1
0
mirror of git://git.sv.gnu.org/coreutils.git synced 2026-04-20 02:36:16 +02:00
Commit Graph

31368 Commits

Author SHA1 Message Date
Pádraig Brady
b3fe24213e cksum: use more defensive escaping for --check
cksum --check is often the first interaction
users have with possibly untrusted downloads, so we should try
to be as defensive as possible when processing it.

Specifically we currently only escape \n characters in file names
presented in checksum files being parsed with cksum --check.
This gives some possibilty of dumping arbitrary data to the terminal
when checking downloads from an untrusted source.
This change gives these advantages:

  1. Avoids dumping arbitrary data to vulnerable terminals
  2. Avoids visual deception with ansi codes hiding checksum failures
  3. More secure if users copy and paste file names from --check output
  4. Simplifies programmatic parsing

Note this changes programmatic parsing, but given the original
format was so awkward to parse, I expect that's extremely rare.
I was not able to find example in the wild at least.
To parse the new format from from shell, you can do something like:

  cksum -c checksums | while IFS= read -r line; do
    case $line in
      *': FAILED')
        filename=$(eval "printf '%s' ${line%: FAILED}")
        cp -v "$filename" /quarantine
        ;;
    esac
  done

This change also slightly reduces the size of the sum(1) utility.
This change also apples to md5sum, sha*sum, and b2sum.

* src/cksum.c (digest_check): Call quotef() instead of
cksum(1) specific quoting.
* tests/cksum/md5sum-bsd.sh: Adjust accordingly.
* doc/coreutils.texi (cksum general options): Describe the
shell quoting used for problematic file names.
* NEWS: Mention the change in behavior.
Reported by: Aaron Rainbolt
2026-03-04 22:17:39 +00:00
Pádraig Brady
e24372e6d0 maint: tests: refactor uses of bad_unicode()
* init.cfg: Use 0xFF rather than 0xC3 everywhere.
* tests/fold/fold-characters.sh: Reuse bad_unicode().
* tests/tac/tac-locale.sh: Likewise.
2026-03-04 17:57:54 +00:00
Pádraig Brady
a85e9182b1 fold: fix output truncation with 0xFF bytes in input
On signed char platforms, 0xFF was converted to -1
which matches MBBUF_EOF, causing fold to stop processing.

* NEWS: Mention the bug fix.
* gl/lib/mbbuf.h: Avoid sign extension on signed char platforms.
* tests/fold/fold-characters.sh: Adjust test case.
Reported at https://src.fedoraproject.org/rpms/coreutils/pull-request/20
2026-03-04 17:45:57 +00:00
Sylvestre Ledru
6c6bb37e2f tests: date: add timezone conversion test
*tests/date/date.pl: Add the test case.
Add test case for https://github.com/uutils/coreutils/issues/10800
to verify `date -u -d '10:30 UTC-05'` converts to 15:30 UTC.
2026-03-04 13:22:46 +00:00
Sylvestre Ledru
452bf39162 tests: date: add edge cases for modifiers
* tests/date/date.pl: Add the test case.
Add test cases for https://github.com/uutils/coreutils/issues/10957
2026-03-04 13:20:33 +00:00
Sylvestre Ledru
8fe6d92989 tests: cut: add test case for newline delimiter with -s flag
* tests/cut/cut.pl: Add a new test case.
https://github.com/coreutils/coreutils/pull/211
2026-03-04 12:18:34 +00:00
oech3
3ba39c3c24 tests: mktemp: ensure mktemp does not depend on getrandom and ASLR
* tests/mktemp/mktemp-misc.sh: Add new test.
* tests/local.mk: Reference new test.
https://github.com/coreutils/coreutils/pull/206
2026-03-03 13:03:23 +00:00
Pádraig Brady
ddb2e72d79 maint: tests: decouple debug output determination
* tests/misc/warning-errors.sh: Simply check there is output
to stderr before checking that output induces an error.
2026-03-03 11:44:32 +00:00
Collin Funk
8177a9ac16 tests: avoid false test failure when using address sanitizer
* tests/misc/warning-errors.sh: Skip commands which have been built with
sanitizers, since standard error will not be closed and checked for
errors.
Reported by Bruno Haible.
2026-03-03 11:30:19 +00:00
Collin Funk
74d7018012 tests: avoid failure on systems without an optimized 'cksum' or 'wc -l'
* tests/misc/warning-errors.sh: Expect 'wc' and 'cksum' to exit
successfully if there is not an optimized 'wc -l' implementation or
CRC32 implementation.
Reported by Bruno Haible.
2026-03-02 22:31:24 -08:00
oech3
55c06e3ecb tests: shuf: ensure memory exhaustion is handled gracefully
* tests/shuf/shuf.sh: Ensure we exit 1 upon failure
to allocate memory.
https://github.com/uutils/coreutils/issues/11170
https://github.com/coreutils/coreutils/pull/209
2026-03-02 11:59:25 +00:00
Sylvestre Ledru
c75fff50f6 test: cp: add test for non-UTF8 directory names
Missing test identified here:
 https://github.com/uutils/coreutils/pull/11148

* tests/cp/non-utf8-name.sh: Add a new test to cover this case.
https://github.com/coreutils/coreutils/pull/207
2026-03-02 11:44:14 +00:00
Paul Eggert
69c0b63bea du: fflush after outputting a line
* src/du.c (print_size): Resurrect the fflush call, since there
can be significant delay between output lines.
2026-02-28 19:13:42 -08:00
Collin Funk
236df1fa6a tests: wc,du: add additional --files0-from test cases
* tests/wc/wc-files0-from.pl ($limits): New variable.
(@Tests): Prefer the error strings from getlimits over writing them by
hand. Add test cases for --files0-from listing missing files and
duplicate files.
* tests/du/files0-from.pl ($limits): New variable.
(@Tests): Prefer the error strings from getlimits over writing them by
hand. Add test cases for --files0-from listing missing files. Add tests
for --files0-from listing duplicate files with and without the -l option
also in use.
2026-02-28 18:36:34 -08:00
Collin Funk
3685407e91 build: update gnulib submodule to latest
* po/POTFILES.in: Remove recently added lib/cygpath.c dependency after
gnulib commit 2a893de047 (filesystem-remote: New module., 2026-02-28).
2026-02-28 14:37:56 -08:00
Sylvestre Ledru
826c15a330 tests: ls: treat invalid UTF-8 paths starting with a dot as hidden
* tests/ls/non-utf8-hidden.sh: Add the test case.
https://github.com/uutils/coreutils/pull/11135
https://github.com/coreutils/coreutils/pull/202
2026-02-28 20:18:57 +00:00
Sylvestre Ledru
f124c3a156 tests: ln: verify that -f and -i override each other
Identified here:
<https://github.com/uutils/coreutils/pull/11129>

* tests/ln/misc.sh: Add the check.
 https://github.com/coreutils/coreutils/pull/199
2026-02-28 17:09:42 +00:00
Sylvestre Ledru
a9808f24a0 test: ln: verify backup suffix path traversal prevention
missing test detected thanks to:
https://github.com/uutils/coreutils/pull/11149

* tests/ln/backup-suffix-traversal.sh: Add a test.
https://github.com/coreutils/coreutils/pull/208
2026-02-28 17:05:24 +00:00
Pádraig Brady
30600f9881 maint: fix typo in previous test
* tests/shuf/shuf.sh: Use non varying $ret rather than $?
2026-02-28 16:36:49 +00:00
oech3
05443ce670 tests: shuf: ensure we handle unsupported getrandom syscall gracefully
* tests/shuf/shuf.sh: Check we fail normally or succeed where
the getrandom syscall is not available.
https://github.com/coreutils/coreutils/pull/205
2026-02-28 12:16:25 +00:00
Pádraig Brady
46aef09d64 build: update gnulib to latest
* NEWS: Mention the more encompassing remoteness check for df.
* po/POTFILES.in: Add new lib/cygpath.c dependency.
2026-02-28 12:16:23 +00:00
Collin Funk
09a5449ff2 du: avoid locking and flushing standard output
This results in a noticeable increase in performance:

    $ yes /dev/null | head -n 10000000 | tr '\n' '\0' \
        | time --format=%E ./src/du-prev -l --files0-from=- > /dev/null
    0:20.40
    $ yes /dev/null | head -n 10000000 | tr '\n' '\0' \
        | time --format=%E ./src/du -l --files0-from=- > /dev/null
    0:16.57

* src/du.c (print_size): Prefer putchar and fputs which may be unlocked
unlike printf. Prefer ferror to fflush.
2026-02-27 22:22:20 -08:00
Paul Eggert
d53203b316 stat: handle %%%N too
* src/stat.c (main): Fix incorrect counting of '%'s before 'N'.
* tests/stat/stat-fmt.sh: Test for the bug.
2026-02-27 16:50:36 -08:00
Paul Eggert
d41e1375cb id: avoid unnecessary buffer flushing
* src/groups.c (main):
* src/id.c (main, print_stuff):
Don’t flush stdout before testing for write error.
Do the test only when in a loop, as a one-shot will
test for write error soon anyway.
2026-02-27 16:18:32 -08:00
Paul Eggert
02983e4935 cksum: prefer signed int
* src/cksum.c (min_digest_line_length, digest_hex_bytes)
(digest_length, md5_sum_stream, sha1_sum_stream)
(sha224_sum_stream, sha256_sum_stream, sha384_sum_stream)
(sha512_sum_stream, sha2_sum_stream, sha3_sum_stream)
(blake2b_sum_stream, sm3_sum_stream, problematic_chars)
(filename_unescape, valid_digits, bsd_split_3)
(algorithm_from_tag, split_3, digest_file, output_file)
(b64_equal, hex_equal, digest_check, main):
* src/cksum_avx2.c (cksum_avx2):
* src/cksum_avx512.c (cksum_avx512):
* src/cksum_crc.c (cksum_fp_t, cksum_slice8, crc_sum_stream)
(crc32b_sum_stream, output_crc):
* src/cksum_pclmul.c (cksum_pclmul):
* src/cksum_vmull.c (cksum_vmull):
* src/sum.c (bsd_sum_stream, sysv_sum_stream, output_bsd, output_sysv):
Prefer signed to unsigned int where either will do.
This allows better checking with -fsanitize=undefined.
It should also help simplify future patches, so that they
needn’t worry whether comparisons like ‘i < len - 2’ will misbehave.
2026-02-27 16:18:32 -08:00
Collin Funk
803bfa01e1 stat: don't check QUOTING_STYLE when --printf %%N is used
* NEWS: Mention the fix.
* src/stat.c (main): Only check QUOTING_STYLE if there is a %N that is
not preceded by a percentage sign.
* tests/stat/stat-fmt.sh: Add some test cases.
2026-02-26 21:20:37 -08:00
Collin Funk
4195e36664 id: promptly diagnose write errors
* NEWS: Mention the improvement.
* src/id.c (print_stuff): Call fflush for each listed user to check for
write errors.
* tests/misc/io-errors.sh: Add an invocation of 'id'.
2026-02-26 19:07:21 -08:00
Collin Funk
80b229be71 groups: promptly diagnose write errors
* NEWS: Mention the improvement.
* src/groups.c (main): Call fflush for each listed user to check for
write errors.
* tests/misc/io-errors.sh: Add an invocation of 'groups'.
2026-02-26 19:05:32 -08:00
Pádraig Brady
224588ce47 tests: ensure failure to write warnings is handled gracefully
* tests/misc/warning-errors.sh: Add a new test to ensure
failure to write warnings is diagnosed in the exit status.
* tests/local.mk: Reference the new test.
2026-02-26 20:13:41 +00:00
oech3
ba0a1dc28e tests: shuf: ensure randomization doesn't depend solely on ASLR
* tests/shuf/shuf.sh: Use setarch --addr-no-randomize to disable
ASLR, and show the output is still random.
https://github.com/coreutils/coreutils/pull/198
2026-02-26 15:55:07 +00:00
Pádraig Brady
724253d9b7 maint: fix description of tests/misc/io-errors.sh
* tests/misc/io-errors.sh: Promptness is checked in
write-errors.sh, not this test.
2026-02-26 12:47:34 +00:00
oech3
d0a2b73c3c tests: nice: ensure a particular adjustment is disallowed
* tests/nice/nice-fail.sh: Ensure "1+2-3" is disallowed.
https://github.com/coreutils/coreutils/pull/197
2026-02-25 15:00:46 +00:00
Pádraig Brady
f06beebd34 tests: factor,numfmt: verify embedded NUL handling
* tests/factor/factor.pl: Verify that embedded NULs
on stdin terminate the _number_.
* tests/numfmt/numfmt.p: Verify that embedded NULs
on stdin terminate the _line_.
https://github.com/coreutils/coreutils/pull/196
2026-02-25 14:52:57 +00:00
Pádraig Brady
8fab3c6d30 tests: fix "Hangup" termination of non-interactive runs
This avoids the test harness being terminated like:
  make[1]: *** [Makefile:24419: check-recursive] Hangup
  make[3]: *** [Makefile:24668: check-TESTS] Hangup
  make: *** [Makefile:24922: check] Hangup
  make[2]: *** [Makefile:24920: check-am] Hangup
  make[4]: *** [Makefile:24685: tests/misc/usage_vs_refs.log] Error 129
  ...

This happened sometimes when the tests were being run non interactively.
For example when run like:

  setsid make TESTS="tests/timeout/timeout.sh \
   tests/tail/overlay-headers.sh" SUBDIRS=. -j2 check

Note the race window can be made bigger by adding a sleep
after tail is stopped in overlay-headers.sh

The race can trigger the kernel to induce its job control
mechanism to prevent stuck processes.
I.e. where it sends SIGHUP + SIGCONT to a process group
when it determines that group may become orphaned,
and there are stopped processes in that group.

* tests/tail/overlay-headers.sh: Use setsid(1) to keep the stopped
tail process in a separate process group, thus avoiding any kernel
job control protection mechanism.
* tests/timeout/timeout.sh: Use setsid(1) to avoid the kernel
checking the main process group when sleep(1) is reparented.
Fixes https://bugs.gnu.org/80477
2026-02-24 19:25:58 +00:00
Collin Funk
7002e025de doc: tee: avoid the use of gpg cleartext signatures in an example
Cleartext signatures have many gotchas. Therefore, the use of detached
signatures is recommended where possible. See:
<https://gnupg.org/blog/20251226-cleartext-signatures.html>.

* doc/coreutils.texi (tee invocation): Adjust gpg invocation to produce
a detached signature.
2026-02-23 10:35:21 -08:00
oech3
3f07c764b6 tests: whoami, logname: verify error handling
* tests/df/no-mtab-status-masked-proc.sh: Tweak unshare check.
* tests/local.mk: Reference new test.
* tests/misc/user.sh: Add new test using unshare -U, to verify
that whoami and logname diagnose failure correctly.
https://github.com/coreutils/coreutils/pull/195
2026-02-23 13:06:19 +00:00
Collin Funk
6ad189d87b doc: stty: mention the -g does not save the terminal window size
* doc/coreutils.texi (stty invocation): Mention that 'stty -g' does not
save the terminal window size as allowed by POSIX.1-2024.
2026-02-21 23:33:56 -08:00
Collin Funk
c057266f15 tests: shuf: check that write errors are promptly diagnosed
* tests/misc/write-errors.sh: Add a shuf invocation that would run
forever if write errors weren't diagnosed.
2026-02-21 20:16:43 -08:00
Collin Funk
89735ea830 shuf: avoid locking standard output when using --input-range
Here is the throughput before this patch:

    # write_permuted_numbers
    $ ./src/shuf-prev -i 0-100000000 | pv -r > /dev/null
    [ 153MiB/s]

    # write_random_numbers
    $ timeout 10 ./src/shuf-prev -i 0-100000 -r | pv -r > /dev/null
    [78.6MiB/s]

Here is the throughput after this patch:

    # write_permuted_numbers
    $ timeout 10 ./src/shuf -i 0-100000000 | pv -r > /dev/null
    [ 308MiB/s]

    # write_random_numbers
    $ timeout 10 ./src/shuf -i 0-100000 -r | pv -r > /dev/null
    [ 196MiB/s]

* NEWS: Mention the performance improvement.
* src/shuf.c (write_permuted_numbers, write_random_numbers): Prefer
fputs and fputc which may be unlocked over printf which locks standard
output.
2026-02-21 19:20:07 -08:00
Collin Funk
d233ebd7d9 tests: chmod: test that chmod(2) is always called
* tests/chmod/only-op.sh: New file.
* tests/local.mk (all_test): Add the new test.
2026-02-20 21:37:42 -08:00
Collin Funk
992da4574a maint: printf: prefer static initialization
* src/printf.c (main): Remove unnecessary initialization.
2026-02-19 21:42:35 -08:00
Collin Funk
395fcca795 maint: fmt: prefer static initialization
* src/fmt.c (prefix, max_width): Initialize variables.
(main): Remove unnecessary initializations.
2026-02-19 21:40:44 -08:00
Collin Funk
6bf6d52e54 maint: sort: prefer static initialization
* src/sort.c (main): Remove unnecessary initialization.
2026-02-19 21:37:15 -08:00
Collin Funk
96e39300b1 maint: df: prefer static initialization
* src/df.c (human_output_opts, grand_fsu): Initialize variables.
(main): Remove unnecessary initializations.
2026-02-19 21:34:03 -08:00
Collin Funk
a24b3075c3 maint: split: prefer static initialization
* src/split.c (outbase, infile): Initialize variables.
(main): Remove unnecessary initializations.
2026-02-19 21:28:40 -08:00
Collin Funk
26c92a62c6 maint: tail: prefer static initialization
* src/tail.c (count_lines, line_end): Initialize variables.
(main): Remove unnecessary initializations.
2026-02-19 21:24:54 -08:00
Collin Funk
cc87809aae maint: csplit: prefer static initialization
* src/csplit.c (prefix, remove_files): Initialize variables.
(main): Remove unnecessary initializations.
2026-02-19 21:22:17 -08:00
Collin Funk
dc0baaf4de maint: comm: prefer static initialization
* src/comm.c (only_file_1, only_file_2, both): Initialize variables.
(main): Remove unnecessary initializations.
2026-02-19 21:18:41 -08:00
Collin Funk
ecf3f98eec maint: wc: prefer static initialization
* src/wc.c (main): Remove unnecessary initializations.
2026-02-19 21:11:27 -08:00
Collin Funk
85dde4c2d9 maint: tac: prefer static initialization
* src/tac.c (separator, separator_ends_record, sentinel_length):
Initialize variables.
(main): Remove unnecessary initializations.
2026-02-19 21:08:43 -08:00