From 7f0b19cee69eb53b0e2ddffb6803bb4140caf5d4 Mon Sep 17 00:00:00 2001 From: jay Date: Mon, 4 Jun 2007 11:06:20 +0000 Subject: [PATCH] Added test case for long shared prefixes (long enough to need a word-sized value to be read from the database) in the locate database --- ChangeLog | 24 ++++++ locate/testsuite/Makefile.am | 4 +- locate/testsuite/locate.gnu/old_prefix.exp | 13 +++ locate/testsuite/locate.gnu/old_prefix.xo | 5 ++ locate/word_io.c | 132 +++++++++++++++++++++++++++++ 5 files changed, 177 insertions(+), 1 deletion(-) create mode 100644 locate/testsuite/locate.gnu/old_prefix.exp create mode 100644 locate/testsuite/locate.gnu/old_prefix.xo create mode 100644 locate/word_io.c diff --git a/ChangeLog b/ChangeLog index 227e0d3..77f7ea2 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,29 @@ +2007-06-04 James Youngman + + * locate/testsuite/Makefile.am (EXTRA_DIST_XO, EXTRA_DIST_EXP): + Added old_prefix.exp and old_prefix.xo, a new test case for long + shared rpefixes with the old database format. + + * locate/locate.c (visit_old_format): Use getword() from word_io.c + instead of getw(), because getw() is not in POSIX. + * locate/word_io.c: New file, providing replacement for getw(). + * locate/locatedb.h: Declare getword() + * locate/Makefile.am (locate_SOURCES): Added word_io.c + + * locate/testsuite/config/unix.exp (locate_start): Make the + filaure moessages slightly more explicit; indicate what went wrong + when a test fails. + 2007-06-03 James Youngman + * locate/locate.c (visit_old_format, extend, toolong): Extend the + buffer used to build the current pathname when reading an + old-format database. The new function extend is called to do + this. The new function toolong is called to report a fatal error + when the buffer size would otherwise exceed SIZE_MAX. This fixes + Savannah bug #20014, which is a security-related problem with the + CVE identifier CVE-2007-2452. + * configure.in: Determine if the setgroups function is available, and set HAVE_SETGROUPS if so. * locate/locate.c (drop_privs): Call setgroups() only if diff --git a/locate/testsuite/Makefile.am b/locate/testsuite/Makefile.am index 9cb81d0..885ca0b 100644 --- a/locate/testsuite/Makefile.am +++ b/locate/testsuite/Makefile.am @@ -18,6 +18,7 @@ locate.gnu/exists3.exp \ locate.gnu/notexists1.exp \ locate.gnu/notexists2.exp \ locate.gnu/notexists3.exp \ +locate.gnu/old_prefix.exp \ locate.gnu/space1st.exp \ locate.gnu/sv-bug-14535.exp \ locate.gnu/exceedshort.exp @@ -31,7 +32,8 @@ locate.gnu/exists2.xo \ locate.gnu/exists3.xo \ locate.gnu/notexists1.xo \ locate.gnu/notexists2.xo \ -locate.gnu/notexists3.xo +locate.gnu/notexists3.xo \ +locate.gnu/old_prefix.xo EXTRA_DIST = $(EXTRA_DIST_EXP) $(EXTRA_DIST_XO) diff --git a/locate/testsuite/locate.gnu/old_prefix.exp b/locate/testsuite/locate.gnu/old_prefix.exp new file mode 100644 index 0000000..e21cc61 --- /dev/null +++ b/locate/testsuite/locate.gnu/old_prefix.exp @@ -0,0 +1,13 @@ +set tmp "tmp" +exec rm -rf $tmp +exec mkdir $tmp +exec mkdir $tmp/subdir +exec touch $tmp/subdir/________________________________________________________________________________fred1 +exec touch $tmp/subdir/________________________________________________________________________________fred2 +exec touch $tmp/subdir/________________________________________________________________________________fred3 +exec touch $tmp/subdir/________________________________________________________________________________fred4 + +locate_start p "--changecwd=. --output=$tmp/locatedb --old-format --localpaths=tmp/subdir 2>/dev/null" "--database=$tmp/locatedb tmp" {} + + +exec rm -rf $tmp diff --git a/locate/testsuite/locate.gnu/old_prefix.xo b/locate/testsuite/locate.gnu/old_prefix.xo new file mode 100644 index 0000000..909b8e7 --- /dev/null +++ b/locate/testsuite/locate.gnu/old_prefix.xo @@ -0,0 +1,5 @@ +tmp/subdir +tmp/subdir/________________________________________________________________________________fred1 +tmp/subdir/________________________________________________________________________________fred2 +tmp/subdir/________________________________________________________________________________fred3 +tmp/subdir/________________________________________________________________________________fred4 diff --git a/locate/word_io.c b/locate/word_io.c new file mode 100644 index 0000000..ea931da --- /dev/null +++ b/locate/word_io.c @@ -0,0 +1,132 @@ +/* word_io.c -- word oriented I/O + Copyright (C) 2007 Free Software Foundation, Inc. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2, or (at your option) + any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, + USA. +*/ + +#include +#include + +#include "quote.h" +#include "quotearg.h" +#include "locatedb.h" + +#if ENABLE_NLS +# include +# define _(Text) gettext (Text) +#else +# define _(Text) Text +#define textdomain(Domain) +#define bindtextdomain(Package, Directory) +#endif +#ifdef gettext_noop +# define N_(String) gettext_noop (String) +#else +/* We used to use (String) instead of just String, but apparently ISO C + * doesn't allow this (at least, that's what HP said when someone reported + * this as a compiler bug). This is HP case number 1205608192. See + * also http://gcc.gnu.org/bugzilla/show_bug.cgi?id=11250 (which references + * ANSI 3.5.7p14-15). The Intel icc compiler also rejects constructs + * like: static const char buf[] = ("string"); + */ +# define N_(String) String +#endif + + +/* Swap bytes in 32 bit value. This code is taken from glibc-2.3.3. */ +#define bswap_32(x) \ + ((((x) & 0xff000000) >> 24) | (((x) & 0x00ff0000) >> 8) | \ + (((x) & 0x0000ff00) << 8) | (((x) & 0x000000ff) << 24)) + +static int +decode_value(const unsigned char data[], + int limit, + int *endian_state_flag, + const char *filename) +{ + int val; + + if (*endian_state_flag = GetwordEndianStateInitial) + { + int testflag = GetwordEndianStateNative; + + val = decode_value(data, limit, &testflag, filename); + if (val <= limit) + { + return val; + } + else + { + testflag = GetwordEndianStateSwab; + val = decode_value(data, limit, &testflag, filename); + if (val <= limit) + { + /* Aha, now we know we have to byte-swap. */ + error(0, 0, + _("Warning: locate database %s was built with a different byte order"), + quotearg_n_style(0, locale_quoting_style, filename)); + *endian_state_flag = testflag; + return val; + } + else + { + return val; + } + } + } + else + { + val = *(int*)data; + if (*endian_state_flag == GetwordEndianStateSwab) + return bswap_32(val); + else + return val; + } +} + + + +int +getword (FILE *fp, + const char *filename, + size_t minvalue, + size_t maxvalue, + int *endian_state_flag) +{ + enum { WORDBYTES=4 }; + unsigned char data[4]; + size_t bytes_read; + + clearerr(fp); + bytes_read = fread(data, WORDBYTES, 1, fp); + if (bytes_read != 1) + { + const char * quoted_name = quotearg_n_style(0, locale_quoting_style, + filename); + /* Distinguish between a truncated database and an I/O error. + * Either condition is fatal. + */ + if (feof(fp)) + error(1, 0, _("Unexpected EOF in %s"), quoted_name); + else + error(1, errno, "error reading a word from %s", quoted_name); + } + else + { + return decode_value(data, maxvalue, endian_state_flag, filename); + } +} + -- 2.11.4.GIT