diff --git a/backport-numfmt-don-t-require-a-suffix-with-from-iec-i.patch b/backport-numfmt-don-t-require-a-suffix-with-from-iec-i.patch new file mode 100644 index 0000000000000000000000000000000000000000..46a38a78b68b9481f9cdc63b69da31ccc01dd1d3 --- /dev/null +++ b/backport-numfmt-don-t-require-a-suffix-with-from-iec-i.patch @@ -0,0 +1,64 @@ +From 6229ac946e6ee36158db1a592279671d79a9737a Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?P=C3=A1draig=20Brady?= +Date: Mon, 30 Dec 2024 22:48:14 +0000 +Subject: [PATCH] numfmt: don't require a suffix with --from=iec-i + +* src/numfmt.c (simple_strtod_human): Only look for 'i' +after detecting a suffix. +* tests/misc/numfmt.pl: Add a test case. +* NEWS: Mention the bug fix. +Reported at https://bugs.debian.org/1091758 + +Reference:https://github.com/coreutils/coreutils/commit/6229ac946e6ee36158db1a592279671d79a9737a +Conflict:delete the NEWS. + +--- + src/numfmt.c | 15 +++++++-------- + tests/misc/numfmt.pl | 1 + + 2 files changed, 8 insertions(+), 8 deletions(-) + +diff --git a/src/numfmt.c b/src/numfmt.c +index a9f9e81c8..99c58aee1 100644 +--- a/src/numfmt.c ++++ b/src/numfmt.c +@@ -653,18 +653,17 @@ simple_strtod_human (char const *input_str, + devmsg (" Auto-scaling, found 'i', switching to base %d\n", + scale_base); + } ++ else if (allowed_scaling == scale_IEC_I) ++ { ++ if (**endptr == 'i') ++ (*endptr)++; ++ else ++ return SSE_MISSING_I_SUFFIX; ++ } + + *precision = 0; /* Reset, to select precision based on scale. */ + } + +- if (allowed_scaling == scale_IEC_I) +- { +- if (**endptr == 'i') +- (*endptr)++; +- else +- return SSE_MISSING_I_SUFFIX; +- } +- + long double multiplier = powerld (scale_base, power); + + devmsg (" suffix power=%d^%d = %Lf\n", scale_base, power, multiplier); +diff --git a/tests/misc/numfmt.pl b/tests/misc/numfmt.pl +index 94f9ec58e..148d9d80c 100755 +--- a/tests/misc/numfmt.pl ++++ b/tests/misc/numfmt.pl +@@ -41,6 +41,7 @@ my @Tests = + ['4', '--from=auto 1K', {OUT => "1000"}], + ['5', '--from=auto 1Ki', {OUT => "1024"}], + ['5.1', '--from=iec-i 1Ki', {OUT => "1024"}], ++ ['5.2', '--from=iec-i 1', {OUT => "1"}], + + ['6', {IN_PIPE => "1234\n"}, {OUT => "1234"}], + ['7', '--from=si', {IN_PIPE => "2K\n"}, {OUT => "2000"}], +-- +2.43.0 + diff --git a/backport-sort-fix-debug-buffer-overrun.patch b/backport-sort-fix-debug-buffer-overrun.patch new file mode 100644 index 0000000000000000000000000000000000000000..c3caa2e35940592d68bcbd87488e9b3e0094f548 --- /dev/null +++ b/backport-sort-fix-debug-buffer-overrun.patch @@ -0,0 +1,36 @@ +From e07161d4af89dbf82311ca396ac0916aa90b7301 Mon Sep 17 00:00:00 2001 +From: Paul Eggert +Date: Thu, 16 Jan 2025 09:20:45 -0800 +Subject: [PATCH] sort: fix --debug buffer overrun + +* src/sort.c (debug_key): Fix undefined behavior when a key ends +before it starts. Problem reported by Bruno Haible +. + +Reference:https://github.com/coreutils/coreutils/commit/e07161d4af89dbf82311ca396ac0916aa90b7301 +Conflict:NA + +--- + src/sort.c | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +diff --git a/src/sort.c b/src/sort.c +index 997566240..0928fd57c 100644 +--- a/src/sort.c ++++ b/src/sort.c +@@ -2669,7 +2669,11 @@ debug_key (struct line const *line, struct keyfield const *key) + if (key->sword != SIZE_MAX) + beg = begfield (line, key); + if (key->eword != SIZE_MAX) +- lim = limfield (line, key); ++ { ++ lim = limfield (line, key); ++ /* Treat field ends before field starts as empty fields. */ ++ lim = MAX (beg, lim); ++ } + + if ((key->skipsblanks && key->sword == SIZE_MAX) + || key->month || key_numeric (key)) +-- +2.43.0 + diff --git a/backport-tac-avoid-out-of-bounds-access.patch b/backport-tac-avoid-out-of-bounds-access.patch new file mode 100644 index 0000000000000000000000000000000000000000..68c5fd1e80936606c9dc9002f89170dc67b5a9cb --- /dev/null +++ b/backport-tac-avoid-out-of-bounds-access.patch @@ -0,0 +1,35 @@ +From d60e550ed0ba67455a5952fe8adf27dacf47e680 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?P=C3=A1draig=20Brady?= +Date: Wed, 15 Jan 2025 17:42:55 +0000 +Subject: [PATCH] tac: avoid out of bounds access + +This was flagged on CheriBSD on ARM Morello with the error: +"In-address space security exception (core dumped)" +triggered with: tac -s '' /dev/null + +* src/tac.c (main): Ensure we don't read beyond the +end of the supplied optarg. + +Reference:https://github.com/coreutils/coreutils/commit/d60e550ed0ba67455a5952fe8adf27dacf47e680 +Conflict:NA + +--- + src/tac.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/tac.c b/src/tac.c +index e4aac77fe..f086f5345 100644 +--- a/src/tac.c ++++ b/src/tac.c +@@ -676,7 +676,7 @@ main (int argc, char **argv) + G_buffer = xmalloc (G_buffer_size); + if (sentinel_length) + { +- memcpy (G_buffer, separator, sentinel_length + 1); ++ memcpy (G_buffer, separator, sentinel_length + !!*separator); + G_buffer += sentinel_length; + } + else +-- +2.43.0 + diff --git a/backport-yes-avoid-failure-on-CHERI-protected-systems.patch b/backport-yes-avoid-failure-on-CHERI-protected-systems.patch new file mode 100644 index 0000000000000000000000000000000000000000..cc1b7b25e4d4f5fecb2e3bd528d75532466fc073 --- /dev/null +++ b/backport-yes-avoid-failure-on-CHERI-protected-systems.patch @@ -0,0 +1,36 @@ +From 261f13bcf84a6f7a3241bab48c074879db789fca Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?P=C3=A1draig=20Brady?= +Date: Wed, 15 Jan 2025 22:08:07 +0000 +Subject: [PATCH] yes: avoid failure on CHERI protected systems + +* src/yes.c (main): Don't reuse the argv array as CHERI's +capability bounds do not allow for that, failing like: + $ yes $(seq 156) | head -n1 + In-address space security exception (core dumped) + +Reference:https://github.com/coreutils/coreutils/commit/261f13bcf84a6f7a3241bab48c074879db789fca +Conflict:NA + +--- + src/yes.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/src/yes.c b/src/yes.c +index 396618cb5..ceb7ce447 100644 +--- a/src/yes.c ++++ b/src/yes.c +@@ -97,6 +97,11 @@ main (int argc, char **argv) + reuse_operand_strings = false; + } + ++#if defined __CHERI__ ++ /* Cheri capability bounds do not allow for this. */ ++ reuse_operand_strings = false; ++#endif ++ + /* Fill the buffer with one copy of the output. If possible, reuse + the operands strings; this wins when the buffer would be large. */ + char *buf = reuse_operand_strings ? *operands : xmalloc (bufalloc); +-- +2.43.0 + diff --git a/coreutils.spec b/coreutils.spec index f08123f810527427e5de09343a6d01ee2f092486..e3e965326d86397d9a6bdeb85ff4236bb5a3289d 100644 --- a/coreutils.spec +++ b/coreutils.spec @@ -1,6 +1,6 @@ Name: coreutils Version: 8.32 -Release: 13 +Release: 14 License: GPLv3+ Summary: A set of basic GNU tools commonly used in shell scripts Url: https://www.gnu.org/software/coreutils/ @@ -52,6 +52,10 @@ Patch34: backport-coverity-utimens.patch Patch35: backport-fuse-portal.patch Patch36: backport-expr-unmatched-par.patch Patch37: backport-sort-don-t-trust-st_size-on-proc-files.patch +Patch38: backport-numfmt-don-t-require-a-suffix-with-from-iec-i.patch +Patch39: backport-sort-fix-debug-buffer-overrun.patch +Patch40: backport-tac-avoid-out-of-bounds-access.patch +Patch41: backport-yes-avoid-failure-on-CHERI-protected-systems.patch Conflicts: filesystem < 3 # To avoid clobbering installs @@ -170,6 +174,13 @@ fi %{_mandir}/man*/* %changelog +* Thu Mar 20 2025 wangjiang - 8.32-14 +- sync patches from community +- add backport-numfmt-don-t-require-a-suffix-with-from-iec-i.patch + backport-sort-fix-debug-buffer-overrun.patch + backport-tac-avoid-out-of-bounds-access.patch + backport-yes-avoid-failure-on-CHERI-protected-systems.patch + * Thu Jun 13 2024 yanglongkang - 8.32-13 - sort: don't trust st_size on /proc files