Accepting request 226325 from Base:System

- Add upstream patch (gnu#16855):
  * coreutils-shuf-repeat-avoid-crash-when-input-empty.patch: Add
  patch for shuf: with -r, don't dump core if the input is empty.

- Add upstream patch (gnu#16872):
  * coreutils-date-avoid-crash-in-TZ-parsing.patch: Add patch for
  date: fix crash or infinite loop when parsing a malformed TZ="".

- Add upstream patch (gnu#17010):
  * coreutils-ln-avoid-segfault-for-empty-target.patch: Add patch
  to avoid that ln(1) segfaults for an empty, relative target.

OBS-URL: https://build.opensuse.org/request/show/226325
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/coreutils?expand=0&rev=102
This commit is contained in:
Stephan Kulow 2014-03-18 12:37:01 +00:00 committed by Git OBS Bridge
commit 3b929cdf24
7 changed files with 384 additions and 0 deletions

View File

@ -0,0 +1,154 @@
Port upstream fix for date(1), to be removed with v8.23:
date could crash or go into an infinite loop when parsing a malformed TZ="".
[bug introduced with the --date='TZ="" ..' parsing feature in coreutils-5.3.0]
This patch consists of 2 upstream commits:
http://git.sv.gnu.org/cgit/gnulib.git/commit/?id=a10acfb1d2
http://git.sv.gnu.org/cgit/coreutils.git/commit/?id=a4faa6a0a3
While the former commit in gnulib actually fixes the issue (and adds a test
there), the latter commit in upstream coreutils pulls in that change from
gnulib and adds a test for the previously crashing date(1) command.
-----------------------------------------------
commit a10acfb1d2118f9a180181d3fed5399dbbe1df3c
Author: Pádraig Brady <P@draigBrady.com>
Date: Tue Feb 25 10:58:48 2014 +0000
parse-datetime: fix crash or infloop in TZ="" parsing
This was reported in http://bugs.gnu.org/16872
from the coreutils command: date -d 'TZ="""'
The infinite loop for this case was present since the
initial TZ="" parsing support in commit de95bdc2 29-10-2004.
This was changed to a crash or heap corruption depending
on the platform with commit 2e3e4195 18-01-2010.
* lib/parse-datetime.y (parse_datetime): Break out of the
TZ="" parsing loop once the second significant " is found.
Also skip over any subsequent whitespace to be consistent
with the non TZ= case.
* tests/test-parse-datetime.c: Add test cases for TZ="" parsing.
Omit the NEWS entry from the original patch.
-----------------------------------------------
commit a4faa6a0a3ae93c01d036d830ae7a21b74913baf
Author: Pádraig Brady <P@draigBrady.com>
Date: Thu Feb 27 23:43:34 2014 +0000
date: fix crash or infinite loop when parsing a malformed TZ=""
* gnulib: Update to incorporate the fix.
This is the only change in this gnulib update.
* tests/misc/date.pl: Add a test for this case.
Fixes http://bugs.gnu.org/16872
Omit the NEWS entry from the original patch.
---
gnulib-tests/test-parse-datetime.c | 16 ++++++++++++++++
lib/parse-datetime.c | 7 +++++--
lib/parse-datetime.y | 7 +++++--
tests/misc/date.pl | 7 +++++++
4 files changed, 33 insertions(+), 4 deletions(-)
Index: lib/parse-datetime.y
===================================================================
--- lib/parse-datetime.y.orig
+++ lib/parse-datetime.y
@@ -1303,8 +1303,6 @@ parse_datetime (struct timespec *result,
char tz1buf[TZBUFSIZE];
bool large_tz = TZBUFSIZE < tzsize;
bool setenv_ok;
- /* Free tz0, in case this is the 2nd or subsequent time through. */
- free (tz0);
tz0 = get_tz (tz0buf);
z = tz1 = large_tz ? xmalloc (tzsize) : tz1buf;
for (s = tzbase; *s != '"'; s++)
@@ -1316,7 +1314,12 @@ parse_datetime (struct timespec *result,
if (!setenv_ok)
goto fail;
tz_was_altered = true;
+
p = s + 1;
+ while (c = *p, c_isspace (c))
+ p++;
+
+ break;
}
}
Index: lib/parse-datetime.c
===================================================================
--- lib/parse-datetime.c.orig
+++ lib/parse-datetime.c
@@ -3207,8 +3207,6 @@ parse_datetime (struct timespec *result,
char tz1buf[TZBUFSIZE];
bool large_tz = TZBUFSIZE < tzsize;
bool setenv_ok;
- /* Free tz0, in case this is the 2nd or subsequent time through. */
- free (tz0);
tz0 = get_tz (tz0buf);
z = tz1 = large_tz ? xmalloc (tzsize) : tz1buf;
for (s = tzbase; *s != '"'; s++)
@@ -3220,7 +3218,12 @@ parse_datetime (struct timespec *result,
if (!setenv_ok)
goto fail;
tz_was_altered = true;
+
p = s + 1;
+ while (c = *p, c_isspace (c))
+ p++;
+
+ break;
}
}
Index: tests/misc/date.pl
===================================================================
--- tests/misc/date.pl.orig
+++ tests/misc/date.pl
@@ -287,6 +287,13 @@ my @Tests =
{ERR => "date: invalid date '\\260'\n"},
{EXIT => 1},
],
+
+ # From coreutils-5.3.0 to 8.22 inclusive
+ # this would either infinite loop or crash
+ ['invalid-TZ-crash', "-d 'TZ=\"\"\"'",
+ {ERR => "date: invalid date 'TZ=\"\"\"'\n"},
+ {EXIT => 1},
+ ],
);
# Repeat the cross-dst test, using Jan 1, 2005 and every interval from 1..364.
Index: gnulib-tests/test-parse-datetime.c
===================================================================
--- gnulib-tests/test-parse-datetime.c.orig
+++ gnulib-tests/test-parse-datetime.c
@@ -419,5 +419,21 @@ main (int argc _GL_UNUSED, char **argv)
starting with a high-bit-set byte would be treated like "0". */
ASSERT ( ! parse_datetime (&result, "\xb0", &now));
+ /* Exercise TZ="" parsing code. */
+ /* These two would infloop or segfault before Feb 2014. */
+ ASSERT ( ! parse_datetime (&result, "TZ=\"\"\"", &now));
+ ASSERT ( ! parse_datetime (&result, "TZ=\"\" \"", &now));
+ /* Exercise invalid patterns. */
+ ASSERT ( ! parse_datetime (&result, "TZ=\"", &now));
+ ASSERT ( ! parse_datetime (&result, "TZ=\"\\\"", &now));
+ ASSERT ( ! parse_datetime (&result, "TZ=\"\\n", &now));
+ ASSERT ( ! parse_datetime (&result, "TZ=\"\\n\"", &now));
+ /* Exercise valid patterns. */
+ ASSERT ( parse_datetime (&result, "TZ=\"\"", &now));
+ ASSERT ( parse_datetime (&result, "TZ=\"\" ", &now));
+ ASSERT ( parse_datetime (&result, " TZ=\"\"", &now));
+ ASSERT ( parse_datetime (&result, "TZ=\"\\\\\"", &now));
+ ASSERT ( parse_datetime (&result, "TZ=\"\\\"\"", &now));
+
return 0;
}

View File

@ -0,0 +1,75 @@
Port upstream commit, to be removed with v8.23:
http://git.sv.gnu.org/cgit/coreutils.git/commit/?id=0093ac8d57
ln: with -sr, don't segfault for a TARGET of ''
ln -sr '' F no longer segfaults. Now works as expected.
[bug introduced with the --relative feature in coreutils-8.16]
The changes in NEWS and THANKS.in in the original patch have been omitted.
-----------------------------------------------
commit 0093ac8d57a0f1a16fd09d98f6a524dddb6053e7
Author: Jim Meyering <meyering@fb.com>
Date: Thu Mar 13 17:05:04 2014 -0700
ln: with -sr, don't segfault for a TARGET of ''
Prior to this change, "ln -sr '' F" would segfault, attempting
to read path2[1] in relpath.c's path_common_prefix function.
This problem arises whenever canonicalize_filename_mode returns
NULL.
* src/ln.c (convert_abs_rel): Call relpath only when
both canonicalize_filename_mode calls return non-NULL.
* tests/ln/relative.sh: Add a test to trigger this failure.
Reported by Erik Bernstein in 739752@bugs.debian.org.
Fixes http://bugs.gnu.org/17010.
---
src/ln.c | 16 ++++++++++------
tests/ln/relative.sh | 5 +++++
2 files changed, 15 insertions(+), 6 deletions(-)
Index: src/ln.c
===================================================================
--- src/ln.c.orig
+++ src/ln.c
@@ -139,13 +139,17 @@ convert_abs_rel (const char *from, const
char *realdest = canonicalize_filename_mode (targetdir, CAN_MISSING);
char *realfrom = canonicalize_filename_mode (from, CAN_MISSING);
- /* Write to a PATH_MAX buffer. */
- char *relative_from = xmalloc (PATH_MAX);
-
- if (!relpath (realfrom, realdest, relative_from, PATH_MAX))
+ char *relative_from = NULL;
+ if (realdest && realfrom)
{
- free (relative_from);
- relative_from = NULL;
+ /* Write to a PATH_MAX buffer. */
+ relative_from = xmalloc (PATH_MAX);
+
+ if (!relpath (realfrom, realdest, relative_from, PATH_MAX))
+ {
+ free (relative_from);
+ relative_from = NULL;
+ }
}
free (targetdir);
Index: tests/ln/relative.sh
===================================================================
--- tests/ln/relative.sh.orig
+++ tests/ln/relative.sh
@@ -45,4 +45,9 @@ mkdir web
ln -sr latest web/latest
test $(readlink web/latest) = '../release2' || fail=1
+# Expect this to fail with exit status 1, or to succeed quietly (freebsd).
+# Prior to coreutils-8.23, it would segfault.
+ln -sr '' F
+case $? in [01]) ;; *) fail=1;; esac
+
Exit $fail

View File

@ -0,0 +1,85 @@
Port upstream fix for shuf, to be removed with v8.23:
shuf --repeat no longer dumps core if the input is empty.
[bug introduced with the --repeat feature in coreutils-8.22]
This patch squashes these 2 upstream commits:
http://git.sv.gnu.org/cgit/coreutils.git/commit/?id=9f60f37a28
http://git.sv.gnu.org/cgit/coreutils.git/commit/?id=5475e6083f
While the former implements the actual fix for the problem,
the latter only changes the new error diagnostic. The change in the
NEWS entry in the latter patch is not visible in the following patch
because that hunk is omitted; however, that corrected NEWS entry is
above.
-----------------------------------------------
commit 9f60f37a28c37acb66aa38003ccaa07f13abbd9d
Author: Paul Eggert <eggert@cs.ucla.edu>
Date: Sun Feb 23 15:34:48 2014 -0800
shuf: with -r, don't dump core if the input is empty
Problem reported by valiant xiao in <http://bugs.gnu.org/16855>.
* src/shuf.c (main): With -r, report an error if the input is empty.
* tests/misc/shuf.sh: Test for the bug.
-----------------------------------------------
commit 5475e6083f46a2f9f7ccf4173f391bf518421523
Author: Bernhard Voelker <mail@bernhard-voelker.de>
Date: Wed Feb 26 08:36:50 2014 +0100
shuf: convert error diagnostic to lowercase
* src/shuf.c (main): s/No/no/, introduced by commit v8.22-25-g9f60f37.
Prompted by the syntax-check rule sc_error_message_uppercase
---
src/shuf.c | 15 +++++++++++----
tests/misc/shuf.sh | 4 ++++
2 files changed, 15 insertions(+), 4 deletions(-)
Index: src/shuf.c
===================================================================
--- src/shuf.c.orig
+++ src/shuf.c
@@ -576,11 +576,18 @@ main (int argc, char **argv)
/* Generate output according to requested method */
if (repeat)
{
- if (input_range)
- i = write_random_numbers (randint_source, head_lines,
- lo_input, hi_input, eolbyte);
+ if (head_lines == 0)
+ i = 0;
else
- i = write_random_lines (randint_source, head_lines, line, n_lines);
+ {
+ if (n_lines == 0)
+ error (EXIT_FAILURE, 0, _("no lines to repeat"));
+ if (input_range)
+ i = write_random_numbers (randint_source, head_lines,
+ lo_input, hi_input, eolbyte);
+ else
+ i = write_random_lines (randint_source, head_lines, line, n_lines);
+ }
}
else
{
Index: tests/misc/shuf.sh
===================================================================
--- tests/misc/shuf.sh.orig
+++ tests/misc/shuf.sh
@@ -43,6 +43,10 @@ compare in out1 || { fail=1; echo "not a
t=$(shuf -e a b c d e | sort | fmt)
test "$t" = 'a b c d e' || { fail=1; echo "not a permutation" 1>&2; }
+# coreutils-8.22 dumps core.
+shuf -er
+test $? -eq 1 || fail=1
+
# Before coreutils-6.3, this would infloop.
# "seq 1860" produces 8193 (8K + 1) bytes of output.
seq 1860 | shuf > /dev/null || fail=1

View File

@ -1,3 +1,24 @@
-------------------------------------------------------------------
Sun Mar 16 20:38:48 UTC 2014 - mail@bernhard-voelker.de
- Add upstream patch (gnu#16855):
* coreutils-shuf-repeat-avoid-crash-when-input-empty.patch: Add
patch for shuf: with -r, don't dump core if the input is empty.
-------------------------------------------------------------------
Sun Mar 16 19:28:34 UTC 2014 - mail@bernhard-voelker.de
- Add upstream patch (gnu#16872):
* coreutils-date-avoid-crash-in-TZ-parsing.patch: Add patch for
date: fix crash or infinite loop when parsing a malformed TZ="".
-------------------------------------------------------------------
Sun Mar 16 16:00:15 UTC 2014 - mail@bernhard-voelker.de
- Add upstream patch (gnu#17010):
* coreutils-ln-avoid-segfault-for-empty-target.patch: Add patch
to avoid that ln(1) segfaults for an empty, relative target.
-------------------------------------------------------------------
Mon Feb 24 14:59:35 CET 2014 - pth@suse.de

View File

@ -131,6 +131,17 @@ Patch303: coreutils-tests-shorten-extreme-factor-tests.patch
# tests: avoid test framework failure if the file system lacks ACL support
Patch304: coreutils-test-avoid-FP-when-no-ACL-support.patch
# Port upstream patch, to be removed with v8.23:
# ln: with -sr, don't segfault for a TARGET of ''
Patch305: coreutils-ln-avoid-segfault-for-empty-target.patch
# Upstream patch for date(1), to be removed with v8.23:
Patch306: coreutils-date-avoid-crash-in-TZ-parsing.patch
# Upstream patch for shuf(1), to be removed with v8.23:
# shuf --repeat no longer dumps core if the input is empty.
Patch307: coreutils-shuf-repeat-avoid-crash-when-input-empty.patch
# ================================================
%description
These are the GNU core utilities. This package is the union of
@ -172,6 +183,9 @@ the GNU fileutils, sh-utils, and textutils packages.
%patch302
%patch303
%patch304
%patch305
%patch306
%patch307
#???## We need to statically link to gmp, otherwise we have a build loop
#???#sed -i s,'$(LIB_GMP)',%%{_libdir}/libgmp.a,g Makefile.in

View File

@ -1,3 +1,24 @@
-------------------------------------------------------------------
Sun Mar 16 20:38:48 UTC 2014 - mail@bernhard-voelker.de
- Add upstream patch (gnu#16855):
* coreutils-shuf-repeat-avoid-crash-when-input-empty.patch: Add
patch for shuf: with -r, don't dump core if the input is empty.
-------------------------------------------------------------------
Sun Mar 16 19:28:34 UTC 2014 - mail@bernhard-voelker.de
- Add upstream patch (gnu#16872):
* coreutils-date-avoid-crash-in-TZ-parsing.patch: Add patch for
date: fix crash or infinite loop when parsing a malformed TZ="".
-------------------------------------------------------------------
Sun Mar 16 16:00:15 UTC 2014 - mail@bernhard-voelker.de
- Add upstream patch (gnu#17010):
* coreutils-ln-avoid-segfault-for-empty-target.patch: Add patch
to avoid that ln(1) segfaults for an empty, relative target.
-------------------------------------------------------------------
Mon Feb 24 14:59:35 CET 2014 - pth@suse.de

View File

@ -131,6 +131,17 @@ Patch303: coreutils-tests-shorten-extreme-factor-tests.patch
# tests: avoid test framework failure if the file system lacks ACL support
Patch304: coreutils-test-avoid-FP-when-no-ACL-support.patch
# Port upstream patch, to be removed with v8.23:
# ln: with -sr, don't segfault for a TARGET of ''
Patch305: coreutils-ln-avoid-segfault-for-empty-target.patch
# Upstream patch for date(1), to be removed with v8.23:
Patch306: coreutils-date-avoid-crash-in-TZ-parsing.patch
# Upstream patch for shuf(1), to be removed with v8.23:
# shuf --repeat no longer dumps core if the input is empty.
Patch307: coreutils-shuf-repeat-avoid-crash-when-input-empty.patch
# ================================================
%description
These are the GNU core utilities. This package is the union of
@ -172,6 +183,9 @@ the GNU fileutils, sh-utils, and textutils packages.
%patch302
%patch303
%patch304
%patch305
%patch306
%patch307
#???## We need to statically link to gmp, otherwise we have a build loop
#???#sed -i s,'$(LIB_GMP)',%%{_libdir}/libgmp.a,g Makefile.in