* src/od.c (parse_old_offset): First arg is now char *,
not char const *. If a decimal number, temporarily
modify the string so that xstrtoumax does not complain
about the '.'.
* tests/od/od.pl: Test for the bug.
* src/od.c (print_n_spaces, pad_at, pad_at_overflow):
New static functions.
(struct tspec, PRINT_FIELDS, print_named_ascii, print_ascii)
(decode_one_format, write_block, main):
Use idx_t, not int, for counts that depend on the number
of bytes in an object.
(decode_one_format): Use print_n_spaces to output spaces.
(PRINT_FIELDS, print_named_ascii, print_ascii):
Use pad_at to avoid integer overflow.
(write_block): Do not use %*s to pad, as the total pad might
exceed INT_MAX. Instead, pad by hand with putchar (' ').
(main): Use pad_at_overflow to report integer overflow due to
oversize -w. Use better way to tell whether -w is used,
without needing IF_LINT.
* tests/od/big-w.sh: New test.
* tests/local.mk (all_tests): Add it.
* src/od.c (main): Don't pass LONGINT_OK to xstrtol_fatal(),
as otherwise it will abort().
* tests/od/od.pl: Add test cases.
* NEWS: Mention the bug fix.
Addresses https://bugs.gnu.org/78879
* src/od.c (dump_strings): There are three related issues here
due to not accounting for the terminating NUL char appropriately.
1. Ensure BUF always has enough space for the terminating NUL.
This avoids CWE-122: Heap-based Buffer Overflow,
where we wrote a single NUL byte directly after the allocated buffer.
I.e., there should be no buffer overflow with:
printf '%100s' | od -N100 -S1
2. Ensure we support -S == -N (END_OFFSET - STRING_MIN == ADDRESS):
I.e., there should be output with:
printf '%100s' | od -N10 -S10
3. Ensure we always output a valid address by ensuring
the ADDRESS and I variables are kept in sync.
I.e., this should output address 0000000 not 1777777777777777777777:
printf '%100s' | od -N10 -S1
As well as fixing these we simplify by using a single loop
to read the data, rather than two.
* doc/coreutils.texi (od invocation): Clarify that -N
implicitly NUL terminates strings.
* tests/od/od-N.sh: Add test cases.
* NEWS: Mention the bug fixes.
Fixes https://bugs.gnu.org/78880
Update to latest gnulib with new copyright year.
Run "make update-copyright" and then...
* gnulib: Update included in this commit as copyright years
are the only change from the previous gnulib commit.
* tests/init.sh: Sync with gnulib to pick up copyright year.
* bootstrap: Likewise.
* tests/sample-test: Adjust to use the single most recent year.
od was seen to abort() on glibc on ia64 and m68k with the error:
Fatal glibc error: printf_fp.c:501 (__printf_fp_buffer_1):
assertion failed:
cy == 1 || (p.frac[p.fracsize - 2] == 0 && p.frac[0] == 0)
* tests/od/od-multiple-t.sh: Avoid outputting long double floats
to avoid undefined behavior. 'float' and 'double' are standardized
by IEEE 754 (except on Linux/m68k) and don't have undefined values.
* configure.ac: Ensure the compiler can promote 16 bit floating point
types to float, before enabling that code in od. This was an issue
with clang 16 at least.
* src/od.c: Adjust for the new defines.
* tests/od/od-float.sh: Likewise. Also port to the dash shell,
whose inbuilt printf doesn't support hex escapes.
Update to latest gnulib with new copyright year.
Run "make update-copyright" and then...
* gnulib: Update included in this commit as copyright years
are the only change from the previous gnulib commit.
* tests/init.sh: Sync with gnulib to pick up copyright year.
* bootstrap: Manually update copyright year,
until we fully sync with gnulib at a later stage.
* tests/sample-test: Adjust to use the single most recent year.
* Transform all Makefile.am files so that when running "make check",
CU_TEST_NAME is set to the name of the test. This is so that when I
run valgrind-enabled (--log-file-qualifier=CU_TEST_NAME) "make check"
on the entire package it is more convenient to map a leak or error
found in a valgrind log file back to the offending test.
Use this command:
(echo tests/Makefile.am.in; find tests -name Makefile.am) \
|xargs perl -pi -e '/^(\s*)PATH=...VG_PATH_PREFIX/ and ' \
-e 'print $1,q|CU_TEST_NAME=`basename $(abs_srcdir)`,$$tst |,"\\\n"'
Remove from CVS, since ./bootstrap generates them automatically.
* .cvsignore: Add INSTALL, Makefile.in, *.cache, *.lineno, *.log.
Remove more-specific entries. This catches files like configure.lineno.
* man/.cvsignore: Add Makefile.in.
* src/.cvsignore: Add Makefile.in.
Remove .version, dir.c, install, mvdir, stamp-v, vdir.c, version.c.
For .cvsignore file under the tests directory:
Add Makefile.in. Sort entries if necessary. Remove *.I, *.E,
*.X, *.O, *-tests, build-script, mk-script if they're never
created in this directory.
* build-aux/.cvsignore: New file.
* doc/.cvsignore: Add Makefile.in, coreutils.html, coreutils.pdf,
coreutils.ps, coreutils.tps. Remove coreutils.cm (dunno what it
is, but the makefile doesn't mention it). Remove coreutils.info
as it is subsumed by coreutils.info*.
* lib/.cvsignore: Add Makefile.in, getdate.tab.h.
Remove stat.c, sysexit.h.
* m4/.cvsignore: Remove Makefile, dev-ino.m4, glibc2.m4, intdiv0.m4,
inttypes-h.m4, inttypes-pri.m4, jm-glibc-io.m4, lcmessage.m4,
lock.m4, printf-posix.m4, same-inode.m4, size_max.m4,
uintmax_t.m4, ulonglong.m4, visibility.m4, xsize.m4. Many of
these are put in automatically by ../bootstrap, but that's a
bootstrap bug that I plan to fix shortly.
* po/.cvsignore: More ../bootstrap-related fixes, plus remove old
cruft. Add *.po, LINGUAS, Makevars. Remove *.cat, *.msg,
cat-id-dbl.c, messages.mo, stamp-cat-id.
