From ffa0bed762b4734998abd1b693e4fb7b67fa1651 Mon Sep 17 00:00:00 2001 From: Stephane Fontaine Date: Wed, 24 Sep 2025 20:05:40 -0400 Subject: [PATCH 1/3] coreutils: version bumped to 9.8 --- utils/coreutils/DETAILS | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/utils/coreutils/DETAILS b/utils/coreutils/DETAILS index bc7d66dce..942c99ec6 100644 --- a/utils/coreutils/DETAILS +++ b/utils/coreutils/DETAILS @@ -1,12 +1,12 @@ MODULE=coreutils - VERSION=9.7 + VERSION=9.8 SOURCE=$MODULE-$VERSION.tar.xz SOURCE_URL[0]=$GNU_URL/$MODULE SOURCE_URL[1]=https://ftp.gnu.org/gnu/$MODULE - SOURCE_VFY=sha256:e8bb26ad0293f9b5a1fc43fb42ba970e312c66ce92c1b0b16713d7500db251bf + SOURCE_VFY=sha256:e6d4fd2d852c9141a1c2a18a13d146a0cd7e45195f72293a4e4c044ec6ccca15 WEB_SITE=http://www.gnu.org/software/coreutils ENTERED=20030217 - UPDATED=20250902 + UPDATED=20250924 SHORT="Contains latest sh-utils, textutils and fileutils" PSAFE=no From 44cbc493f0ac52bdb618b41a187725577bf5e892 Mon Sep 17 00:00:00 2001 From: Stephane Fontaine Date: Wed, 24 Sep 2025 22:12:56 -0400 Subject: [PATCH 2/3] coreutils: correct the su program origin in the comment --- utils/coreutils/BUILD | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/utils/coreutils/BUILD b/utils/coreutils/BUILD index 3ccca8979..04f81e1d3 100644 --- a/utils/coreutils/BUILD +++ b/utils/coreutils/BUILD @@ -11,7 +11,7 @@ else OPTS+=" --disable-nls" fi && -# This option resolves conflicts with shadow/heimdal, net-tools and procps +# This option resolves conflicts with util-linux/heimdal, net-tools and procps OPTS+=" --enable-no-install-program=hostname,su,kill,uptime" && OPTS+=" --enable-install-program=arch" && From 5637a94244b6411133a56e8958cdf4ff46107ebd Mon Sep 17 00:00:00 2001 From: Stephane Fontaine Date: Fri, 26 Sep 2025 04:31:02 -0400 Subject: [PATCH 3/3] coreutils: add 2 patches --- .../patch.d/coreutils-9.8-basenc-base58.patch | 137 ++++++++++++++++++ .../patch.d/coreutils-9.8-tail-offset.patch | 35 +++++ 2 files changed, 172 insertions(+) create mode 100644 utils/coreutils/patch.d/coreutils-9.8-basenc-base58.patch create mode 100644 utils/coreutils/patch.d/coreutils-9.8-tail-offset.patch diff --git a/utils/coreutils/patch.d/coreutils-9.8-basenc-base58.patch b/utils/coreutils/patch.d/coreutils-9.8-basenc-base58.patch new file mode 100644 index 000000000..d8ccb11a8 --- /dev/null +++ b/utils/coreutils/patch.d/coreutils-9.8-basenc-base58.patch @@ -0,0 +1,137 @@ +https://cgit.git.savannah.gnu.org/cgit/coreutils.git/commit/?id=2ef53e5b0477f9d9361a11a471d704a96b1c99b8 +(Dropped the test to avoid autoreconf.) + +From 2ef53e5b0477f9d9361a11a471d704a96b1c99b8 Mon Sep 17 00:00:00 2001 +From: Pádraig Brady +Date: Tue, 23 Sep 2025 15:38:51 +0100 +Subject: basenc: --base58: fix buffer overflow with input > 15MB + +base58_length() operated naively on an int +which resulted in an overflow to a negative number +for any input > 2^31-1/138, i.e. 15,561,475 bytes. + +* src/basenc.c (base_length): Change input and output +parameter types from int to idx_t since this needs to +cater for the full input size in the base58 case. +(base58_length): Likewise. Also reorder the calculation +to be less exact, but doing the division first +to minimize the chance of overflow (which now on 64 bit +would only happen for inputs > around 6 Exa bytes). +* tests/basenc/basenc-large.sh: Add a new test, +that triggers with valgrind or ASAN. +* tests/local.mk: Reference the new test. +* NEWS: Mention the bug fix. +--- + src/basenc.c | 43 +++++++++++++++++++++++++------------------ + 4 files changed, 58 insertions(+), 18 deletions(-) + create mode 100755 tests/basenc/basenc-large.sh + +diff --git a/src/basenc.c b/src/basenc.c +index 1fb7a16f5..ae55f8e32 100644 +--- a/src/basenc.c ++++ b/src/basenc.c +@@ -253,7 +253,7 @@ static_assert (DEC_BLOCKSIZE % 12 == 0); /* Complete encoded blocks are used. */ + static_assert (DEC_BLOCKSIZE % 40 == 0); /* complete encoded blocks for base32*/ + static_assert (DEC_BLOCKSIZE % 12 == 0); /* complete encoded blocks for base64*/ + +-static int (*base_length) (int i); ++static idx_t (*base_length) (idx_t len); + static int (*required_padding) (int i); + static bool (*isubase) (unsigned char ch); + static void (*base_encode) (char const *restrict in, idx_t inlen, +@@ -427,8 +427,8 @@ decode_ctx_finalize (struct base_decode_context *ctx, + + #if BASE_TYPE == 42 + +-static int +-base64_length_wrapper (int len) ++static idx_t ++base64_length_wrapper (idx_t len) + { + return BASE64_LENGTH (len); + } +@@ -526,8 +526,8 @@ base64url_decode_ctx_wrapper (struct base_decode_context *ctx, + + + +-static int +-base32_length_wrapper (int len) ++static idx_t ++base32_length_wrapper (idx_t len) + { + return BASE32_LENGTH (len); + } +@@ -740,8 +740,8 @@ isubase16 (unsigned char ch) + return ch < sizeof base16_to_int && 0 <= base16_to_int[ch]; + } + +-static int +-base16_length (int len) ++static idx_t ++base16_length (idx_t len) + { + return len * 2; + } +@@ -820,13 +820,14 @@ base16_decode_ctx (struct base_decode_context *ctx, + + + +- +-static int +-z85_length (int len) ++ATTRIBUTE_PURE ++static idx_t ++z85_length (idx_t len) + { + /* Z85 does not allow padding, so no need to round to highest integer. */ +- int outlen = (len * 5) / 4; +- return outlen; ++ idx_t z85_len = (len * 5) / 4; ++ affirm (0 <= z85_len); ++ return z85_len; + } + + static bool +@@ -1015,8 +1016,8 @@ isubase2 (unsigned char ch) + return ch == '0' || ch == '1'; + } + +-static int +-base2_length (int len) ++static idx_t ++base2_length (idx_t len) + { + return len * 8; + } +@@ -1206,12 +1207,17 @@ isubase58 (unsigned char ch) + } + + +-static int +-base58_length (int len) ++ATTRIBUTE_PURE ++static idx_t ++base58_length (idx_t len) + { + /* Base58 output length is approximately log(256)/log(58), +- so ensure we've enough place for that + NUL. */ +- return (len * 138) / 100 + 1; ++ which is approximately len * 138 / 100, ++ which is at most ((len + 100 - 1) / 100) * 138 ++ +1 to ensure we've enough place for NUL */ ++ idx_t base58_len = ((len + 99) / 100) * 138 + 1; ++ affirm (0 < base58_len); ++ return base58_len; + } + + +@@ -1268,6 +1274,7 @@ base58_encode (char const* data, size_t data_len, + if (data_len - zeros) + { + mpz_import (num, data_len - zeros, 1, 1, 0, 0, data + zeros); ++ affirm (mpz_sizeinbase (num, 58) + 1 <= *outlen); + for (p = mpz_get_str (p, 58, num); *p; p++) + *p = gmp_to_base58[to_uchar (*p)]; + } +-- +cgit v1.2.3 diff --git a/utils/coreutils/patch.d/coreutils-9.8-tail-offset.patch b/utils/coreutils/patch.d/coreutils-9.8-tail-offset.patch new file mode 100644 index 000000000..44b7334b5 --- /dev/null +++ b/utils/coreutils/patch.d/coreutils-9.8-tail-offset.patch @@ -0,0 +1,35 @@ +https://cgit.git.savannah.gnu.org/cgit/coreutils.git/commit/?id=914972e80dbf82aac9ffe3ff1f67f1028e1a788b +(Dropped the test to avoid autoreconf.) + +From 914972e80dbf82aac9ffe3ff1f67f1028e1a788b Mon Sep 17 00:00:00 2001 +From: Hannes Braun +Date: Wed, 24 Sep 2025 21:20:49 +0200 +Subject: tail: fix tailing larger number of lines in regular files + +* src/tail.c (file_lines): Seek to the previous block instead of the +beginning (or a little before) of the block that was just scanned. +Otherwise, the same block is read and scanned (at least partially) +again. This bug was introduced by commit v9.7-219-g976f8abc1. +* tests/tail/basic-seek.sh: Add a new test. +* tests/local.mk: Reference the new test. +* NEWS: mention the bug fix. +--- + src/tail.c | 2 +- + tests/local.mk | 1 + + tests/tail/basic-seek.sh | 28 ++++++++++++++++++++++++++++ + 4 files changed, 34 insertions(+), 1 deletion(-) + create mode 100755 tests/tail/basic-seek.sh + +diff --git a/src/tail.c b/src/tail.c +index b8bef1d91..c7779c77d 100644 +--- a/src/tail.c ++++ b/src/tail.c +@@ -596,7 +596,7 @@ file_lines (char const *prettyname, int fd, struct stat const *sb, + goto free_buffer; + } + +- pos = xlseek (fd, -bufsize, SEEK_CUR, prettyname); ++ pos = xlseek (fd, -(bufsize + bytes_read), SEEK_CUR, prettyname); + bytes_read = read (fd, buffer, bufsize); + if (bytes_read < 0) + {