From 9225dbfda44461828d349a0ce91c61bc032dbbf1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luk=C3=A1=C5=A1=20Zaoral?= Date: Thu, 31 Aug 2023 09:38:19 +0200 Subject: [PATCH 1/5] copy: reduce verbosity of -i and -u with --verbose Resolves: rhbz#2236321 --- ....3-reduce--iu-verbosity-with-verbose.patch | 141 ++++++++++++++++++ coreutils.spec | 9 +- 2 files changed, 149 insertions(+), 1 deletion(-) create mode 100644 coreutils-9.3-reduce--iu-verbosity-with-verbose.patch diff --git a/coreutils-9.3-reduce--iu-verbosity-with-verbose.patch b/coreutils-9.3-reduce--iu-verbosity-with-verbose.patch new file mode 100644 index 0000000..062944b --- /dev/null +++ b/coreutils-9.3-reduce--iu-verbosity-with-verbose.patch @@ -0,0 +1,141 @@ +From cc078f747f3db00e70b2ae2ad2ab34e8d54316d3 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?P=C3=A1draig=20Brady?= +Date: Tue, 25 Apr 2023 11:07:36 +0100 +Subject: [PATCH] copy: reduce verbosity of -i and -u with --verbose + +Since skipping of files is central to the operation of -i and -u, +and with -u one may be updating few files out of many, +reinstate the verbosity of this functionality as it was before 9.3. + +* src/copy.c (copy_internal): Only output "skipped" message +with --debug. Also adjust so message never changes with --debug. +* tests/cp/cp-i.sh: Adjust accordingly. +* tests/mv/mv-n.sh: Likewise. +* tests/cp/debug.sh: Add explicit test case for message. + +Cherry-picked-from: cc078f747f3db00e70b2ae2ad2ab34e8d54316d3 +Signed-off-by: Lukáš Zaoral +--- + src/copy.c | 6 +++--- + tests/cp/cp-i.sh | 9 ++++----- + tests/cp/debug.sh | 4 ++++ + tests/mv/mv-n.sh | 9 ++++----- + 4 files changed, 15 insertions(+), 13 deletions(-) + +diff --git a/src/copy.c b/src/copy.c +index 13d93324f..0dd059d2e 100644 +--- a/src/copy.c ++++ b/src/copy.c +@@ -2433,10 +2433,10 @@ copy_internal (char const *src_name, char const *dst_name, + skip: + if (skipped) + { +- if (x->verbose) +- printf (_("skipped %s\n"), quoteaf (dst_name)); +- else if (x->interactive == I_ALWAYS_NO) ++ if (x->interactive == I_ALWAYS_NO) + error (0, 0, _("not replacing %s"), quoteaf (dst_name)); ++ else if (x->debug) ++ printf (_("skipped %s\n"), quoteaf (dst_name)); + + return_now = true; + } +diff --git a/tests/cp/cp-i.sh b/tests/cp/cp-i.sh +index 4458b2edd..a9178a99e 100755 +--- a/tests/cp/cp-i.sh ++++ b/tests/cp/cp-i.sh +@@ -29,13 +29,12 @@ echo n | returns_ 1 cp -iR a b 2>/dev/null || fail=1 + # test miscellaneous combinations of -f -i -n parameters + touch c d || framework_failure_ + echo "'c' -> 'd'" > out_copy || framework_failure_ +-echo "skipped 'd'" > out_skip || framework_failure_ + echo "cp: not replacing 'd'" > err_skip || framework_failure_ + touch out_empty || framework_failure_ + + # ask for overwrite, answer no + echo n | returns_ 1 cp -vi c d 2>/dev/null > out1 || fail=1 +-compare out1 out_skip || fail=1 ++compare out1 out_empty || fail=1 + + # ask for overwrite, answer yes + echo y | cp -vi c d 2>/dev/null > out2 || fail=1 +@@ -47,7 +46,7 @@ compare out3 out_copy || fail=1 + + # -n wins over -i + echo y | returns_ 1 cp -vin c d 2>/dev/null > out4 || fail=1 +-compare out4 out_skip || fail=1 ++compare out4 out_empty || fail=1 + + # -n wins over -i non verbose + echo y | returns_ 1 cp -in c d 2>err4 > out4 || fail=1 +@@ -60,11 +59,11 @@ compare out5 out_copy || fail=1 + + # do not ask, prevent from overwrite + echo n | returns_ 1 cp -vfn c d 2>/dev/null > out6 || fail=1 +-compare out6 out_skip || fail=1 ++compare out6 out_empty || fail=1 + + # do not ask, prevent from overwrite + echo n | returns_ 1 cp -vnf c d 2>/dev/null > out7 || fail=1 +-compare out7 out_skip || fail=1 ++compare out7 out_empty || fail=1 + + # options --backup and --no-clobber are mutually exclusive + returns_ 1 cp -bn c d 2>/dev/null || fail=1 +diff --git a/tests/cp/debug.sh b/tests/cp/debug.sh +index b46adc637..242894de2 100755 +--- a/tests/cp/debug.sh ++++ b/tests/cp/debug.sh +@@ -25,4 +25,8 @@ grep 'copy offload:.*reflink:.*sparse detection:' cp.out || fail=1 + cp --debug --attributes-only file file.cp >cp.out || fail=1 + returns_ 1 grep 'copy offload:.*reflink:.*sparse detection:' cp.out || fail=1 + ++touch file.cp || framework_failure_ ++cp --debug --update=none file file.cp >cp.out || fail=1 ++grep 'skipped' cp.out || fail=1 ++ + Exit $fail +diff --git a/tests/mv/mv-n.sh b/tests/mv/mv-n.sh +index 45d74eb93..60547807c 100755 +--- a/tests/mv/mv-n.sh ++++ b/tests/mv/mv-n.sh +@@ -23,14 +23,13 @@ print_ver_ mv + # test miscellaneous combinations of -f -i -n parameters + touch a b || framework_failure_ + echo "renamed 'a' -> 'b'" > out_move +-echo "skipped 'b'" > out_skip || framework_failure_ + echo "mv: not replacing 'b'" > err_skip || framework_failure_ + > out_empty + + # ask for overwrite, answer no + touch a b || framework_failure_ + echo n | returns_ 1 mv -vi a b 2>/dev/null > out1 || fail=1 +-compare out1 out_skip || fail=1 ++compare out1 out_empty || fail=1 + + # ask for overwrite, answer yes + touch a b || framework_failure_ +@@ -40,7 +39,7 @@ compare out2 out_move || fail=1 + # -n wins (as the last option) + touch a b || framework_failure_ + echo y | returns_ 1 mv -vin a b 2>/dev/null > out3 || fail=1 +-compare out3 out_skip || fail=1 ++compare out3 out_empty || fail=1 + + # -n wins (non verbose) + touch a b || framework_failure_ +@@ -51,12 +50,12 @@ compare err3 err_skip || fail=1 + # -n wins (as the last option) + touch a b || framework_failure_ + echo y | returns_ 1 mv -vfn a b 2>/dev/null > out4 || fail=1 +-compare out4 out_skip || fail=1 ++compare out4 out_empty || fail=1 + + # -n wins (as the last option) + touch a b || framework_failure_ + echo y | returns_ 1 mv -vifn a b 2>/dev/null > out5 || fail=1 +-compare out5 out_skip || fail=1 ++compare out5 out_empty || fail=1 + + # options --backup and --no-clobber are mutually exclusive + touch a || framework_failure_ diff --git a/coreutils.spec b/coreutils.spec index 39bc384..2ee1486 100644 --- a/coreutils.spec +++ b/coreutils.spec @@ -1,7 +1,7 @@ Summary: A set of basic GNU tools commonly used in shell scripts Name: coreutils Version: 9.3 -Release: 2%{?dist} +Release: 3%{?dist} License: GPL-3.0-or-later Url: https://www.gnu.org/software/coreutils/ Source0: https://ftp.gnu.org/gnu/%{name}/%{name}-%{version}.tar.xz @@ -31,6 +31,10 @@ Patch102: coreutils-8.32-DIR_COLORS.patch # df --direct Patch104: coreutils-df-direct.patch +# copy: reduce verbosity of -i and -u with --verbose (#2236321) +# backport of cc078f747f3db00e70b2ae2ad2ab34e8d54316d3. +Patch105: coreutils-9.3-reduce--iu-verbosity-with-verbose.patch + # (sb) lin18nux/lsb compliance - multibyte functionality patch Patch800: coreutils-i18n.patch @@ -254,6 +258,9 @@ rm -f $RPM_BUILD_ROOT%{_infodir}/dir %license COPYING %changelog +* Thu Aug 31 2023 Lukáš Zaoral - 9.3-3 +- copy: reduce verbosity of -i and -u with --verbose (#2236321) + * Wed Jul 19 2023 Fedora Release Engineering - 9.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild From effc4950accde39245def1ddc7d0e3ea680ea2ef Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luk=C3=A1=C5=A1=20Zaoral?= Date: Mon, 11 Sep 2023 14:33:56 +0200 Subject: [PATCH 2/5] fix cp -p not copying NFSv4 acls Resolves: rhbz#2160675 --- ...ils-9.3-cp--p-should-copy-NFSv4-acls.patch | 217 ++++++++++++++++++ coreutils.spec | 9 +- 2 files changed, 225 insertions(+), 1 deletion(-) create mode 100644 coreutils-9.3-cp--p-should-copy-NFSv4-acls.patch diff --git a/coreutils-9.3-cp--p-should-copy-NFSv4-acls.patch b/coreutils-9.3-cp--p-should-copy-NFSv4-acls.patch new file mode 100644 index 0000000..e1ff720 --- /dev/null +++ b/coreutils-9.3-cp--p-should-copy-NFSv4-acls.patch @@ -0,0 +1,217 @@ +commit ccda8a2aedad84d9b730fdd6b36baa9582f54bfd +Author: rpm-build +Date: Mon Sep 11 14:28:05 2023 +0200 + + coreutils-9.3-cp--p-should-copy-NFSv4-acls.patch + +Cherry picked from the following gnulib upstream commits: +* b851a965da62cd858d71b2e5a7261a211f00b297 ("file-has-acl: port to Fedora 39") +* f01d8792778b637f7464533ac019e42f58adb310 ("file-has-acl: don’t access freed storage") +* 735716931755c74f3788ac83fead717c0bb22dfe ("file-has-acl: improve port to Fedora 39") + +diff --git a/lib/file-has-acl.c b/lib/file-has-acl.c +index b31a2ea..4cddc80 100644 +--- a/lib/file-has-acl.c ++++ b/lib/file-has-acl.c +@@ -29,7 +29,10 @@ + + #include "acl-internal.h" + +-#if USE_ACL && GETXATTR_WITH_POSIX_ACLS ++#include "minmax.h" ++ ++#if USE_ACL && HAVE_LINUX_XATTR_H && HAVE_LISTXATTR ++# include + # include + # include + # include +@@ -44,6 +47,20 @@ enum { + ACE4_IDENTIFIER_GROUP = 0x00000040 + }; + ++/* Return true if ATTR is in the set represented by the NUL-terminated ++ strings in LISTBUF, which is of size LISTSIZE. */ ++ ++static bool ++have_xattr (char const *attr, char const *listbuf, ssize_t listsize) ++{ ++ char const *blim = listbuf + listsize; ++ for (char const *b = listbuf; b < blim; b += strlen (b) + 1) ++ for (char const *a = attr; *a == *b; a++, b++) ++ if (!*a) ++ return true; ++ return false; ++} ++ + /* Return 1 if given ACL in XDR format is non-trivial, 0 if it is trivial. + -1 upon failure to determine it. Possibly change errno. Assume that + the ACL is valid, except avoid undefined behavior even if invalid. +@@ -137,37 +154,77 @@ file_has_acl (char const *name, struct stat const *sb) + if (! S_ISLNK (sb->st_mode)) + { + +-# if GETXATTR_WITH_POSIX_ACLS +- +- ssize_t ret; ++# if HAVE_LINUX_XATTR_H && HAVE_LISTXATTR + int initial_errno = errno; + +- ret = getxattr (name, XATTR_NAME_POSIX_ACL_ACCESS, NULL, 0); +- if (ret < 0 && errno == ENODATA) +- ret = 0; +- else if (ret > 0) +- return 1; +- +- if (ret == 0 && S_ISDIR (sb->st_mode)) ++ /* The max length of a trivial NFSv4 ACL is 6 words for owner, ++ 6 for group, 7 for everyone, all times 2 because there are ++ both allow and deny ACEs. There are 6 words for owner ++ because of type, flag, mask, wholen, "OWNER@"+pad and ++ similarly for group; everyone is another word to hold ++ "EVERYONE@". */ ++ typedef uint32_t trivial_NFSv4_xattr_buf[2 * (6 + 6 + 7)]; ++ ++ /* A buffer large enough to hold any trivial NFSv4 ACL, ++ and also useful as a small array of char. */ ++ union { ++ trivial_NFSv4_xattr_buf xattr; ++ char ch[sizeof (trivial_NFSv4_xattr_buf)]; ++ } stackbuf; ++ ++ char *listbuf = stackbuf.ch; ++ ssize_t listbufsize = sizeof stackbuf.ch; ++ char *heapbuf = NULL; ++ ssize_t listsize; ++ ++ /* Use listxattr first, as this means just one syscall in the ++ typical case where the file lacks an ACL. Try stackbuf ++ first, falling back on malloc if stackbuf is too small. */ ++ while ((listsize = listxattr (name, listbuf, listbufsize)) < 0 ++ && errno == ERANGE) + { +- ret = getxattr (name, XATTR_NAME_POSIX_ACL_DEFAULT, NULL, 0); +- if (ret < 0 && errno == ENODATA) +- ret = 0; +- else if (ret > 0) +- return 1; ++ free (heapbuf); ++ ssize_t newsize = listxattr (name, NULL, 0); ++ if (newsize <= 0) ++ return newsize; ++ ++ /* Grow LISTBUFSIZE to at least NEWSIZE. Grow it by a ++ nontrivial amount too, to defend against denial of ++ service by an adversary that fiddles with ACLs. */ ++ bool overflow = ckd_add (&listbufsize, listbufsize, listbufsize >> 1); ++ listbufsize = MAX (listbufsize, newsize); ++ if (overflow || SIZE_MAX < listbufsize) ++ { ++ errno = ENOMEM; ++ return -1; ++ } ++ ++ listbuf = heapbuf = malloc (listbufsize); ++ if (!listbuf) ++ return -1; + } + +- if (ret < 0) ++ /* In Fedora 39, a file can have both NFSv4 and POSIX ACLs, ++ but if it has an NFSv4 ACL that's the one that matters. ++ In earlier Fedora the two types of ACLs were mutually exclusive. ++ Attempt to work correctly on both kinds of systems. */ ++ bool nfsv4_acl ++ = 0 < listsize && have_xattr (XATTR_NAME_NFSV4_ACL, listbuf, listsize); ++ int ret ++ = (listsize <= 0 ? listsize ++ : (nfsv4_acl ++ || have_xattr (XATTR_NAME_POSIX_ACL_ACCESS, listbuf, listsize) ++ || (S_ISDIR (sb->st_mode) ++ && have_xattr (XATTR_NAME_POSIX_ACL_DEFAULT, ++ listbuf, listsize)))); ++ free (heapbuf); ++ ++ /* If there is an NFSv4 ACL, follow up with a getxattr syscall ++ to see whether the NFSv4 ACL is nontrivial. */ ++ if (nfsv4_acl) + { +- /* Check for NFSv4 ACLs. The max length of a trivial +- ACL is 6 words for owner, 6 for group, 7 for everyone, +- all times 2 because there are both allow and deny ACEs. +- There are 6 words for owner because of type, flag, mask, +- wholen, "OWNER@"+pad and similarly for group; everyone is +- another word to hold "EVERYONE@". */ +- uint32_t xattr[2 * (6 + 6 + 7)]; +- +- ret = getxattr (name, XATTR_NAME_NFSV4_ACL, xattr, sizeof xattr); ++ ret = getxattr (name, XATTR_NAME_NFSV4_ACL, ++ stackbuf.xattr, sizeof stackbuf.xattr); + if (ret < 0) + switch (errno) + { +@@ -177,7 +234,7 @@ file_has_acl (char const *name, struct stat const *sb) + else + { + /* It looks like a trivial ACL, but investigate further. */ +- ret = acl_nfs4_nontrivial (xattr, ret); ++ ret = acl_nfs4_nontrivial (stackbuf.xattr, ret); + if (ret < 0) + { + errno = EINVAL; +diff --git a/m4/acl.m4 b/m4/acl.m4 +index dc9853a..3fa0779 100644 +--- a/m4/acl.m4 ++++ b/m4/acl.m4 +@@ -177,37 +177,23 @@ AC_DEFUN([gl_ACL_GET_FILE], + AS_IF([test "$gl_cv_func_working_acl_get_file" != no], [$1], [$2]) + ]) + +-# On GNU/Linux, testing if a file has an acl can be done with the getxattr +-# syscall which doesn't require linking against additional libraries. ++# On GNU/Linux, testing if a file has an acl can be done with the ++# listxattr and getxattr syscalls, which don't require linking ++# against additional libraries. Assume this works if linux/attr.h ++# and listxattr are present. + AC_DEFUN([gl_FILE_HAS_ACL], + [ + AC_REQUIRE([gl_FUNC_ACL_ARG]) +- if test "$enable_acl" != no; then +- AC_CACHE_CHECK([for getxattr with XATTR_NAME_POSIX_ACL macros], +- [gl_cv_getxattr_with_posix_acls], +- [gl_cv_getxattr_with_posix_acls=no +- AC_LINK_IFELSE( +- [AC_LANG_PROGRAM( +- [[#include +- #include +- #include +- ]], +- [[ssize_t a = getxattr (".", XATTR_NAME_POSIX_ACL_ACCESS, 0, 0); +- ssize_t b = getxattr (".", XATTR_NAME_POSIX_ACL_DEFAULT, 0, 0); +- return a < 0 || b < 0; +- ]])], +- [gl_cv_getxattr_with_posix_acls=yes])]) +- fi +- if test "$gl_cv_getxattr_with_posix_acls" = yes; then +- FILE_HAS_ACL_LIB= +- AC_DEFINE([GETXATTR_WITH_POSIX_ACLS], 1, +- [Define to 1 if getxattr works with XATTR_NAME_POSIX_ACL_ACCESS +- and XATTR_NAME_POSIX_ACL_DEFAULT.]) +- else +- dnl Set gl_need_lib_has_acl to a nonempty value, so that any +- dnl later gl_FUNC_ACL call will set FILE_HAS_ACL_LIB=$LIB_ACL. +- gl_need_lib_has_acl=1 +- FILE_HAS_ACL_LIB=$LIB_ACL +- fi ++ AC_CHECK_HEADERS_ONCE([linux/xattr.h]) ++ AC_CHECK_FUNCS_ONCE([listxattr]) ++ FILE_HAS_ACL_LIB= ++ AS_CASE([$enable_acl,$ac_cv_header_linux_xattr_h,$ac_cv_func_listxattr], ++ [no,*,*], [], ++ [*,yes,yes], [], ++ [*], ++ [dnl Set gl_need_lib_has_acl to a nonempty value, so that any ++ dnl later gl_FUNC_ACL call will set FILE_HAS_ACL_LIB=$LIB_ACL. ++ gl_need_lib_has_acl=1 ++ FILE_HAS_ACL_LIB=$LIB_ACL]) + AC_SUBST([FILE_HAS_ACL_LIB]) + ]) diff --git a/coreutils.spec b/coreutils.spec index 2ee1486..ca1c38d 100644 --- a/coreutils.spec +++ b/coreutils.spec @@ -1,7 +1,7 @@ Summary: A set of basic GNU tools commonly used in shell scripts Name: coreutils Version: 9.3 -Release: 3%{?dist} +Release: 4%{?dist} License: GPL-3.0-or-later Url: https://www.gnu.org/software/coreutils/ Source0: https://ftp.gnu.org/gnu/%{name}/%{name}-%{version}.tar.xz @@ -35,6 +35,10 @@ Patch104: coreutils-df-direct.patch # backport of cc078f747f3db00e70b2ae2ad2ab34e8d54316d3. Patch105: coreutils-9.3-reduce--iu-verbosity-with-verbose.patch +# cp -p should copy NFSv4 acls (#2160675) +# see the patch for the list of backported commits +Patch106: coreutils-9.3-cp--p-should-copy-NFSv4-acls.patch + # (sb) lin18nux/lsb compliance - multibyte functionality patch Patch800: coreutils-i18n.patch @@ -258,6 +262,9 @@ rm -f $RPM_BUILD_ROOT%{_infodir}/dir %license COPYING %changelog +* Mon Sep 11 2023 Lukáš Zaoral - 9.3-4 +- fix cp -p not copying NFSv4 acls (rhbz#2160675) + * Thu Aug 31 2023 Lukáš Zaoral - 9.3-3 - copy: reduce verbosity of -i and -u with --verbose (#2236321) From e188652f2ccfb24e022556ddcb847ac928235ddc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luk=C3=A1=C5=A1=20Zaoral?= Date: Thu, 18 Jan 2024 15:23:40 +0100 Subject: [PATCH 3/5] fix buffer overflow in split Resolves: CVE-2024-0684 --- coreutils-9.2-CVE-2024-0684.patch | 31 +++++++++++++++++++++++++++++++ coreutils.spec | 8 +++++++- 2 files changed, 38 insertions(+), 1 deletion(-) create mode 100644 coreutils-9.2-CVE-2024-0684.patch diff --git a/coreutils-9.2-CVE-2024-0684.patch b/coreutils-9.2-CVE-2024-0684.patch new file mode 100644 index 0000000..64583af --- /dev/null +++ b/coreutils-9.2-CVE-2024-0684.patch @@ -0,0 +1,31 @@ +From c4c5ed8f4e9cd55a12966d4f520e3a13101637d9 Mon Sep 17 00:00:00 2001 +From: Paul Eggert +Date: Tue, 16 Jan 2024 13:48:32 -0800 +Subject: [PATCH] split: do not shrink hold buffer +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +* src/split.c (line_bytes_split): Do not shrink hold buffer. +If it’s large for this batch it’s likely to be large for the next +batch, and for ‘split’ it’s not worth the complexity/CPU hassle to +shrink it. Do not assume hold_size can be bufsize. +--- + src/split.c | 3 --- + 1 file changed, 3 deletions(-) + +diff --git a/src/split.c b/src/split.c +index 64020c859..037960a59 100644 +--- a/src/split.c ++++ b/src/split.c +@@ -809,10 +809,7 @@ line_bytes_split (intmax_t n_bytes, char *buf, idx_t bufsize) + { + cwrite (n_out == 0, hold, n_hold); + n_out += n_hold; +- if (n_hold > bufsize) +- hold = xirealloc (hold, bufsize); + n_hold = 0; +- hold_size = bufsize; + } + + /* Output to eol if present. */ diff --git a/coreutils.spec b/coreutils.spec index ca1c38d..c9c7cf1 100644 --- a/coreutils.spec +++ b/coreutils.spec @@ -1,7 +1,7 @@ Summary: A set of basic GNU tools commonly used in shell scripts Name: coreutils Version: 9.3 -Release: 4%{?dist} +Release: 5%{?dist} License: GPL-3.0-or-later Url: https://www.gnu.org/software/coreutils/ Source0: https://ftp.gnu.org/gnu/%{name}/%{name}-%{version}.tar.xz @@ -39,6 +39,9 @@ Patch105: coreutils-9.3-reduce--iu-verbosity-with-verbose.patch # see the patch for the list of backported commits Patch106: coreutils-9.3-cp--p-should-copy-NFSv4-acls.patch +# fix buffer overflow in split (CVE-2024-0684) +Patch107: coreutils-9.2-CVE-2024-0684.patch + # (sb) lin18nux/lsb compliance - multibyte functionality patch Patch800: coreutils-i18n.patch @@ -262,6 +265,9 @@ rm -f $RPM_BUILD_ROOT%{_infodir}/dir %license COPYING %changelog +* Thu Jan 18 2024 Lukáš Zaoral - 9.3-5 +- fix buffer overflow in split (CVE-2024-0684) + * Mon Sep 11 2023 Lukáš Zaoral - 9.3-4 - fix cp -p not copying NFSv4 acls (rhbz#2160675) From 29fa793648bffbe457e4fb1b90396a1948eb6eb1 Mon Sep 17 00:00:00 2001 From: Sohum Mendon Date: Sat, 13 Jul 2024 14:02:20 -0700 Subject: [PATCH 4/5] Fix fold exit status for nonexistent files Resolves: rhbz#2296201 --- coreutils-i18n.patch | 2 +- coreutils.spec | 5 ++++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/coreutils-i18n.patch b/coreutils-i18n.patch index 8492fe6..ed21eb0 100644 --- a/coreutils-i18n.patch +++ b/coreutils-i18n.patch @@ -1721,7 +1721,7 @@ index f07a90b..d32dbfd 100644 + if (istream == NULL) + { + error (0, errno, "%s", filename); -+ return 1; ++ return false; + } + + /* Define how ISTREAM is being folded. */ diff --git a/coreutils.spec b/coreutils.spec index c9c7cf1..174e4a4 100644 --- a/coreutils.spec +++ b/coreutils.spec @@ -1,7 +1,7 @@ Summary: A set of basic GNU tools commonly used in shell scripts Name: coreutils Version: 9.3 -Release: 5%{?dist} +Release: 6%{?dist} License: GPL-3.0-or-later Url: https://www.gnu.org/software/coreutils/ Source0: https://ftp.gnu.org/gnu/%{name}/%{name}-%{version}.tar.xz @@ -265,6 +265,9 @@ rm -f $RPM_BUILD_ROOT%{_infodir}/dir %license COPYING %changelog +* Mon Jul 15 2024 Sohum Mendon - 9.3-6 +- fix incorrect exit status when fold is called with a non-existent file + * Thu Jan 18 2024 Lukáš Zaoral - 9.3-5 - fix buffer overflow in split (CVE-2024-0684) From 1892fa23069dc9b73edf6f117816a476c7e406a4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luk=C3=A1=C5=A1=20Zaoral?= Date: Sat, 28 Sep 2024 08:12:44 +0200 Subject: [PATCH 5/5] fix fold -b with UTF8 locale Resolves: RHEL-60295 --- coreutils-i18n.patch | 119 +++++++++++++++++++++---------------------- coreutils.spec | 5 +- 2 files changed, 63 insertions(+), 61 deletions(-) diff --git a/coreutils-i18n.patch b/coreutils-i18n.patch index ed21eb0..ba7d44d 100644 --- a/coreutils-i18n.patch +++ b/coreutils-i18n.patch @@ -1,6 +1,6 @@ -From 01010419a6499768563e7b2f3fd56cf16edda75e Mon Sep 17 00:00:00 2001 +From 0c6ef7372e7e480b7977ee22fb108fe114060673 Mon Sep 17 00:00:00 2001 From: rpm-build -Date: Mon, 4 Oct 2021 08:54:37 +0200 +Date: Fri, 27 Sep 2024 02:00:00 +0200 Subject: [PATCH] coreutils-i18n.patch --- @@ -14,7 +14,7 @@ Subject: [PATCH] coreutils-i18n.patch src/expand-common.c | 114 ++++++ src/expand-common.h | 12 + src/expand.c | 90 +++- - src/fold.c | 312 ++++++++++++-- + src/fold.c | 311 ++++++++++++-- src/join.c | 359 ++++++++++++++-- src/local.mk | 4 +- src/pr.c | 443 ++++++++++++++++++-- @@ -35,7 +35,7 @@ Subject: [PATCH] coreutils-i18n.patch tests/misc/uniq.pl | 55 +++ tests/pr/pr-tests.pl | 49 +++ tests/unexpand/mb.sh | 172 ++++++++ - 31 files changed, 3699 insertions(+), 242 deletions(-) + 31 files changed, 3698 insertions(+), 242 deletions(-) create mode 100644 lib/mbfile.c create mode 100644 lib/mbfile.h create mode 100644 m4/mbfile.m4 @@ -45,7 +45,7 @@ Subject: [PATCH] coreutils-i18n.patch create mode 100755 tests/unexpand/mb.sh diff --git a/bootstrap.conf b/bootstrap.conf -index c1399e3..60b39cf 100644 +index eca4edb..71fb8b8 100644 --- a/bootstrap.conf +++ b/bootstrap.conf @@ -165,6 +165,7 @@ gnulib_modules=" @@ -57,7 +57,7 @@ index c1399e3..60b39cf 100644 mbrtowc mbsalign diff --git a/configure.ac b/configure.ac -index 7e4afc9..4656a35 100644 +index 2b2f946..2793720 100644 --- a/configure.ac +++ b/configure.ac @@ -477,6 +477,8 @@ fi @@ -70,7 +70,7 @@ index 7e4afc9..4656a35 100644 if test $gl_cv_sys_tiocgwinsz_needs_termios_h = no && \ diff --git a/lib/linebuffer.h b/lib/linebuffer.h -index 07d45ca..af62e6c 100644 +index b4cc8e4..f2bbb52 100644 --- a/lib/linebuffer.h +++ b/lib/linebuffer.h @@ -22,6 +22,11 @@ @@ -386,7 +386,7 @@ index 0000000..8589902 + : +]) diff --git a/src/cut.c b/src/cut.c -index 6fd8978..faef877 100644 +index e8346b7..5a341a7 100644 --- a/src/cut.c +++ b/src/cut.c @@ -28,6 +28,11 @@ @@ -1046,7 +1046,7 @@ index 6fd8978..faef877 100644 if (have_read_stdin && fclose (stdin) == EOF) diff --git a/src/expand-common.c b/src/expand-common.c -index deec1bd..b39f740 100644 +index 4969e2e..dd47440 100644 --- a/src/expand-common.c +++ b/src/expand-common.c @@ -19,6 +19,7 @@ @@ -1178,7 +1178,7 @@ index deec1bd..b39f740 100644 to the list of tab stops. */ extern void diff --git a/src/expand-common.h b/src/expand-common.h -index 5f59a0e..835b9d5 100644 +index 33976ad..a45c600 100644 --- a/src/expand-common.h +++ b/src/expand-common.h @@ -25,6 +25,18 @@ extern size_t max_column_width; @@ -1201,7 +1201,7 @@ index 5f59a0e..835b9d5 100644 extern void add_tab_stop (uintmax_t tabval); diff --git a/src/expand.c b/src/expand.c -index ed78ca8..a4cefa1 100644 +index d682a86..98ba345 100644 --- a/src/expand.c +++ b/src/expand.c @@ -37,6 +37,9 @@ @@ -1357,7 +1357,7 @@ index ed78ca8..a4cefa1 100644 } diff --git a/src/fold.c b/src/fold.c -index f07a90b..d32dbfd 100644 +index 0ee39c3..ff783b1 100644 --- a/src/fold.c +++ b/src/fold.c @@ -22,12 +22,34 @@ @@ -1507,7 +1507,7 @@ index f07a90b..d32dbfd 100644 /* Look for the last blank. */ while (logical_end) { -@@ -215,13 +252,225 @@ fold_file (char const *filename, size_t width) +@@ -215,13 +252,224 @@ fold_file (char const *filename, size_t width) line_out[offset_out++] = c; } @@ -1605,39 +1605,38 @@ index f07a90b..d32dbfd 100644 + } + +rescan: -+ if (operating_mode == byte_mode) /* byte mode */ ++ if (convfail) ++ increment = 1; ++ else if (wc == L'\n') ++ { ++ /* preserve newline */ ++ fwrite (line_out, sizeof(char), offset_out, stdout); ++ START_NEW_LINE; ++ continue; ++ } ++ else if (operating_mode == byte_mode) /* byte mode */ + increment = mblength; + else if (operating_mode == character_mode) /* character mode */ + increment = 1; -+ else /* column mode */ ++ else /* column mode */ + { -+ if (convfail) -+ increment = 1; -+ else ++ switch (wc) + { -+ switch (wc) -+ { -+ case L'\n': -+ fwrite (line_out, sizeof(char), offset_out, stdout); -+ START_NEW_LINE; -+ continue; ++ case L'\b': ++ increment = (column > 0) ? -1 : 0; ++ break; + -+ case L'\b': -+ increment = (column > 0) ? -1 : 0; -+ break; ++ case L'\r': ++ increment = -1 * column; ++ break; + -+ case L'\r': -+ increment = -1 * column; -+ break; ++ case L'\t': ++ increment = 8 - column % 8; ++ break; + -+ case L'\t': -+ increment = 8 - column % 8; -+ break; -+ -+ default: -+ increment = wcwidth (wc); -+ increment = (increment < 0) ? 0 : increment; -+ } ++ default: ++ increment = wcwidth (wc); ++ increment = (increment < 0) ? 0 : increment; + } + } + @@ -1735,7 +1734,7 @@ index f07a90b..d32dbfd 100644 if (STREQ (filename, "-")) clearerr (istream); else if (fclose (istream) != 0 && !saved_errno) -@@ -252,7 +501,8 @@ main (int argc, char **argv) +@@ -252,7 +500,8 @@ main (int argc, char **argv) atexit (close_stdout); @@ -1745,7 +1744,7 @@ index f07a90b..d32dbfd 100644 while ((optc = getopt_long (argc, argv, shortopts, longopts, NULL)) != -1) { -@@ -261,7 +511,15 @@ main (int argc, char **argv) +@@ -261,7 +510,15 @@ main (int argc, char **argv) switch (optc) { case 'b': /* Count bytes rather than columns. */ @@ -1763,7 +1762,7 @@ index f07a90b..d32dbfd 100644 case 's': /* Break at word boundaries. */ diff --git a/src/join.c b/src/join.c -index f2fd172..6c7d1ed 100644 +index 7965a69..9e79c28 100644 --- a/src/join.c +++ b/src/join.c @@ -22,19 +22,33 @@ @@ -2256,7 +2255,7 @@ index f2fd172..6c7d1ed 100644 break; diff --git a/src/local.mk b/src/local.mk -index e1d15ce..1a5ffaa 100644 +index 13eeea8..06e6687 100644 --- a/src/local.mk +++ b/src/local.mk @@ -438,8 +438,8 @@ src_base32_CPPFLAGS = -DBASE_TYPE=32 $(AM_CPPFLAGS) @@ -2271,7 +2270,7 @@ index e1d15ce..1a5ffaa 100644 src_wc_SOURCES = src/wc.c if USE_AVX2_WC_LINECOUNT diff --git a/src/pr.c b/src/pr.c -index 4c17c00..b4fab1c 100644 +index 2c5cdce..5694488 100644 --- a/src/pr.c +++ b/src/pr.c @@ -311,6 +311,24 @@ @@ -3037,7 +3036,7 @@ index 4c17c00..b4fab1c 100644 looking for more options and printing the next batch of files. diff --git a/src/sort.c b/src/sort.c -index 3b775d6..a0ba243 100644 +index 8ca7a88..220bdd4 100644 --- a/src/sort.c +++ b/src/sort.c @@ -29,6 +29,14 @@ @@ -4115,7 +4114,7 @@ index 3b775d6..a0ba243 100644 break; diff --git a/src/unexpand.c b/src/unexpand.c -index 7d6100f..04cd646 100644 +index 8c97f0d..516cb95 100644 --- a/src/unexpand.c +++ b/src/unexpand.c @@ -38,6 +38,9 @@ @@ -4320,7 +4319,7 @@ index 7d6100f..04cd646 100644 } diff --git a/src/uniq.c b/src/uniq.c -index e5996f0..871d47c 100644 +index ad0c1d6..2a5a182 100644 --- a/src/uniq.c +++ b/src/uniq.c @@ -21,6 +21,17 @@ @@ -4485,7 +4484,7 @@ index e5996f0..871d47c 100644 skip_fields = 0; check_chars = SIZE_MAX; diff --git a/tests/Coreutils.pm b/tests/Coreutils.pm -index fad7ab9..c9021a6 100644 +index f147401..3ce5da9 100644 --- a/tests/Coreutils.pm +++ b/tests/Coreutils.pm @@ -269,6 +269,9 @@ sub run_tests ($$$$$) @@ -4723,10 +4722,10 @@ index 0000000..26c95de + +Exit $fail diff --git a/tests/local.mk b/tests/local.mk -index 0f77786..dbe1843 100644 +index a0c0249..3b932f0 100644 --- a/tests/local.mk +++ b/tests/local.mk -@@ -381,6 +381,8 @@ all_tests = \ +@@ -383,6 +383,8 @@ all_tests = \ tests/misc/sort-discrim.sh \ tests/misc/sort-files0-from.pl \ tests/misc/sort-float.sh \ @@ -4735,7 +4734,7 @@ index 0f77786..dbe1843 100644 tests/misc/sort-h-thousands-sep.sh \ tests/misc/sort-merge.pl \ tests/misc/sort-merge-fdlimit.sh \ -@@ -582,6 +584,7 @@ all_tests = \ +@@ -584,6 +586,7 @@ all_tests = \ tests/du/threshold.sh \ tests/du/trailing-slash.sh \ tests/du/two-args.sh \ @@ -4743,7 +4742,7 @@ index 0f77786..dbe1843 100644 tests/id/gnu-zero-uids.sh \ tests/id/no-context.sh \ tests/id/context.sh \ -@@ -734,6 +737,7 @@ all_tests = \ +@@ -736,6 +739,7 @@ all_tests = \ tests/touch/read-only.sh \ tests/touch/relative.sh \ tests/touch/trailing-slash.sh \ @@ -4752,7 +4751,7 @@ index 0f77786..dbe1843 100644 # See tests/factor/create-test.sh. diff --git a/tests/misc/expand.pl b/tests/misc/expand.pl -index 7a77e6f..27f6652 100755 +index 06261ac..7dd813e 100755 --- a/tests/misc/expand.pl +++ b/tests/misc/expand.pl @@ -27,6 +27,15 @@ my $prog = 'expand'; @@ -4819,7 +4818,7 @@ index 7a77e6f..27f6652 100755 my $verbose = $ENV{VERBOSE}; diff --git a/tests/misc/fold.pl b/tests/misc/fold.pl -index 2834f92..bc1616a 100755 +index a94072f..136a82e 100755 --- a/tests/misc/fold.pl +++ b/tests/misc/fold.pl @@ -20,9 +20,18 @@ use strict; @@ -4892,7 +4891,7 @@ index 2834f92..bc1616a 100755 my $fail = run_tests ($program_name, $prog, \@Tests, $save_temps, $verbose); exit $fail; diff --git a/tests/misc/join.pl b/tests/misc/join.pl -index 06ad777..be40204 100755 +index 2ca8567..1d01a3d 100755 --- a/tests/misc/join.pl +++ b/tests/misc/join.pl @@ -25,6 +25,15 @@ my $limits = getlimits (); @@ -5013,7 +5012,7 @@ index 0000000..11836ba + +Exit $fail diff --git a/tests/misc/sort-merge.pl b/tests/misc/sort-merge.pl -index 7eb4574..eda884c 100755 +index bd439ef..2ccdf87 100755 --- a/tests/misc/sort-merge.pl +++ b/tests/misc/sort-merge.pl @@ -26,6 +26,15 @@ my $prog = 'sort'; @@ -5073,7 +5072,7 @@ index 7eb4574..eda884c 100755 my $verbose = $ENV{VERBOSE}; diff --git a/tests/misc/sort.pl b/tests/misc/sort.pl -index 0b0adca..fd27821 100755 +index 46f1d7a..bb38f5b 100755 --- a/tests/misc/sort.pl +++ b/tests/misc/sort.pl @@ -24,10 +24,15 @@ my $prog = 'sort'; @@ -5141,7 +5140,7 @@ index 0b0adca..fd27821 100755 my $save_temps = $ENV{DEBUG}; my $verbose = $ENV{VERBOSE}; diff --git a/tests/misc/unexpand.pl b/tests/misc/unexpand.pl -index 2e1906f..fe66012 100755 +index d78a1bc..2b9137d 100755 --- a/tests/misc/unexpand.pl +++ b/tests/misc/unexpand.pl @@ -27,6 +27,14 @@ my $limits = getlimits (); @@ -5198,7 +5197,7 @@ index 2e1906f..fe66012 100755 my $verbose = $ENV{VERBOSE}; diff --git a/tests/misc/uniq.pl b/tests/misc/uniq.pl -index aa163cd..91d617d 100755 +index a6354dc..e43cd6e 100755 --- a/tests/misc/uniq.pl +++ b/tests/misc/uniq.pl @@ -23,9 +23,17 @@ my $limits = getlimits (); @@ -5274,7 +5273,7 @@ index aa163cd..91d617d 100755 @Tests = triple_test \@Tests; diff --git a/tests/pr/pr-tests.pl b/tests/pr/pr-tests.pl -index 7ac6d4c..ae6cc35 100755 +index 265e6e1..83a8b29 100755 --- a/tests/pr/pr-tests.pl +++ b/tests/pr/pr-tests.pl @@ -24,6 +24,15 @@ use strict; @@ -5521,5 +5520,5 @@ index 0000000..8a82d74 +LC_ALL=C unexpand in in > out || fail=1 +compare exp out > /dev/null 2>&1 || fail=1 -- -2.34.1 +2.46.2 diff --git a/coreutils.spec b/coreutils.spec index 174e4a4..eb80749 100644 --- a/coreutils.spec +++ b/coreutils.spec @@ -1,7 +1,7 @@ Summary: A set of basic GNU tools commonly used in shell scripts Name: coreutils Version: 9.3 -Release: 6%{?dist} +Release: 7%{?dist} License: GPL-3.0-or-later Url: https://www.gnu.org/software/coreutils/ Source0: https://ftp.gnu.org/gnu/%{name}/%{name}-%{version}.tar.xz @@ -265,6 +265,9 @@ rm -f $RPM_BUILD_ROOT%{_infodir}/dir %license COPYING %changelog +* Fri Sep 27 2024 Lukáš Zaoral - 9.3-7 +- fix fold -b with UTF8 locale (RHEL-60295) + * Mon Jul 15 2024 Sohum Mendon - 9.3-6 - fix incorrect exit status when fold is called with a non-existent file