* src/md5sum.c (bsd_split_3): Return right away if s_len == 0.
* tests/misc/md5sum (bsd-segv): New test for the above.
* tests/misc/sha1sum (bsd-segv): Likewise.
* NEWS: Mention the bug fix.
Reported by Cristian Cadar, Daniel Dunbar and Dawson Engler.
ls no longer segfaults on files in /proc when linked with an older version
of libselinux. E.g., ls -l /proc/sys would dereference a NULL pointer.
+ md5sum would segfault for invalid BSD-style input, e.g.,
+ echo 'MD5 (' | md5sum -c - Now, md5sum ignores that line.
+ sha1sum, sha224sum, sha384sum, and sha512sum are affected, too.
+ [bug introduced in coreutils-5.1.0]
+
"mkdir -Z x dir" no longer segfaults when diagnosing invalid context "x"
mkfifo and mknod would fail similarly. Now they're fixed.
/* Compute MD5, SHA1, SHA224, SHA256, SHA384 or SHA512 checksum of files or strings
- Copyright (C) 1995-2007 Free Software Foundation, Inc.
+ Copyright (C) 1995-2008 Free Software Foundation, Inc.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
{
size_t i;
+ if (s_len == 0)
+ return false;
+
*file_name = s;
/* Find end of filename. The BSD 'md5' and 'sha1' commands do not escape
#!/bin/sh
# Basic tests for "md5sum".
-# Copyright (C) 1998, 1999, 2003, 2005, 2007 Free Software Foundation, Inc.
+# Copyright (C) 1998-1999, 2003, 2005, 2007-2008 Free Software Foundation, Inc.
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
require 5.003;
use strict;
-(my $program_name = $0) =~ s|.*/||;
+my $prog = 'md5sum';
# Turn off localisation of executable's ouput.
@ENV{qw(LANGUAGE LANG LC_ALL)} = ('C') x 3;
['check-bsd3', '--check', '--status',
{IN=> {'f.md5' => "MD5 (f) = $degenerate\n"}},
{AUX=> {f=> 'bar'}}, {EXIT=> 1}],
+ ['bsd-segv', '--check', {IN=> {'z' => "MD5 ("}}, {EXIT=> 1},
+ {ERR=> "$prog: z: no properly formatted MD5 checksum lines found\n"}],
);
# Insert the `--text' argument for each test.
my $save_temps = $ENV{DEBUG};
my $verbose = $ENV{VERBOSE};
-my $prog = 'md5sum';
-my $fail = run_tests ($program_name, $prog, \@Tests, $save_temps, $verbose);
+my $fail = run_tests ($prog, $prog, \@Tests, $save_temps, $verbose);
exit $fail;
EOF
#!/bin/sh
# Test "sha1sum".
-# Copyright (C) 2000, 2003, 2005-2007 Free Software Foundation, Inc.
+# Copyright (C) 2000, 2003, 2005-2008 Free Software Foundation, Inc.
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
require 5.003;
use strict;
-(my $program_name = $0) =~ s|.*/||;
+my $prog = 'sha1sum';
# Turn off localisation of executable's ouput.
@ENV{qw(LANGUAGE LANG LC_ALL)} = ('C') x 3;
['check-bsd3', '--check', '--status',
{IN=> {'f.sha1' => "SHA1 (f) = $sha_degenerate\n"}},
{AUX=> {f=> 'bar'}}, {EXIT=> 1}],
+ ['bsd-segv', '--check', {IN=> {'z' => "SHA1 ("}}, {EXIT=> 1},
+ {ERR=> "$prog: z: no properly formatted SHA1 checksum lines found\n"}],
);
# Insert the `--text' argument for each test.
my $save_temps = $ENV{DEBUG};
my $verbose = $ENV{VERBOSE};
-my $prog = 'sha1sum';
-my $fail = run_tests ($program_name, $prog, \@Tests, $save_temps, $verbose);
+my $fail = run_tests ($prog, $prog, \@Tests, $save_temps, $verbose);
exit $fail;
EOF