From f6c1eb9ade927c2b8a3768cdf14cc78be8b930d3 Mon Sep 17 00:00:00 2001 From: hugel <2712504175@qq.com> Date: Wed, 5 Mar 2025 15:31:17 +0800 Subject: [PATCH] sync patches from community --- ...n-t-require-a-suffix-with-from-iec-i.patch | 64 +++++++++++++++++++ backport-sort-fix-debug-buffer-overrun.patch | 36 +++++++++++ backport-tac-avoid-out-of-bounds-access.patch | 35 ++++++++++ ...d-failure-on-CHERI-protected-systems.patch | 36 +++++++++++ coreutils.spec | 13 +++- 5 files changed, 183 insertions(+), 1 deletion(-) create mode 100644 backport-numfmt-don-t-require-a-suffix-with-from-iec-i.patch create mode 100644 backport-sort-fix-debug-buffer-overrun.patch create mode 100644 backport-tac-avoid-out-of-bounds-access.patch create mode 100644 backport-yes-avoid-failure-on-CHERI-protected-systems.patch diff --git a/backport-numfmt-don-t-require-a-suffix-with-from-iec-i.patch b/backport-numfmt-don-t-require-a-suffix-with-from-iec-i.patch new file mode 100644 index 0000000..4649f5d --- /dev/null +++ b/backport-numfmt-don-t-require-a-suffix-with-from-iec-i.patch @@ -0,0 +1,64 @@ +From 6229ac946e6ee36158db1a592279671d79a9737a Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?P=C3=A1draig=20Brady?= +Date: Mon, 30 Dec 2024 22:48:14 +0000 +Subject: [PATCH] numfmt: don't require a suffix with --from=iec-i + +* src/numfmt.c (simple_strtod_human): Only look for 'i' +after detecting a suffix. +* tests/misc/numfmt.pl: Add a test case. +* NEWS: Mention the bug fix. +Reported at https://bugs.debian.org/1091758 + +Reference:https://github.com/coreutils/coreutils/commit/6229ac946e6ee36158db1a592279671d79a9737a +Conflict:delete the NEWS. + +--- + src/numfmt.c | 15 +++++++-------- + tests/misc/numfmt.pl | 1 + + 2 files changed, 8 insertions(+), 8 deletions(-) + +diff --git a/src/numfmt.c b/src/numfmt.c +index a9f9e81c8..99c58aee1 100644 +--- a/src/numfmt.c ++++ b/src/numfmt.c +@@ -667,18 +667,17 @@ simple_strtod_human (char const *input_str, + devmsg (" Auto-scaling, found 'i', switching to base %d\n", + scale_base); + } ++ else if (allowed_scaling == scale_IEC_I) ++ { ++ if (**endptr == 'i') ++ (*endptr)++; ++ else ++ return SSE_MISSING_I_SUFFIX; ++ } + + *precision = 0; /* Reset, to select precision based on scale. */ + } + +- if (allowed_scaling == scale_IEC_I) +- { +- if (**endptr == 'i') +- (*endptr)++; +- else +- return SSE_MISSING_I_SUFFIX; +- } +- + long double multiplier = powerld (scale_base, power); + + devmsg (" suffix power=%d^%d = %Lf\n", scale_base, power, multiplier); +diff --git a/tests/misc/numfmt.pl b/tests/misc/numfmt.pl +index 94f9ec58e..148d9d80c 100755 +--- a/tests/misc/numfmt.pl ++++ b/tests/misc/numfmt.pl +@@ -41,6 +41,7 @@ my @Tests = + ['4', '--from=auto 1K', {OUT => "1000"}], + ['5', '--from=auto 1Ki', {OUT => "1024"}], + ['5.1', '--from=iec-i 1Ki', {OUT => "1024"}], ++ ['5.2', '--from=iec-i 1', {OUT => "1"}], + + ['6', {IN_PIPE => "1234\n"}, {OUT => "1234"}], + ['7', '--from=si', {IN_PIPE => "2K\n"}, {OUT => "2000"}], +-- +2.43.0 + diff --git a/backport-sort-fix-debug-buffer-overrun.patch b/backport-sort-fix-debug-buffer-overrun.patch new file mode 100644 index 0000000..0a3c1c6 --- /dev/null +++ b/backport-sort-fix-debug-buffer-overrun.patch @@ -0,0 +1,36 @@ +From e07161d4af89dbf82311ca396ac0916aa90b7301 Mon Sep 17 00:00:00 2001 +From: Paul Eggert +Date: Thu, 16 Jan 2025 09:20:45 -0800 +Subject: [PATCH] sort: fix --debug buffer overrun + +* src/sort.c (debug_key): Fix undefined behavior when a key ends +before it starts. Problem reported by Bruno Haible +. + +Reference:https://github.com/coreutils/coreutils/commit/e07161d4af89dbf82311ca396ac0916aa90b7301 +Conflict:NA + +--- + src/sort.c | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +diff --git a/src/sort.c b/src/sort.c +index 997566240..0928fd57c 100644 +--- a/src/sort.c ++++ b/src/sort.c +@@ -2373,7 +2373,11 @@ debug_key (struct line const *line, struct keyfield const *key) + if (key->sword != SIZE_MAX) + beg = begfield (line, key); + if (key->eword != SIZE_MAX) +- lim = limfield (line, key); ++ { ++ lim = limfield (line, key); ++ /* Treat field ends before field starts as empty fields. */ ++ lim = MAX (beg, lim); ++ } + + if ((key->skipsblanks && key->sword == SIZE_MAX) + || key->month || key_numeric (key)) +-- +2.43.0 + diff --git a/backport-tac-avoid-out-of-bounds-access.patch b/backport-tac-avoid-out-of-bounds-access.patch new file mode 100644 index 0000000..2a5bf5d --- /dev/null +++ b/backport-tac-avoid-out-of-bounds-access.patch @@ -0,0 +1,35 @@ +From d60e550ed0ba67455a5952fe8adf27dacf47e680 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?P=C3=A1draig=20Brady?= +Date: Wed, 15 Jan 2025 17:42:55 +0000 +Subject: [PATCH] tac: avoid out of bounds access + +This was flagged on CheriBSD on ARM Morello with the error: +"In-address space security exception (core dumped)" +triggered with: tac -s '' /dev/null + +* src/tac.c (main): Ensure we don't read beyond the +end of the supplied optarg. + +Reference:https://github.com/coreutils/coreutils/commit/d60e550ed0ba67455a5952fe8adf27dacf47e680 +Conflict:NA + +--- + src/tac.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/tac.c b/src/tac.c +index e4aac77fe..f086f5345 100644 +--- a/src/tac.c ++++ b/src/tac.c +@@ -553,7 +553,7 @@ main (int argc, char **argv) + G_buffer = xmalloc (G_buffer_size); + if (sentinel_length) + { +- memcpy (G_buffer, separator, sentinel_length + 1); ++ memcpy (G_buffer, separator, sentinel_length + !!*separator); + G_buffer += sentinel_length; + } + else +-- +2.43.0 + diff --git a/backport-yes-avoid-failure-on-CHERI-protected-systems.patch b/backport-yes-avoid-failure-on-CHERI-protected-systems.patch new file mode 100644 index 0000000..7ddbf70 --- /dev/null +++ b/backport-yes-avoid-failure-on-CHERI-protected-systems.patch @@ -0,0 +1,36 @@ +From 261f13bcf84a6f7a3241bab48c074879db789fca Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?P=C3=A1draig=20Brady?= +Date: Wed, 15 Jan 2025 22:08:07 +0000 +Subject: [PATCH] yes: avoid failure on CHERI protected systems + +* src/yes.c (main): Don't reuse the argv array as CHERI's +capability bounds do not allow for that, failing like: + $ yes $(seq 156) | head -n1 + In-address space security exception (core dumped) + +Reference:https://github.com/coreutils/coreutils/commit/261f13bcf84a6f7a3241bab48c074879db789fca +Conflict:NA + +--- + src/yes.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/src/yes.c b/src/yes.c +index 396618cb5..ceb7ce447 100644 +--- a/src/yes.c ++++ b/src/yes.c +@@ -96,6 +96,11 @@ main (int argc, char **argv) + reuse_operand_strings = false; + } + ++#if defined __CHERI__ ++ /* Cheri capability bounds do not allow for this. */ ++ reuse_operand_strings = false; ++#endif ++ + /* Fill the buffer with one copy of the output. If possible, reuse + the operands strings; this wins when the buffer would be large. */ + char *buf = reuse_operand_strings ? *operands : xmalloc (bufalloc); +-- +2.43.0 + diff --git a/coreutils.spec b/coreutils.spec index e792c2d..66d828c 100644 --- a/coreutils.spec +++ b/coreutils.spec @@ -1,6 +1,6 @@ Name: coreutils Version: 9.5 -Release: 7 +Release: 8 License: GPLv3+ Summary: A set of basic GNU tools commonly used in shell scripts Url: https://www.gnu.org/software/coreutils/ @@ -32,6 +32,10 @@ patch17: backport-shuf-fix-randomness-bug.patch patch18: backport-chroot-whoami-use-uintmax_t-for-printing-uids.patch patch19: backport-tail-avoid-infloop-with-c-on-dev-zero.patch patch20: backport-head-fix-overflows-in-elide_tail_bytes_pipe.patch +Patch21: backport-numfmt-don-t-require-a-suffix-with-from-iec-i.patch +patch22: backport-sort-fix-debug-buffer-overrun.patch +patch23: backport-tac-avoid-out-of-bounds-access.patch +Patch24: backport-yes-avoid-failure-on-CHERI-protected-systems.patch Patch9001: coreutils-9.5-sw.patch @@ -161,6 +165,13 @@ popd %{_mandir}/man*/* %changelog +* Wed Mar 05 2025 hugel - 9.5-8 +- sync patches from community +- add backport-numfmt-don-t-require-a-suffix-with-from-iec-i.patch + backport-sort-fix-debug-buffer-overrun.patch + backport-tac-avoid-out-of-bounds-access.patch + backport-yes-avoid-failure-on-CHERI-protected-systems.patch + * Thu Nov 28 2024 huyubiao - 9.5-7 - sync patches from community - add backport-head-fix-overflows-in-elide_tail_bytes_pipe.patch -- Gitee