fix baseenc using wrong decoding buffer length

2023-11-23 17:43:47 +08:00 · 2023-11-23 17:43:47 +08:00 · 5865ed39bb
commit 5865ed39bb
parent e89bc37fc9
2 changed files with 71 additions and 1 deletions
--- a/0001-basenc-fix-bug49741-using-wrong-decoding-buffer-leng.patch
+++ b/0001-basenc-fix-bug49741-using-wrong-decoding-buffer-leng.patch
@ -0,0 +1,66 @@
 From 709d1f8253072804cc27189a6f2b873d8d563399 Mon Sep 17 00:00:00 2001
 From: Assaf Gordon <assafgordon@gmail.com>
 Date: Mon, 16 Aug 2021 15:03:36 -0600
 Subject: [PATCH] basenc: fix bug49741: using wrong decoding buffer length
 Emil Lundberg <lundberg.emil@gmail.com> reports in
 https://bugs.gnu.org/49741 about a 'basenc --base64 -d' decoding bug.
 The input buffer length was not divisible by 3, resulting in
 decoding errors.
 * NEWS: Mention fix.
 * src/basenc.c (DEC_BLOCKSIZE): Change from 1024*5 to 4200 (35*3*5*8)
 which is divisible by 3,4,5,8 - satisfying both base32 and base64;
 Use compile-time verify() macro to enforce the above.
 * tests/misc/basenc.pl: Add test.
 ---
 NEWS                 | 4 ++++
 src/basenc.c         | 4 +++-
 tests/misc/basenc.pl | 9 +++++++++
 3 files changed, 16 insertions(+), 1 deletion(-)
 diff --git a/src/basenc.c b/src/basenc.c
 index 19a7b0aad..f4ca87267 100644
 --- a/src/basenc.c
 +++ b/src/basenc.c
@@ -214,7 +214,9 @@ verify (DEC_BLOCKSIZE % 12 == 0);  /* So complete encoded blocks are used.  */
 /* Note that increasing this may decrease performance if --ignore-garbage
    is used, because of the memmove operation below.  */
 -# define DEC_BLOCKSIZE (1024*5)
 +# define DEC_BLOCKSIZE (4200)
 +verify (DEC_BLOCKSIZE % 40 == 0); /* complete encoded blocks for base32 */
 +verify (DEC_BLOCKSIZE % 12 == 0); /* complete encoded blocks for base64 */
 static int (*base_length) (int i);
 static bool (*isbase) (char ch);
 diff --git a/tests/misc/basenc.pl b/tests/misc/basenc.pl
 index 3383aaeef..ac5394731 100755
 --- a/tests/misc/basenc.pl
 +++ b/tests/misc/basenc.pl
@@ -37,6 +37,13 @@ my $base64url_out_nl = $base64url_out;
 $base64url_out_nl =~ s/(..)/\1\n/g; # add newline every two characters
 +# Bug 49741:
 +# The input  is 'abc' in base64, in an 8K buffer (larger than 1024*5,
 +# the buffer size which caused the bug).
 +my $base64_bug49741_in = "YWJj" x 2000 ;
 +my $base64_bug49741_out = "abc" x 2000 ;
 +
 +
 my $base32_in = "\xfd\xd8\x07\xd1\xa5";
 my $base32_out = "7XMAPUNF";
 my $x = $base32_out;
@@ -111,6 +118,8 @@ my @Tests =
  ['b64u_7', '--base64url -d',  {IN=>$base64_out},
   {EXIT=>1},  {ERR=>"$prog: invalid input\n"}],
 + ['b64_bug49741', '--base64 -d',  {IN=>$base64_bug49741_in},
 +  {OUT=>$base64_bug49741_out}],
 -- 
 2.42.0.windows.2
--- a/coreutils.spec
+++ b/coreutils.spec
@ -1,6 +1,6 @@
 Name:       coreutils
 Version:    8.32
-Release:    5
+Release:    6
 License:    GPLv3+
 Summary:    A set of basic GNU tools commonly used in shell scripts
 Url:        https://www.gnu.org/software/coreutils/
@ -37,6 +37,7 @@ Patch19:   backport-df-fix-duplicated-remote-entries-due-to-bind-mounts.patch
 Patch20:   backport-df-fix-memory-leak.patch
 Patch21:   backport-ls-avoid-triggering-automounts.patch
 Patch22:   backport-stat-only-automount-with-cached-never.patch
 Patch23:   0001-basenc-fix-bug49741-using-wrong-decoding-buffer-leng.patch
 Conflicts: filesystem < 3
 # To avoid clobbering installs
@ -155,6 +156,9 @@ fi
 %{_mandir}/man*/*
 %changelog
 * Thu Nov 23 2023 liningjie <liningjie@xfusion.com> - 8.32-6
 - fix baseenc using wrong decoding buffer length
 * Fri Oct 21 2022 jiangchuangang <jiangchuangang@huawei.com> - 8.32-5
 - backport some patches from upstream