inlen--; + outlen -= 8; + ++in; + } +-- +2.33.0 + diff --git a/backport-pinky-fix-string-size-calculation.patch b/backport-pinky-fix-string-size-calculation.patch new file mode 100644 index 0000000000000000000000000000000000000000..a8271fb8e747bb9dcbd8e4e30decb8d0b18773d8 --- /dev/null +++ b/backport-pinky-fix-string-size-calculation.patch @@ -0,0 +1,66 @@ +From 3e0d7787e67d4f732298d99eee772fc2631ddfb8 Mon Sep 17 00:00:00 2001 +From: Paul Eggert +Date: Sat, 11 Nov 2023 00:17:11 -0800 +Subject: [PATCH] pinky: fix string size calculation + +* src/pinky.c (count_ampersands): Simplify and return idx_t. +(create_fullname): Compute proper destination string size, +basically, by adding (ulen - 1) * ampersands rather than ulen * +(ampersands - 1). Problem found on CHERI-64. + +Reference:https://github.com/coreutils/coreutils/commit/3e0d7787e67d4f732298d99eee772fc2631ddfb8 +Conflict:Adapt to context. Adapt to INT_MULTIPLY_WRAPV. + +--- + src/pinky.c | 21 +++++++++------------ + 1 file changed, 9 insertions(+), 12 deletions(-) + +diff --git a/src/pinky.c b/src/pinky.c +index 6fea949..501a5b7 100644 +--- a/src/pinky.c ++++ b/src/pinky.c +@@ -81,15 +81,12 @@ static struct option const longopts[] = + + /* Count and return the number of ampersands in STR. */ + +-static size_t _GL_ATTRIBUTE_PURE ++static idx_t _GL_ATTRIBUTE_PURE + count_ampersands (char const *str) + { +- size_t count = 0; +- do +- { +- if (*str == '&') +- count++; +- } while (*str++); ++ idx_t count = 0; ++ for (; *str; str++) ++ count += *str == '&'; + return count; + } + +@@ -102,16 +99,16 @@ count_ampersands (char const *str) + static char * + create_fullname (char const *gecos_name, char const *user_name) + { +- size_t rsize = strlen (gecos_name) + 1; ++ idx_t rsize = strlen (gecos_name) + 1; + char *result; + char *r; +- size_t ampersands = count_ampersands (gecos_name); ++ idx_t ampersands = count_ampersands (gecos_name); + + if (ampersands != 0) + { +- size_t ulen = strlen (user_name); +- size_t product; +- if (INT_MULTIPLY_WRAPV (ulen, ampersands - 1, &product) ++ idx_t ulen = strlen (user_name); ++ ptrdiff_t product; ++ if (INT_MULTIPLY_WRAPV (ulen - 1, ampersands, &product) + || INT_ADD_WRAPV (rsize, product, &rsize)) + xalloc_die (); + } +-- +2.33.0 + diff --git a/backport-pr-don-t-use-uninitialized-var.patch b/backport-pr-don-t-use-uninitialized-var.patch new file mode 100644 index 0000000000000000000000000000000000000000..1653f9b93bf93ccba9b3e1de8198269ecd166f92 --- /dev/null +++ b/backport-pr-don-t-use-uninitialized-var.patch @@ -0,0 +1,50 @@ +From 81d58df1647ea79c5161f99d8bd241f0c78df729 Mon Sep 17 00:00:00 2001 +From: Paul Eggert +Date: Tue, 19 Apr 2022 16:13:55 -0700 +Subject: [PATCH] =?UTF-8?q?pr:=20don=E2=80=99t=20use=20uninitialized=20var?= +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Found with -flto and --enable-gcc-warnings. +* src/pr.c (getoptarg): Fix misuse of xstrtol, which does not +necessarily set tmp_long on errror, and does not set errno in any +reliable way. The previous code might access uninitialized +storage; on typical platforms this merely causes it to possibly +print the wrong diagnostic. + +Reference:https://github.com/coreutils/coreutils/commit/81d58df1647ea79c5161f99d8bd241f0c78df729 +Conflict:NA + +--- + src/pr.c | 13 ++++++++++--- + 1 file changed, 10 insertions(+), 3 deletions(-) + +diff --git a/src/pr.c b/src/pr.c +index 4c17c0050..a8feba9d8 100644 +--- a/src/pr.c ++++ b/src/pr.c +@@ -1173,10 +1173,17 @@ getoptarg (char *arg, char switch_char, char *character, int *number) + if (*arg) + { + long int tmp_long; +- if (xstrtol (arg, NULL, 10, &tmp_long, "") != LONGINT_OK +- || tmp_long <= 0 || INT_MAX < tmp_long) ++ strtol_error e = xstrtol (arg, NULL, 10, &tmp_long, ""); ++ if (e == LONGINT_OK) + { +- error (0, INT_MAX < tmp_long ? EOVERFLOW : errno, ++ if (tmp_long <= 0) ++ e = LONGINT_INVALID; ++ else if (INT_MAX < tmp_long) ++ e = LONGINT_OVERFLOW; ++ } ++ if (e != LONGINT_OK) ++ { ++ error (0, e & LONGINT_OVERFLOW ? EOVERFLOW : 0, + _("'-%c' extra characters or invalid number in the argument: %s"), + switch_char, quote (arg)); + usage (EXIT_FAILURE); +-- +2.33.0 + diff --git a/backport-putenv-Don-t-crash-upon-out-of-memory.patch b/backport-putenv-Don-t-crash-upon-out-of-memory.patch new file mode 100644 index 0000000000000000000000000000000000000000..13d132ea41b1d1a1e7f3606aafcdf87ad48f9c14 --- /dev/null +++ b/backport-putenv-Don-t-crash-upon-out-of-memory.patch @@ -0,0 +1,30 @@ +From adb76c754290c328a88438af89e491ece7e6a9c5 Mon Sep 17 00:00:00 2001 +From: Bruno Haible +Date: Thu, 6 Jun 2024 02:24:44 +0200 +Subject: [PATCH] putenv: Don't crash upon out-of-memory. + +* lib/putenv.c (_unsetenv): Handle malloc failure. + +Reference:https://github.com/coreutils/gnulib/commit/adb76c754290c328a88438af89e491ece7e6a9c5 +Conflict:delete ChangeLog + +--- + lib/putenv.c | 2 ++ + 1 files changed, 2 insertions(+) + +diff --git a/lib/putenv.c b/lib/putenv.c +index 525d12ae..1d70717e 100644 +--- a/lib/putenv.c ++++ b/lib/putenv.c +@@ -92,6 +92,8 @@ _unsetenv (const char *name) + { + int putenv_result; + char *name_ = malloc (len + 2); ++ if (name_ == NULL) ++ return -1; + memcpy (name_, name, len); + name_[len] = '='; + name_[len + 1] = 0; +-- +2.43.0 + diff --git a/backport-shuf-avoid-integer-overflow-on-huge-inputs.patch b/backport-shuf-avoid-integer-overflow-on-huge-inputs.patch new file mode 100644 index 0000000000000000000000000000000000000000..91739e4f3b262804d3ab47e6e79e597c3a34371a --- /dev/null +++ b/backport-shuf-avoid-integer-overflow-on-huge-inputs.patch @@ -0,0 +1,43 @@ +From 1ea7255f8b0661cdfabbd13f8f443f81665a07e0 Mon Sep 17 00:00:00 2001 +From: Paul Eggert +Date: Sat, 3 Aug 2024 22:59:12 -0700 +Subject: [PATCH] shuf: avoid integer overflow on huge inputs + +* gl/lib/randperm.c: Include . +(randperm_bound): Return SIZE_MAX if the multiplication overflows. +Do not overflow when converting bit count to byte count. + +Reference:https://github.com/coreutils/coreutils/commit/1ea7255f8b0661cdfabbd13f8f443f81665a07e0 +Conflict:change gl/lib/randperm.c to lib/randperm.c; Adaptation to INT_MULTIPLY_WRAPV() and floor_lg() + +--- + lib/randperm.c | 10 ++++++---- + 1 file changed, 6 insertions(+), 4 deletions(-) + +diff --git a/lib/randperm.c b/lib/randperm.c +index c01c296..7517884 100644 +--- a/lib/randperm.c ++++ b/lib/randperm.c +@@ -53,13 +53,15 @@ randperm_bound (size_t h, size_t n) + { + /* Upper bound on number of bits needed to generate the first number + of the permutation. */ +- uintmax_t lg_n = floor_lg (n) + 1; ++ unsigned int lg_n = floor_lg (n) + 1; + +- /* Upper bound on number of bits needed to generated the first H elements. */ +- uintmax_t ar = lg_n * h; ++ /* Upper bound on number of bits needed to generate the first H elements. */ ++ uintmax_t ar; ++ if (INT_MULTIPLY_WRAPV (lg_n, h, &ar)) ++ return SIZE_MAX; + + /* Convert the bit count to a byte count. */ +- size_t bound = (ar + CHAR_BIT - 1) / CHAR_BIT; ++ size_t bound = ar / CHAR_BIT + (ar % CHAR_BIT != 0); + + return bound; + } +-- +2.43.0 + diff --git a/backport-shuf-fix-randomness-bug.patch b/backport-shuf-fix-randomness-bug.patch new file mode 100644 index 0000000000000000000000000000000000000000..e4f5242a29be750086d84350c1fc19bba5f53c6d --- /dev/null +++ b/backport-shuf-fix-randomness-bug.patch @@ -0,0 +1,44 @@ +From bfbb3ec7f798b179d7fa7b42673e068b18048899 Mon Sep 17 00:00:00 2001 +From: Paul Eggert +Date: Sat, 3 Aug 2024 22:31:20 -0700 +Subject: [PATCH] shuf: fix randomness bug + +Problem reported by Daniel Carpenter . +* gl/lib/randread.c (randread_new): Fill the ISAAC buffer +instead of storing at most BYTES_BOUND bytes into it. + +Reference:https://github.com/coreutils/coreutils/commit/bfbb3ec7f798b179d7fa7b42673e068b18048899 +Conflict:delete NEWS and THANKS.in; changelog gl/lib/randread.c to lib/randread.c + +--- + lib/randread.c | 12 +++++++++++- + 1 file changed, 11 insertions(+), 1 deletion(-) + +diff --git a/lib/randread.c b/lib/randread.c +index 7124e3d..c99f1a1 100644 +--- a/lib/randread.c ++++ b/lib/randread.c +@@ -187,9 +187,19 @@ randread_new (char const *name, size_t bytes_bound) + setvbuf (source, s->buf.c, _IOFBF, MIN (sizeof s->buf.c, bytes_bound)); + else + { ++ /* Fill the ISAAC buffer. Although it is tempting to read at ++ most BYTES_BOUND bytes, this is incorrect for two reasons. ++ First, BYTES_BOUND is just an estimate. ++ Second, even if the estimate is correct ++ ISAAC64 poorly randomizes when BYTES_BOUND is small ++ and just the first few bytes of s->buf.isaac.state.m ++ are random while the other bytes are all zero. See: ++ Aumasson J-P. On the pseudo-random generator ISAAC. ++ Cryptology ePrint Archive. 2006;438. ++ . */ + s->buf.isaac.buffered = 0; + if (! get_nonce (s->buf.isaac.state.m, +- MIN (sizeof s->buf.isaac.state.m, bytes_bound))) ++ sizeof s->buf.isaac.state.m)) + { + int e = errno; + randread_free (s); +-- +2.43.0 + diff --git a/backport-stat-only-automount-with-cached-never.patch b/backport-stat-only-automount-with-cached-never.patch new file mode 100644 index 0000000000000000000000000000000000000000..bb24aef83b9845af411e5b7ed2e58e16eaf5570e --- /dev/null +++ b/backport-stat-only-automount-with-cached-never.patch @@ -0,0 +1,67 @@ +From 92cb8427c537f37edd43c5cef1909585201372ab Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?P=C3=A1draig=20Brady?= +Date: Mon, 7 Mar 2022 23:29:20 +0000 +Subject: [PATCH] stat: only automount with --cached=never + +Revert to the default behavior before the introduction of statx(). + +* src/stat.c (do_stat): Set AT_NO_AUTOMOUNT without --cached=never. +* doc/coreutils.texi (stat invocation): Mention the automount +behavior with --cached=never. +* NEWS: Mention the change in behavior. + +Fixes https://bugs.gnu.org/54287 + +Reference:https://github.com/coreutils/coreutils/commit/92cb8427c537f37edd43c5cef1909585201372ab +Conflict:Context adaptation + +--- + NEWS | 4 ++++ + doc/coreutils.texi | 1 + + src/stat.c | 3 +++ + 3 files changed, 8 insertions(+) + +diff --git a/NEWS b/NEWS +index 0076273..91c78df 100644 +--- a/NEWS ++++ b/NEWS +@@ -6,6 +6,10 @@ GNU coreutils NEWS -*- outline -*- + ls no longer tries to automount files, reverting to the behavior + before the statx() call was introduced in coreutils-8.32. + ++ stat no longer tries to automount files by default, reverting to the ++ behavior before the statx() call was introduced in coreutils-8.32. ++ Only `stat --cached=never` will continue to automount files. ++ + chmod -v no longer misreports modes of dangling symlinks. + [bug introduced in coreutils-5.3.0] + +diff --git a/doc/coreutils.texi b/doc/coreutils.texi +index e9be0993a..05dc5ee21 100644 +--- a/doc/coreutils.texi ++++ b/doc/coreutils.texi +@@ -12608,6 +12608,7 @@ Always read the already cached attributes if available. + + @item never + Always sychronize with the latest file system attributes. ++This also mounts automounted files. + + @item default + Leave the caching behavior to the underlying file system. +diff --git a/src/stat.c b/src/stat.c +index 0c34501..803340a 100644 +--- a/src/stat.c ++++ b/src/stat.c +@@ -1381,6 +1381,9 @@ do_stat (char const *filename, char const *format, char const *format2) + else if (force_sync) + flags |= AT_STATX_FORCE_SYNC; + ++ if (! force_sync) ++ flags |= AT_NO_AUTOMOUNT; ++ + fd = statx (fd, pathname, flags, format_to_mask (format), &stx); + if (fd < 0) + { +-- +2.33.0 + diff --git a/backport-timeout-fix-narrow-race-in-failing-to-kill-processes.patch b/backport-timeout-fix-narrow-race-in-failing-to-kill-processes.patch new file mode 100644 index 0000000000000000000000000000000000000000..c9bf094ef8dcda92ac26eb33e0014368304720cf --- /dev/null +++ b/backport-timeout-fix-narrow-race-in-failing-to-kill-processes.patch @@ -0,0 +1,90 @@ +From ab4ffc85039f7398dde2ec4b307dfb2aa0fcf4f8 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?P=C3=A1draig=20Brady?= +Date: Mon, 11 Mar 2024 13:46:24 +0000 +Subject: [PATCH] timeout: fix narrow race in failing to kill processes + +* src/timeout.c (main): Block cleanup signals earlier so that cleanup() +is not runnable until monitored_pid is in a deterministic state. +This ensures we always send a termination signal to the child +once it's forked. +* NEWS: Mention the bug fix. +Reported at https://github.com/coreutils/coreutils/issues/82 + +Reference:https://github.com/coreutils/coreutils/commit/ab4ffc85039f7398dde2ec4b307dfb2aa0fcf4f8 +Conflict:Delete NEWS. Change nullptr to NULL. + +--- + src/timeout.c | 32 +++++++++++++++++++++----------- + 1 file changed, 21 insertions(+), 11 deletions(-) + +diff --git a/src/timeout.c b/src/timeout.c +index 641592c..8fa927c 100644 +--- a/src/timeout.c ++++ b/src/timeout.c +@@ -249,7 +249,7 @@ cleanup (int sig) + { /* were in the parent, so let it continue to exit below. */ + } + else /* monitored_pid == 0 */ +- { /* we're the child or the child is not exec'd yet. */ ++ { /* parent hasn't forked yet, or child has not exec'd yet. */ + _exit (128 + sig); + } + } +@@ -538,14 +538,29 @@ main (int argc, char **argv) + signal (SIGTTOU, SIG_IGN); /* Don't stop if background child needs tty. */ + install_sigchld (); /* Interrupt sigsuspend() when child exits. */ + ++ /* We configure timers so that SIGALRM is sent on expiry. ++ Therefore ensure we don't inherit a mask blocking SIGALRM. */ ++ unblock_signal (SIGALRM); ++ ++ /* Block signals now, so monitored_pid is deterministic in cleanup(). */ ++ sigset_t orig_set; ++ block_cleanup_and_chld (term_signal, &orig_set); ++ + monitored_pid = fork (); + if (monitored_pid == -1) + { + error (0, errno, _("fork system call failed")); + return EXIT_CANCELED; + } +- else if (monitored_pid == 0) +- { /* child */ ++ else if (monitored_pid == 0) /* child */ ++ { ++ /* Restore signal mask for child. */ ++ if (sigprocmask (SIG_SETMASK, &orig_set, NULL) != 0) ++ { ++ error (0, errno, _("child failed to reset signal mask")); ++ return EXIT_CANCELED; ++ } ++ + /* exec doesn't reset SIG_IGN -> SIG_DFL. */ + signal (SIGTTIN, SIG_DFL); + signal (SIGTTOU, SIG_DFL); +@@ -562,19 +577,14 @@ main (int argc, char **argv) + pid_t wait_result; + int status; + +- /* We configure timers so that SIGALRM is sent on expiry. +- Therefore ensure we don't inherit a mask blocking SIGALRM. */ +- unblock_signal (SIGALRM); +- + settimeout (timeout, true); + +- /* Ensure we don't cleanup() after waitpid() reaps the child, ++ /* Note signals remain blocked in parent here, to ensure ++ we don't cleanup() after waitpid() reaps the child, + to avoid sending signals to a possibly different process. */ +- sigset_t cleanup_set; +- block_cleanup_and_chld (term_signal, &cleanup_set); + + while ((wait_result = waitpid (monitored_pid, &status, WNOHANG)) == 0) +- sigsuspend (&cleanup_set); /* Wait with cleanup signals unblocked. */ ++ sigsuspend (&orig_set); /* Wait with cleanup signals unblocked. */ + + if (wait_result < 0) + { +-- +2.33.0 + diff --git a/backport-timeout-fix-race-where-we-might-kill-arbitrary-proce.patch b/backport-timeout-fix-race-where-we-might-kill-arbitrary-proce.patch new file mode 100644 index 0000000000000000000000000000000000000000..206cc89f3da09a84774cd97acab101a506502385 --- /dev/null +++ b/backport-timeout-fix-race-where-we-might-kill-arbitrary-proce.patch @@ -0,0 +1,51 @@ +From c1cf5148a1c6302d27661ff0af772de1e7dbb2b6 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?P=C3=A1draig=20Brady?= +Date: Mon, 11 Mar 2024 13:18:37 +0000 +Subject: [PATCH] timeout: fix race where we might kill arbitrary processes + +* src/timeout.c (cleanup): Handle the case where monitored_pid +might be -1, which could happen if a signal was received +immediately after a failed fork() call. In that case it would +send the termination signal to all processes that the timeout +process has permission to send signals too. +* NEWS: Mention the bug fix. + +Reference:https://github.com/coreutils/coreutils/commit/c1cf5148a1c6302d27661ff0af772de1e7dbb2b6 +Conflict:Delete NEWS. + +--- + src/timeout.c | 11 ++++++++--- + 1 file changed, 8 insertions(+), 3 deletions(-) + +diff --git a/src/timeout.c b/src/timeout.c +index 6505634..641592c 100644 +--- a/src/timeout.c ++++ b/src/timeout.c +@@ -208,7 +208,7 @@ cleanup (int sig) + timed_out = 1; + sig = term_signal; + } +- if (monitored_pid) ++ if (0 < monitored_pid) + { + if (kill_after) + { +@@ -245,8 +245,13 @@ cleanup (int sig) + } + } + } +- else /* we're the child or the child is not exec'd yet. */ +- _exit (128 + sig); ++ else if (monitored_pid == -1) ++ { /* were in the parent, so let it continue to exit below. */ ++ } ++ else /* monitored_pid == 0 */ ++ { /* we're the child or the child is not exec'd yet. */ ++ _exit (128 + sig); ++ } + } + + void +-- +2.33.0 + diff --git a/backport-touch-fix-aliasing-bug.patch b/backport-touch-fix-aliasing-bug.patch new file mode 100644 index 0000000000000000000000000000000000000000..03b6b46a0c75556605e030efd7d585d09943fa43 --- /dev/null +++ b/backport-touch-fix-aliasing-bug.patch @@ -0,0 +1,79 @@ +From afffa445b968d2fa4397bcf1e93f3dde28689526 Mon Sep 17 00:00:00 2001 +From: Paul Eggert +Date: Wed, 27 Jul 2022 09:59:38 -0700 +Subject: [PATCH] touch: fix aliasing bug + +Problem reported by Tim Lange in: +https://lists.gnu.org/r/coreutils/2022-07/msg00008.html +* src/touch.c (date_relative): Rename from get_reldate, +and use a functional style to fix the aliasing bug. + +Reference:https://github.com/coreutils/coreutils/commit/afffa445b968d2fa4397bcf1e93f3dde28689526 +Conflict:NA + +--- + src/touch.c | 24 +++++++++++------------- + 1 file changed, 11 insertions(+), 13 deletions(-) + +diff --git a/src/touch.c b/src/touch.c +index 21c247d0b..d8d232c19 100644 +--- a/src/touch.c ++++ b/src/touch.c +@@ -105,15 +105,15 @@ static int const time_masks[] = + CH_ATIME, CH_ATIME, CH_ATIME, CH_MTIME, CH_MTIME + }; + +-/* Store into *RESULT the result of interpreting FLEX_DATE as a date, +- relative to NOW. If NOW is null, use the current time. */ ++/* The interpretation of FLEX_DATE as a date, relative to NOW. */ + +-static void +-get_reldate (struct timespec *result, +- char const *flex_date, struct timespec const *now) ++static struct timespec ++date_relative (char const *flex_date, struct timespec now) + { +- if (! parse_datetime (result, flex_date, now)) ++ struct timespec result; ++ if (! parse_datetime (&result, flex_date, &now)) + die (EXIT_FAILURE, 0, _("invalid date format %s"), quote (flex_date)); ++ return result; + } + + /* Update the time of file FILE according to the options given. +@@ -356,19 +356,17 @@ main (int argc, char **argv) + if (flex_date) + { + if (change_times & CH_ATIME) +- get_reldate (&newtime[0], flex_date, &newtime[0]); ++ newtime[0] = date_relative (flex_date, newtime[0]); + if (change_times & CH_MTIME) +- get_reldate (&newtime[1], flex_date, &newtime[1]); ++ newtime[1] = date_relative (flex_date, newtime[1]); + } + } + else + { + if (flex_date) + { +- struct timespec now; +- gettime (&now); +- get_reldate (&newtime[0], flex_date, &now); +- newtime[1] = newtime[0]; ++ struct timespec now = current_timespec (); ++ newtime[1] = newtime[0] = date_relative (flex_date, now); + date_set = true; + + /* If neither -a nor -m is specified, treat "-d now" as if +@@ -383,7 +381,7 @@ main (int argc, char **argv) + struct timespec notnow, notnow1; + notnow.tv_sec = now.tv_sec ^ 1; + notnow.tv_nsec = now.tv_nsec; +- get_reldate (¬now1, flex_date, ¬now); ++ notnow1 = date_relative (flex_date, notnow); + if (notnow1.tv_sec == notnow.tv_sec + && notnow1.tv_nsec == notnow.tv_nsec) + date_set = false; +-- +2.33.0 + diff --git a/coreutils.spec b/coreutils.spec index 76c243a8187ad32db7083dd672ab4aeecb93c467..ca6a983bd6fc7c76206036a68c0f48e1791f9bdf 100644 --- a/coreutils.spec +++ b/coreutils.spec @@ -1,6 +1,6 @@ Name: coreutils Version: 9.0 -Release: 15 +Release: 16 License: GPLv3+ Summary: A set of basic GNU tools commonly used in shell scripts Url: https://www.gnu.org/software/coreutils/ @@ -42,6 +42,21 @@ Patch27: backport-wc-port-to-kernels-that-disable-XSAVE-YMM.patch Patch28: test-skip-overlay-filesystem-because-of-no-inotify_add_watch.patch Patch29: fix-typo-in-zh_CN.patch Patch30: backport-sort-don-t-trust-st_size-on-proc-files.patch +Patch31: backport-pinky-fix-string-size-calculation.patch +Patch32: backport-cksum-consistently-validate-length-attributes.patch +Patch33: backport-timeout-fix-race-where-we-might-kill-arbitrary-proce.patch +Patch34: backport-timeout-fix-narrow-race-in-failing-to-kill-processes.patch +Patch35: backport-maint-basenc-consistently-check-buffer-bounds-when-e.patch +Patch36: backport-coreutils-df-direct.patch +Patch37: backport-df-fix-memory-leak.patch +Patch38: backport-ls-avoid-triggering-automounts.patch +Patch39: backport-pr-don-t-use-uninitialized-var.patch +Patch40: backport-stat-only-automount-with-cached-never.patch +Patch41: backport-touch-fix-aliasing-bug.patch +Patch42: backport-putenv-Don-t-crash-upon-out-of-memory.patch +Patch43: backport-head-off_t-not-uintmax_t-for-file-offset.patch +Patch44: backport-shuf-avoid-integer-overflow-on-huge-inputs.patch +Patch45: backport-shuf-fix-randomness-bug.patch Patch9001: coreutils-9.0-sw.patch @@ -170,6 +185,24 @@ fi %{_mandir}/man*/* %changelog +* Wed Sep 11 2024 huyubiao - 9.0-16 +- sync patches from community +- add backport-pinky-fix-string-size-calculation.patch + backport-cksum-consistently-validate-length-attributes.patch + backport-timeout-fix-race-where-we-might-kill-arbitrary-proce.patch + backport-timeout-fix-narrow-race-in-failing-to-kill-processes.patch + backport-maint-basenc-consistently-check-buffer-bounds-when-e.patch + backport-coreutils-df-direct.patch + backport-df-fix-memory-leak.patch + backport-ls-avoid-triggering-automounts.patch + backport-pr-don-t-use-uninitialized-var.patch + backport-stat-only-automount-with-cached-never.patch + backport-touch-fix-aliasing-bug.patch + backport-putenv-Don-t-crash-upon-out-of-memory.patch + backport-head-off_t-not-uintmax_t-for-file-offset.patch + backport-shuf-avoid-integer-overflow-on-huge-inputs.patch + backport-shuf-fix-randomness-bug.patch + * Tue Jun 25 2024 zhangxianting - 9.0-15 - remove arch judgement at patch that support sw