| Age | Commit message (Collapse) | Author | Lines |
|---|
|
cksum --check is often the first interaction
users have with possibly untrusted downloads, so we should try
to be as defensive as possible when processing it.
Specifically we currently only escape \n characters in file names
presented in checksum files being parsed with cksum --check.
This gives some possibilty of dumping arbitrary data to the terminal
when checking downloads from an untrusted source.
This change gives these advantages:
1. Avoids dumping arbitrary data to vulnerable terminals
2. Avoids visual deception with ansi codes hiding checksum failures
3. More secure if users copy and paste file names from --check output
4. Simplifies programmatic parsing
Note this changes programmatic parsing, but given the original
format was so awkward to parse, I expect that's extremely rare.
I was not able to find example in the wild at least.
To parse the new format from from shell, you can do something like:
cksum -c checksums | while IFS= read -r line; do
case $line in
*': FAILED')
filename=$(eval "printf '%s' ${line%: FAILED}")
cp -v "$filename" /quarantine
;;
esac
done
This change also slightly reduces the size of the sum(1) utility.
This change also apples to md5sum, sha*sum, and b2sum.
* src/cksum.c (digest_check): Call quotef() instead of
cksum(1) specific quoting.
* tests/cksum/md5sum-bsd.sh: Adjust accordingly.
* doc/coreutils.texi (cksum general options): Describe the
shell quoting used for problematic file names.
* NEWS: Mention the change in behavior.
Reported by: Aaron Rainbolt
|
|
* tests/cksum/cksum-c.sh: Add 'splice' to the injection set.
* tests/misc/read-errors.sh: Likewise.
From https://github.com/coreutils/coreutils/pull/167
|
|
* init.cfg (uses_strace_): New function.
(require_strace_): Use it.
tests/cksum/cksum-c.sh: Likewise.
tests/misc/read-errors.sh: Likewise.
|
|
* tests/cksum/cksum-c.sh: Match "read" with a regex
to match any of the read syscall variants.
|
|
* tests/cksum/cksum-c.sh: Use strace to inject EIO upon read(),
and verify it's handled appropriately.
From https://github.com/coreutils/coreutils/pull/167
|
|
We disallow `cksum --tag --check` which is fine,
but the error should be consistent with md5sum,
and less confusing, as it currently mentions
"--binary" and "--text" which weren't specified.
We disallow `cksum --tag --text` which is fine,
but we should also disallow `cksum --text --tag`.
We should honor an explicit --binary (output *)
with this combination of options:
cksum --binary --tag --untagged -a md5 /dev/null
Note this also makes both of `cksum -a md5` and
`cksum --tag -a md5` consistently use binary mode
when reading from a tty on systems like MinGW
where O_BINARY is set.
* src/cksum.c (main): Adjust --text,--binary
and --tag,--untagged option processing.
* tests/cksum/cksum-a.sh: Add test cases.
* tests/cksum/cksum-c.sh: Likewise.
* NEWS: Mention the improvement.
Fixes https://github.com/coreutils/coreutils/issues/163
|
|
|
|
* tests/cksum/cksum-c.sh: Add a test case where the file name
contains tagged format delimiter characters.
|
|
* src/digest.c (split_3): Fallback to untagged matching in the
case where -a is specified and we have matched a TAG in
the possibly base64 data. This might happen in 1 in every 64K files.
Note we remove the modification of string S (and redundant streq) in
the tag matching, as that was not needed since v8.32-223-g217cd278e.
* tests/cksum/cksum-c.sh: Add a test case.
* NEWS: Mention the bug fix.
|
|
* src/digest.c (sha2_sum_stream): Change from unreachable()
to affirm() so that we have defined behavior unless
we configure with --disable-assert.
(sha3_sum_stream): Likewise.
(split_3): Validate SHA2-lengths before passing on.
* tests/cksum/cksum-c.sh: Add a test case.
* NEWS: Mention the bug fix.
|
|
* src/digest.c (split_3): Look up the provided tag with -a sha2
because there is not a 1:1 mapping between them.
* tests/cksum/cksum-c.sh: Add a test case.
* NEWS: Mention the bug fix.
|
|
* NEWS: Mention the bug.
* src/digest.c (split_3): Check that the base64 digest matches the
length supported by the algorithm.
(digest_check): Check that the read digest matches the base64 length of
the algorithm's digest. The previous condition would not work for
'cksum -a blake2b -l 8 ...'.
* tests/cksum/cksum-base64-untagged.sh: New file.
* tests/local.mk (all_tests): Add the new test.
|
|
|
|
This is useful to give better test coverage at least,
and may be useful for users to tune their environment.
* bootstrap.conf: Reference the cpu-supports gnulib module.
* src/cksum.c: Use cpu_supports() rather than __builtin_cpu_supports().
* src/wc.c: Likewise.
* tests/cksum/cksum.sh: Adjust to testing all implementations.
* tests/wc/wc-cpu.sh: A new test to do likewise.
* tests/local.mk: Reference the new wc test.
|
|
* tests/cksum/cksum-raw.sh: Adjust to non legacy naming,
and also check various length variations.
* tests/misc/read-errors.sh: Likewise.
|
|
To make the interface more concise and consistent,
while being backwards compatible.
* src/digest.c (main): Continue to support -a "sha###" but
also support -a "sha2" and treat it like "sha3", except in...
(output_file): ... maintain the legacy tags for better compatability.
* doc/coreutils.texi (cksum invocation): Document the -a sha2 option.
* tests/cksum/cksum-base64.pl: Adjust as per modified --help.
* tests/cksum/cksum-c.sh: Add new supported SHA2-### tagged variant.
* NEWS: Mention the new feature.
|
|
* src/digest.c: Include sha3.h.
(BLAKE2B_MAX_LEN): Rename to
DIGEST_MAX_LEN since it is also used for SHA-3.
(sha3_sum_stream): New function.
(enum Algorithm, algorithm_args, algorithm_args, algorithm_types)
algorithm_tags, algorithm_bits, cksumfns, cksum_output_fns): Add entries
for SHA-3.
(usage): Mention that SHA-3 is supported. Mention requirements for
--length with SHA-3.
(split_3): Use DIGEST_MAX_LEN instead of BLAKE2B_MAX_LEN. Determine the
length of the digest for SHA-3. Make sure it is 224, 256, 384, or 512.
(digest_file): Set the digest length in bytes. Use DIGEST_MAX_LEN
instead of BLAKE2B_MAX_LEN. Always append the digest length to SHA3 in
the output.
(main): Allow the use of --length with 'cksum -a sha3'. Use
DIGEST_MAX_LEN instead of BLAKE2B_MAX_LEN. Make sure it is 224, 256,
384, or 512.
* tests/cksum/cksum-base64.pl (@pairs): Add expected sha3 output.
(fmt): Modify the output to use SHA3-512 since that is the default.
(@Tests): Modify arguments for sha3 to use --length=512.
* tests/cksum/cksum-sha3.sh: New test, based on tests/cksum/b2sum.sh.
* tests/local.mk (all_tests): Add the test.
* bootstrap.conf: Add crypto/sha3.
* gnulib: Update to latest commit.
* NEWS: Mention the change.
* doc/coreutils.texi (cksum general options): Mention sha3 as a
supported argument to the -a option. Mention that 'cksum -a sha3'
supports the --length option. Mention that SHA-3 is considered secure.
|
|
* src/digest.c (main): Don't saturate -l to BLAKE2B_MAX_LEN,
so that the subsequent bounds check is performed.
* tests/cksum/b2sum.sh: Add a test case.
* NEWS: Mention the fix introduced in commit v9.5-71-gf2c84fe63
|
|
This was seen to trigger the EXIT trap on cygwin
* cfg.mk (sc_prohibit_colon_redirection): Disallow all
cases of :> in tests/
* tests/cksum/md5sum-bsd.sh: Adjust to avoid more
stringent syntax check.
|
|
* tests/cksum/md5sum-bsd.sh: Use 'echo' instead of ':' to redirect to
the file. Otherwise 'Exit $fail' is not called on Cygwin.
|
|
* tests/cksum/cksum.sh: Don’t output confusing diagnostic.
Problem reported by Alyssa Ross (Bug#76360).
|
|
Update to latest gnulib with new copyright year.
Run "make update-copyright" and then...
* gnulib: Update included in this commit as copyright years
are the only change from the previous gnulib commit.
* tests/init.sh: Sync with gnulib to pick up copyright year.
* bootstrap: Likewise.
* tests/sample-test: Adjust to use the single most recent year.
|
|
$ echo -n '123456789' | cksum --raw -a crc32b | basenc --base16
CBF43926
* bootstrap.conf: Explicitly depend on the crc module.
* doc/coreutils.texi (cksum): Add "crc32b" as an argument to -a.
* src/cksum.c (crc32b_sum_stream): A new function similar to
crc_sum_stream, but which does not include the length in
the CRC calculation.
* src/cksum.h: Add crc32b_sum_stream prototype.
* src/digest.c: Add "crc32b" as an argument to -a.
* tests/cksum/cksum.sh: Refactor to test both crc and crc32b.
* tests/cksum/cksum-a.sh: Add "crc32b" case.
* tests/cksum/cksum-base64.pl: Likewise.
* tests/misc/read-errors.sh: Likewise.
* NEWS: Mention the new feature.
|
|
* tests/cksum/cksum-c.sh: Add a test case with a comment.
|
|
* tests/cksum/cksum-c.sh: Remove improper use of `grep -v`.
|
|
* tests/cksum/cksum-c.sh: Add test cases when several files with errors
|
|
* tests/cksum/cksum-c.sh: Add test cases for these option combinations.
|
|
* tests/cksum/cksum-c.sh: Add test cases.
|
|
* tests/cksum/cksum-a.sh: Add a test case.
|
|
* src/digest.c (main): If --binary was enabled with a previous --tag,
then reset the binary mode to auto select if --untagged then specified.
* tests/cksum/cksum-a.sh: Add a test case.
|
|
* src/digest.c (main): Only validate the last used --length
for being a multiple of 8.
* tests/cksum/b2sum.sh: Add a test case.
Fixes https://bugs.gnu.org/69546
|
|
Update to latest gnulib with new copyright year.
Run "make update-copyright" and then...
* gnulib: Update included in this commit as copyright years
are the only change from the previous gnulib commit.
* tests/init.sh: Sync with gnulib to pick up copyright year.
* bootstrap: Manually update copyright year,
until we fully sync with gnulib at a later stage.
* tests/sample-test: Adjust to use the single most recent year.
|
|
* tests/cksum/md5sum-bsd.sh: Avoid part of test dealing with backslashes
in file names, on systems where backslash is a directory separator.
Issue reported by Bruno Haible on cygwin.
|
|
Following commit v9.3-80-g5e1e0993b which makes cksum
match the output of the standalone utilities...
* doc/coreutils.texi (cksum output modes): Remove the mention
that cksum never outputs a binary indicator, as that's no longer the
case.
* tests/cksum/b2sum.sh: Avoid outputting a binary indicator.
* tests/cksum/sm3sum.pl: Likewise.
|
|
* src/digest.c (digest_check): Also escape in the case that the
file name contains '\'.
* tests/cksum/md5sum-bsd.sh: Add a test case.
* doc/coreutils.texi (md5um invocation): Clarify escaping operation.
* NEWS: Mention the bug fix.
Fixes https://bugs.gnu.org/64392
|
|
Support -b, --binary, and -t, --text
to allow full emulation of older utilities with:
exec cksum -a $algo --untagged "$@"
Note this would diverge from OpenBSD's support of cksum -b.
* src/digest.c: Change -b to mean --binary, not --base64 in all cases.
Accept -b and -t in all cases. Keep --binary and --text undocumented
for cksum.
* tests/cksum/cksum-base64.pl: s/-b/--base64/.
* tests/cksum/cksum-a.sh: Ensure cksum supports -b and -t appropriately.
* NEWS: Mention the change in behavior.
|
|
* src/digest.c (split_3): Reinstate the check for whitespace after the
digest portion of the line, so that we exit early before inspecting
the file name which would be outside the passed buffer in the case
where the input does not contain a newline.
* tests/cksum/b2sum.sh: Add a test case.
* NEWS: Mention the bug fix.
* THANKS.in: Add Frank Busse who has reported multiple bugs using KLEE.
Fixes https://bugs.gnu.org/64229
|
|
* cfg.mk: Adjust syntax check exclusion paths.
* tests/local.mk: Adjust for renamed tests.
|
