From debbugs-submit-bounces@debbugs.gnu.org Fri Jun 22 10:34:50 2018 Received: (at submit) by debbugs.gnu.org; 22 Jun 2018 14:34:50 +0000 Received: from localhost ([127.0.0.1]:60433 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1fWN9G-00030C-As for submit@debbugs.gnu.org; Fri, 22 Jun 2018 10:34:50 -0400 Received: from eggs.gnu.org ([208.118.235.92]:41548) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1fWFtc-0002kL-En for submit@debbugs.gnu.org; Fri, 22 Jun 2018 02:50:13 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1fWFtV-00040Q-N2 for submit@debbugs.gnu.org; Fri, 22 Jun 2018 02:50:07 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: *** X-Spam-Status: No, score=3.3 required=5.0 tests=BAYES_50,FREEMAIL_FROM, HTML_MESSAGE,MIME_CHARSET_FARAWAY,T_DKIM_INVALID autolearn=disabled version=3.3.2 Received: from lists.gnu.org ([2001:4830:134:3::11]:40499) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1fWFtV-00040E-EB for submit@debbugs.gnu.org; Fri, 22 Jun 2018 02:50:05 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:60748) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fWFtT-0005E6-2R for bug-diffutils@gnu.org; Fri, 22 Jun 2018 02:50:05 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1fWFtR-0003ya-8a for bug-diffutils@gnu.org; Fri, 22 Jun 2018 02:50:03 -0400 Received: from mail-it0-x231.google.com ([2607:f8b0:4001:c0b::231]:37205) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1fWFtQ-0003yG-Sh for bug-diffutils@gnu.org; Fri, 22 Jun 2018 02:50:01 -0400 Received: by mail-it0-x231.google.com with SMTP id l6-v6so1519875iti.2 for ; Thu, 21 Jun 2018 23:50:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=XOC9aB8Yvv7wDjG/OSbQnpGreNP/WfDmSJweFSwXrxk=; b=LlT/OU19vUms6QA8wUpcSXfBK6DEK1EKGuu8MhX5uD+/xvWHMu6hSUolMfsGk9NgtV PUcRAzmygbLijYrJrh87qIC5QzP1K8jjgiYJDijTWrwxSHdyc9rWaeSUSMEBhibMeeal ervVx2ny9JPpXV1pXljcVuouZmtVWzlwSLe3V7kbtPD369lIc412FOWRja84SIBsTKrm ltH/7nndK3UWQHNI1gDNcvSO3QAdIBwW58rzDEwARNbSGi70M6e7P0cdmFujNzYInHlS /om8sStbXiw5DAUjNMSJcV3bvMzG+vepedprINQR7x/CJ9Kqsh2+Y26PplN10y3RfP4b 3emw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=XOC9aB8Yvv7wDjG/OSbQnpGreNP/WfDmSJweFSwXrxk=; b=EXQgaDKxcWSWLZdk3YeJUAx3xrh6IrwzzsDKrrBZTMIhIFBP95Xt0mt9L3mMoD/89Q T1bcQO7WUOb2IPFL4yswzX6+/JCtjji44KRzkHnlDCTRs4dxkdXZyedyzl3QLXzTbAmZ 1adojybtat2m/SSqq6jp7LlvGejj0tOOOWoLnXdkPNMIjGyL+U4GER4I5enJCFSTfTuk djdux4+/T1tEqKvlEjlt+aeZA/UBhJBQ2tq48PouwmrmzFljs/0S1DPPlQKkb+835sRO rZLrySbc0/8nSzg9bY8oIChe3BkcsR+JcrXBc6WC4a5DDrJuw/swQG/gmGhoOwZO/Piw PesA== X-Gm-Message-State: APt69E14KNBFR1E5VQqfs7+Dxu4BaVcXuIPEHCT+3S0K6wyeFNcTbxrx 6T5oDCTBs0P1c/6F5awfhzJzKDaaIskMuQcnyNqrdQ== X-Google-Smtp-Source: ADUXVKLqnstOxNwcqexYA7sVd7AZf3FbHjUaQ5aD/nvtfloeeJWfHzz1ARuw4bulnnRb1vZmmkK+1VCwMEpUHk5hJnM= X-Received: by 2002:a02:1d5:: with SMTP id 82-v6mr288226jak.127.1529650199531; Thu, 21 Jun 2018 23:49:59 -0700 (PDT) MIME-Version: 1.0 From: Hongxu Chen Date: Fri, 22 Jun 2018 14:49:47 +0800 Message-ID: Subject: 2 crashes in diffutills commit version 576645c To: bug-diffutils@gnu.org Content-Type: multipart/mixed; boundary="000000000000c63d02056f357040" X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x X-Received-From: 2001:4830:134:3::11 X-Spam-Score: -4.0 (----) X-Debbugs-Envelope-To: submit X-Mailman-Approved-At: Fri, 22 Jun 2018 10:34:48 -0400 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -5.0 (-----) --000000000000c63d02056f357040 Content-Type: multipart/alternative; boundary="000000000000c63cfe056f35703e" --000000000000c63cfe056f35703e Content-Type: text/plain; charset="UTF-8" Hello, We found with our fuzzer 2 crashes on diffutils version 576645c: one is a heap-buffer-overflow at util.c:1249, another is an invalid read resulting from `output_1_line' at util.c:1274. The executing command is: `./diff -a --strip-trailing-cr $file add.wasm` where $file is the poc file (I attached them as *.input.txt); "add.wasm" is also attached however it seems that content of the comparison file is not important. The Address Sanitizer outputs (attached as "*.err.SIG06") are: ================================================================= ==8310==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6210000000ff at pc 0x00000055108a bp 0x7ffdc5af8650 sp 0x7ffdc5af8648 READ of size 1 at 0x6210000000ff thread T0 #0 0x551089 in print_1_line_nl /home/hongxu/FOT/diffutils-fuzz/src/util.c:1249:44 #1 0x544366 in print_normal_hunk /home/hongxu/FOT/diffutils-fuzz/src/normal.c:66:11 #2 0x550883 in print_script /home/hongxu/FOT/diffutils-fuzz/src/util.c:1195:7 #3 0x51351f in diff_2_files /home/hongxu/FOT/diffutils-fuzz/src/analyze.c:665:5 #4 0x5297a7 in compare_files /home/hongxu/FOT/diffutils-fuzz/src/diff.c:1434:11 #5 0x52546a in main /home/hongxu/FOT/diffutils-fuzz/src/diff.c:800:18 #6 0x7f7a0e14fb96 in __libc_start_main /build/glibc-OTsEL5/glibc-2.27/csu/../csu/libc-start.c:310 #7 0x41d709 in _start (/home/hongxu/FOT/diffutils-fuzz/install/bin/diff+0x41d709) 0x6210000000ff is located 1 bytes to the left of 4096-byte region [0x621000000100,0x621000001100) allocated by thread T0 here: #0 0x4d2d60 in malloc (/home/hongxu/FOT/diffutils-fuzz/install/bin/diff+0x4d2d60) #1 0x583120 in xmalloc /home/hongxu/FOT/diffutils-fuzz/lib/xmalloc.c:41:13 SUMMARY: AddressSanitizer: heap-buffer-overflow /home/hongxu/FOT/diffutils-fuzz/src/util.c:1249:44 in print_1_line_nl Shadow bytes around the buggy address: 0x0c427fff7fc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c427fff7fd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c427fff7fe0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c427fff7ff0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c427fff8000: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa =>0x0c427fff8010: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa[fa] 0x0c427fff8020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c427fff8030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c427fff8040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c427fff8050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c427fff8060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb ==8310==ABORTING and: ASAN:DEADLYSIGNAL ================================================================= ==8313==ERROR: AddressSanitizer: SEGV on unknown address 0x6210000100d4 (pc 0x7f367ca57c40 bp 0x000000000400 sp 0x7ffeebd7e358 T0) ==8313==The signal is caused by a READ memory access. #0 0x7f367ca57c3f /build/glibc-OTsEL5/glibc-2.27/string/../sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S:370 #1 0x7f367c954993 in _IO_file_xsputn /build/glibc-OTsEL5/glibc-2.27/libio/fileops.c:1258 #2 0x7f367c95351f in fwrite_unlocked /build/glibc-OTsEL5/glibc-2.27/libio/iofwrite_u.c:43 #3 0x551dc4 in output_1_line /home/hongxu/FOT/diffutils-fuzz/src/util.c:1274:28 #4 0x550d24 in print_1_line_nl /home/hongxu/FOT/diffutils-fuzz/src/util.c:1249:3 #5 0x544366 in print_normal_hunk /home/hongxu/FOT/diffutils-fuzz/src/normal.c:66:11 #6 0x550883 in print_script /home/hongxu/FOT/diffutils-fuzz/src/util.c:1195:7 #7 0x51351f in diff_2_files /home/hongxu/FOT/diffutils-fuzz/src/analyze.c:665:5 #8 0x5297a7 in compare_files /home/hongxu/FOT/diffutils-fuzz/src/diff.c:1434:11 #9 0x52546a in main /home/hongxu/FOT/diffutils-fuzz/src/diff.c:800:18 #10 0x7f367c8eab96 in __libc_start_main /build/glibc-OTsEL5/glibc-2.27/csu/../csu/libc-start.c:310 #11 0x41d709 in _start (/home/hongxu/FOT/diffutils-fuzz/install/bin/diff+0x41d709) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV /build/glibc-OTsEL5/glibc-2.27/string/../sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S:370 ==8313==ABORTING glibc version is 2.27 and it's a Ubuntu 18.04 LTS (Linux C10 4.15.0-20-generic #21-Ubuntu SMP Tue Apr 24 06:16:15 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux) machine. Best Regards, Hongxu --000000000000c63cfe056f35703e Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hello,

=C2=A0=C2=A0=C2=A0 We= found with our fuzzer 2 crashes on diffutils version 576645c: one is a hea= p-buffer-overflow at util.c:1249, another is an invalid read resulting from= `output_1_line' at util.c:1274.
=C2=A0=C2=A0=C2=A0 The e= xecuting command is: `./diff -a --strip-trailing-cr $file add.wasm` where $= file is the poc file (I attached them as=C2=A0 *.input.txt); "add.wasm= " is also attached however it seems that content of the comparison fil= e is not important.

=C2=A0=C2=A0=C2=A0 The Address= Sanitizer outputs (attached as "*.err.SIG06") are:
=C2=A0=C2=A0=C2=A0 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D
=3D=3D8310=3D=3DERROR: AddressSanitizer: heap-buffer-overflow on add= ress 0x6210000000ff at pc 0x00000055108a bp 0x7ffdc5af8650 sp 0x7ffdc5af864= 8
READ of size 1 at 0x6210000000ff thread T0
=C2=A0=C2=A0=C2=A0 #0 0x= 551089 in print_1_line_nl /home/hongxu/FOT/diffutils-fuzz/src/util.c:1249:4= 4
=C2=A0=C2=A0=C2=A0 #1 0x544366 in print_normal_hunk /home/hongxu/FOT/d= iffutils-fuzz/src/normal.c:66:11
=C2=A0=C2=A0=C2=A0 #2 0x550883 in print= _script /home/hongxu/FOT/diffutils-fuzz/src/util.c:1195:7
=C2=A0=C2=A0= =C2=A0 #3 0x51351f in diff_2_files /home/hongxu/FOT/diffutils-fuzz/src/anal= yze.c:665:5
=C2=A0=C2=A0=C2=A0 #4 0x5297a7 in compare_files /home/hongxu= /FOT/diffutils-fuzz/src/diff.c:1434:11
=C2=A0=C2=A0=C2=A0 #5 0x52546a in= main /home/hongxu/FOT/diffutils-fuzz/src/diff.c:800:18
=C2=A0=C2=A0=C2= =A0 #6 0x7f7a0e14fb96 in __libc_start_main /build/glibc-OTsEL5/glibc-2.27/c= su/../csu/libc-start.c:310
=C2=A0=C2=A0=C2=A0 #7 0x41d709 in _start (/ho= me/hongxu/FOT/diffutils-fuzz/install/bin/diff+0x41d709)

0x6210000000= ff is located 1 bytes to the left of 4096-byte region [0x621000000100,0x621= 000001100)
allocated by thread T0 here:
=C2=A0=C2=A0=C2=A0 #0 0x4d2d6= 0 in malloc (/home/hongxu/FOT/diffutils-fuzz/install/bin/diff+0x4d2d60)
= =C2=A0=C2=A0=C2=A0 #1 0x583120 in xmalloc /home/hongxu/FOT/diffutils-fuzz/l= ib/xmalloc.c:41:13

SUMMARY: AddressSanitizer: heap-buffer-overflow /= home/hongxu/FOT/diffutils-fuzz/src/util.c:1249:44 in print_1_line_nl
Sha= dow bytes around the buggy address:
=C2=A0 0x0c427fff7fc0: 00 00 00 00 0= 0 00 00 00 00 00 00 00 00 00 00 00
=C2=A0 0x0c427fff7fd0: 00 00 00 00 00= 00 00 00 00 00 00 00 00 00 00 00
=C2=A0 0x0c427fff7fe0: 00 00 00 00 00 = 00 00 00 00 00 00 00 00 00 00 00
=C2=A0 0x0c427fff7ff0: 00 00 00 00 00 0= 0 00 00 00 00 00 00 00 00 00 00
=C2=A0 0x0c427fff8000: fa fa fa fa fa fa= fa fa fa fa fa fa fa fa fa fa
=3D>0x0c427fff8010: fa fa fa fa fa fa = fa fa fa fa fa fa fa fa fa[fa]
=C2=A0 0x0c427fff8020: 00 00 00 00 00 00 = 00 00 00 00 00 00 00 00 00 00
=C2=A0 0x0c427fff8030: 00 00 00 00 00 00 0= 0 00 00 00 00 00 00 00 00 00
=C2=A0 0x0c427fff8040: 00 00 00 00 00 00 00= 00 00 00 00 00 00 00 00 00
=C2=A0 0x0c427fff8050: 00 00 00 00 00 00 00 = 00 00 00 00 00 00 00 00 00
=C2=A0 0x0c427fff8060: 00 00 00 00 00 00 00 0= 0 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents= 8 application bytes):
=C2=A0 Addressable:=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 00
=C2=A0 Partially addressable: 01 02 03= 04 05 06 07
=C2=A0 Heap left redzone:=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0 fa
=C2=A0 Freed heap region:=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 fd<= br>=C2=A0 Stack left redzone:=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 f1
=C2=A0 St= ack mid redzone:=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 f2
=C2=A0 Stack rig= ht redzone:=C2=A0=C2=A0=C2=A0=C2=A0 f3
=C2=A0 Stack after return:=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0 f5
=C2=A0 Stack use after scope:=C2=A0=C2=A0 f8=
=C2=A0 Global redzone:=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0 f9
=C2=A0 Global init order:=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 = f6
=C2=A0 Poisoned by user:=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 f7=
=C2=A0 Container overflow:=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 fc
=C2=A0 A= rray cookie:=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0 ac
=C2=A0 Intra object redzone:=C2=A0=C2=A0=C2=A0 bb
=C2=A0 ASan = internal:=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 fe=C2=A0 Left alloca redzone:=C2=A0=C2=A0=C2=A0=C2=A0 ca
=C2=A0 Right all= oca redzone:=C2=A0=C2=A0=C2=A0 cb
=3D=3D8310=3D=3DABORTING
and:

ASAN:DEADLYSIGNAL
=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
=3D=3D8313=3D=3DERROR: AddressSanitize= r: SEGV on unknown address 0x6210000100d4 (pc 0x7f367ca57c40 bp 0x000000000= 400 sp 0x7ffeebd7e358 T0)
=3D=3D8313=3D=3DThe signal is caused by a READ= memory access.
=C2=A0=C2=A0=C2=A0 #0 0x7f367ca57c3f=C2=A0 /build/glibc-= OTsEL5/glibc-2.27/string/../sysdeps/x86_64/multiarch/memmove-vec-unaligned-= erms.S:370
=C2=A0=C2=A0=C2=A0 #1 0x7f367c954993 in _IO_file_xsputn /buil= d/glibc-OTsEL5/glibc-2.27/libio/fileops.c:1258
=C2=A0=C2=A0=C2=A0 #2 0x7= f367c95351f in fwrite_unlocked /build/glibc-OTsEL5/glibc-2.27/libio/iofwrit= e_u.c:43
=C2=A0=C2=A0=C2=A0 #3 0x551dc4 in output_1_line /home/hongxu/FO= T/diffutils-fuzz/src/util.c:1274:28
=C2=A0=C2=A0=C2=A0 #4 0x550d24 in pr= int_1_line_nl /home/hongxu/FOT/diffutils-fuzz/src/util.c:1249:3
=C2=A0= =C2=A0=C2=A0 #5 0x544366 in print_normal_hunk /home/hongxu/FOT/diffutils-fu= zz/src/normal.c:66:11
=C2=A0=C2=A0=C2=A0 #6 0x550883 in print_script /ho= me/hongxu/FOT/diffutils-fuzz/src/util.c:1195:7
=C2=A0=C2=A0=C2=A0 #7 0x5= 1351f in diff_2_files /home/hongxu/FOT/diffutils-fuzz/src/analyze.c:665:5=C2=A0=C2=A0=C2=A0 #8 0x5297a7 in compare_files /home/hongxu/FOT/diffutil= s-fuzz/src/diff.c:1434:11
=C2=A0=C2=A0=C2=A0 #9 0x52546a in main /home/h= ongxu/FOT/diffutils-fuzz/src/diff.c:800:18
=C2=A0=C2=A0=C2=A0 #10 0x7f36= 7c8eab96 in __libc_start_main /build/glibc-OTsEL5/glibc-2.27/csu/../csu/lib= c-start.c:310
=C2=A0=C2=A0=C2=A0 #11 0x41d709 in _start (/home/hongxu/FO= T/diffutils-fuzz/install/bin/diff+0x41d709)

AddressSanitizer can not= provide additional info.
SUMMARY: AddressSanitizer: SEGV /build/glibc-O= TsEL5/glibc-2.27/string/../sysdeps/x86_64/multiarch/memmove-vec-unaligned-e= rms.S:370
=3D=3D8313=3D=3DABORTING

glibc versi= on is 2.27 and it's a Ubuntu 18.04 LTS (Linux C10 4.15.0-20-generic #21= -Ubuntu SMP Tue Apr 24 06:16:15 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux) ma= chine.


Best Reg= ards,
= Hongxu
=
--000000000000c63cfe056f35703e-- --000000000000c63d02056f357040 Content-Type: text/plain; charset="US-ASCII"; name="hbo_util.c:1249_1.input.txt" Content-Disposition: attachment; filename="hbo_util.c:1249_1.input.txt" Content-Transfer-Encoding: base64 Content-ID: X-Attachment-Id: f_jiplur571 DQ== --000000000000c63d02056f357040 Content-Type: text/plain; charset="US-ASCII"; name="hbo_util.c:1249_2.input.txt" Content-Disposition: attachment; filename="hbo_util.c:1249_2.input.txt" Content-Transfer-Encoding: base64 Content-ID: X-Attachment-Id: f_jiplur5s3 DQ== --000000000000c63d02056f357040 Content-Type: application/octet-stream; name="hbo_util.c:1249_2.err.SIG06" Content-Disposition: attachment; filename="hbo_util.c:1249_2.err.SIG06" Content-Transfer-Encoding: base64 Content-ID: X-Attachment-Id: f_jiplur5j2 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT0KPT04MzExPT1FUlJPUjogQWRkcmVzc1Nhbml0aXplcjogaGVhcC1idWZmZXItb3Zl cmZsb3cgb24gYWRkcmVzcyAweDYyMTAwMDAwMDBmZiBhdCBwYyAweDAwMDAwMDU1MTA4YSBicCAw eDdmZmVhYjIxOGI3MCBzcCAweDdmZmVhYjIxOGI2OApSRUFEIG9mIHNpemUgMSBhdCAweDYyMTAw MDAwMDBmZiB0aHJlYWQgVDAKICAgICMwIDB4NTUxMDg5IGluIHByaW50XzFfbGluZV9ubCAvaG9t ZS9ob25neHUvRk9UL2RpZmZ1dGlscy1mdXp6L3NyYy91dGlsLmM6MTI0OTo0NAogICAgIzEgMHg1 NDQzNjYgaW4gcHJpbnRfbm9ybWFsX2h1bmsgL2hvbWUvaG9uZ3h1L0ZPVC9kaWZmdXRpbHMtZnV6 ei9zcmMvbm9ybWFsLmM6NjY6MTEKICAgICMyIDB4NTUwODgzIGluIHByaW50X3NjcmlwdCAvaG9t ZS9ob25neHUvRk9UL2RpZmZ1dGlscy1mdXp6L3NyYy91dGlsLmM6MTE5NTo3CiAgICAjMyAweDUx MzUxZiBpbiBkaWZmXzJfZmlsZXMgL2hvbWUvaG9uZ3h1L0ZPVC9kaWZmdXRpbHMtZnV6ei9zcmMv YW5hbHl6ZS5jOjY2NTo1CiAgICAjNCAweDUyOTdhNyBpbiBjb21wYXJlX2ZpbGVzIC9ob21lL2hv bmd4dS9GT1QvZGlmZnV0aWxzLWZ1enovc3JjL2RpZmYuYzoxNDM0OjExCiAgICAjNSAweDUyNTQ2 YSBpbiBtYWluIC9ob21lL2hvbmd4dS9GT1QvZGlmZnV0aWxzLWZ1enovc3JjL2RpZmYuYzo4MDA6 MTgKICAgICM2IDB4N2ZlOWM5OTkxYjk2IGluIF9fbGliY19zdGFydF9tYWluIC9idWlsZC9nbGli Yy1PVHNFTDUvZ2xpYmMtMi4yNy9jc3UvLi4vY3N1L2xpYmMtc3RhcnQuYzozMTAKICAgICM3IDB4 NDFkNzA5IGluIF9zdGFydCAoL2hvbWUvaG9uZ3h1L0ZPVC9kaWZmdXRpbHMtZnV6ei9pbnN0YWxs L2Jpbi9kaWZmKzB4NDFkNzA5KQoKMHg2MjEwMDAwMDAwZmYgaXMgbG9jYXRlZCAxIGJ5dGVzIHRv IHRoZSBsZWZ0IG9mIDQwOTYtYnl0ZSByZWdpb24gWzB4NjIxMDAwMDAwMTAwLDB4NjIxMDAwMDAx MTAwKQphbGxvY2F0ZWQgYnkgdGhyZWFkIFQwIGhlcmU6CiAgICAjMCAweDRkMmQ2MCBpbiBtYWxs b2MgKC9ob21lL2hvbmd4dS9GT1QvZGlmZnV0aWxzLWZ1enovaW5zdGFsbC9iaW4vZGlmZisweDRk MmQ2MCkKICAgICMxIDB4NTgzMTIwIGluIHhtYWxsb2MgL2hvbWUvaG9uZ3h1L0ZPVC9kaWZmdXRp bHMtZnV6ei9saWIveG1hbGxvYy5jOjQxOjEzCgpTVU1NQVJZOiBBZGRyZXNzU2FuaXRpemVyOiBo ZWFwLWJ1ZmZlci1vdmVyZmxvdyAvaG9tZS9ob25neHUvRk9UL2RpZmZ1dGlscy1mdXp6L3NyYy91 dGlsLmM6MTI0OTo0NCBpbiBwcmludF8xX2xpbmVfbmwKU2hhZG93IGJ5dGVzIGFyb3VuZCB0aGUg YnVnZ3kgYWRkcmVzczoKICAweDBjNDI3ZmZmN2ZjMDogMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAg MDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAKICAweDBjNDI3ZmZmN2ZkMDogMDAgMDAgMDAgMDAgMDAg MDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAKICAweDBjNDI3ZmZmN2ZlMDogMDAgMDAg MDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAKICAweDBjNDI3ZmZmN2Zm MDogMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAKICAweDBj NDI3ZmZmODAwMDogZmEgZmEgZmEgZmEgZmEgZmEgZmEgZmEgZmEgZmEgZmEgZmEgZmEgZmEgZmEg ZmEKPT4weDBjNDI3ZmZmODAxMDogZmEgZmEgZmEgZmEgZmEgZmEgZmEgZmEgZmEgZmEgZmEgZmEg ZmEgZmEgZmFbZmFdCiAgMHgwYzQyN2ZmZjgwMjA6IDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAw IDAwIDAwIDAwIDAwIDAwIDAwIDAwCiAgMHgwYzQyN2ZmZjgwMzA6IDAwIDAwIDAwIDAwIDAwIDAw IDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwCiAgMHgwYzQyN2ZmZjgwNDA6IDAwIDAwIDAw IDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwCiAgMHgwYzQyN2ZmZjgwNTA6 IDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwCiAgMHgwYzQy N2ZmZjgwNjA6IDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAw ClNoYWRvdyBieXRlIGxlZ2VuZCAob25lIHNoYWRvdyBieXRlIHJlcHJlc2VudHMgOCBhcHBsaWNh dGlvbiBieXRlcyk6CiAgQWRkcmVzc2FibGU6ICAgICAgICAgICAwMAogIFBhcnRpYWxseSBhZGRy ZXNzYWJsZTogMDEgMDIgMDMgMDQgMDUgMDYgMDcgCiAgSGVhcCBsZWZ0IHJlZHpvbmU6ICAgICAg IGZhCiAgRnJlZWQgaGVhcCByZWdpb246ICAgICAgIGZkCiAgU3RhY2sgbGVmdCByZWR6b25lOiAg ICAgIGYxCiAgU3RhY2sgbWlkIHJlZHpvbmU6ICAgICAgIGYyCiAgU3RhY2sgcmlnaHQgcmVkem9u ZTogICAgIGYzCiAgU3RhY2sgYWZ0ZXIgcmV0dXJuOiAgICAgIGY1CiAgU3RhY2sgdXNlIGFmdGVy IHNjb3BlOiAgIGY4CiAgR2xvYmFsIHJlZHpvbmU6ICAgICAgICAgIGY5CiAgR2xvYmFsIGluaXQg b3JkZXI6ICAgICAgIGY2CiAgUG9pc29uZWQgYnkgdXNlcjogICAgICAgIGY3CiAgQ29udGFpbmVy IG92ZXJmbG93OiAgICAgIGZjCiAgQXJyYXkgY29va2llOiAgICAgICAgICAgIGFjCiAgSW50cmEg b2JqZWN0IHJlZHpvbmU6ICAgIGJiCiAgQVNhbiBpbnRlcm5hbDogICAgICAgICAgIGZlCiAgTGVm dCBhbGxvY2EgcmVkem9uZTogICAgIGNhCiAgUmlnaHQgYWxsb2NhIHJlZHpvbmU6ICAgIGNiCj09 ODMxMT09QUJPUlRJTkcK --000000000000c63d02056f357040 Content-Type: application/octet-stream; name="hbo_util.c:1249_1.err.SIG06" Content-Disposition: attachment; filename="hbo_util.c:1249_1.err.SIG06" Content-Transfer-Encoding: base64 Content-ID: X-Attachment-Id: f_jiplur4m0 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT0KPT04MzEwPT1FUlJPUjogQWRkcmVzc1Nhbml0aXplcjogaGVhcC1idWZmZXItb3Zl cmZsb3cgb24gYWRkcmVzcyAweDYyMTAwMDAwMDBmZiBhdCBwYyAweDAwMDAwMDU1MTA4YSBicCAw eDdmZmRjNWFmODY1MCBzcCAweDdmZmRjNWFmODY0OApSRUFEIG9mIHNpemUgMSBhdCAweDYyMTAw MDAwMDBmZiB0aHJlYWQgVDAKICAgICMwIDB4NTUxMDg5IGluIHByaW50XzFfbGluZV9ubCAvaG9t ZS9ob25neHUvRk9UL2RpZmZ1dGlscy1mdXp6L3NyYy91dGlsLmM6MTI0OTo0NAogICAgIzEgMHg1 NDQzNjYgaW4gcHJpbnRfbm9ybWFsX2h1bmsgL2hvbWUvaG9uZ3h1L0ZPVC9kaWZmdXRpbHMtZnV6 ei9zcmMvbm9ybWFsLmM6NjY6MTEKICAgICMyIDB4NTUwODgzIGluIHByaW50X3NjcmlwdCAvaG9t ZS9ob25neHUvRk9UL2RpZmZ1dGlscy1mdXp6L3NyYy91dGlsLmM6MTE5NTo3CiAgICAjMyAweDUx MzUxZiBpbiBkaWZmXzJfZmlsZXMgL2hvbWUvaG9uZ3h1L0ZPVC9kaWZmdXRpbHMtZnV6ei9zcmMv YW5hbHl6ZS5jOjY2NTo1CiAgICAjNCAweDUyOTdhNyBpbiBjb21wYXJlX2ZpbGVzIC9ob21lL2hv bmd4dS9GT1QvZGlmZnV0aWxzLWZ1enovc3JjL2RpZmYuYzoxNDM0OjExCiAgICAjNSAweDUyNTQ2 YSBpbiBtYWluIC9ob21lL2hvbmd4dS9GT1QvZGlmZnV0aWxzLWZ1enovc3JjL2RpZmYuYzo4MDA6 MTgKICAgICM2IDB4N2Y3YTBlMTRmYjk2IGluIF9fbGliY19zdGFydF9tYWluIC9idWlsZC9nbGli Yy1PVHNFTDUvZ2xpYmMtMi4yNy9jc3UvLi4vY3N1L2xpYmMtc3RhcnQuYzozMTAKICAgICM3IDB4 NDFkNzA5IGluIF9zdGFydCAoL2hvbWUvaG9uZ3h1L0ZPVC9kaWZmdXRpbHMtZnV6ei9pbnN0YWxs L2Jpbi9kaWZmKzB4NDFkNzA5KQoKMHg2MjEwMDAwMDAwZmYgaXMgbG9jYXRlZCAxIGJ5dGVzIHRv IHRoZSBsZWZ0IG9mIDQwOTYtYnl0ZSByZWdpb24gWzB4NjIxMDAwMDAwMTAwLDB4NjIxMDAwMDAx MTAwKQphbGxvY2F0ZWQgYnkgdGhyZWFkIFQwIGhlcmU6CiAgICAjMCAweDRkMmQ2MCBpbiBtYWxs b2MgKC9ob21lL2hvbmd4dS9GT1QvZGlmZnV0aWxzLWZ1enovaW5zdGFsbC9iaW4vZGlmZisweDRk MmQ2MCkKICAgICMxIDB4NTgzMTIwIGluIHhtYWxsb2MgL2hvbWUvaG9uZ3h1L0ZPVC9kaWZmdXRp bHMtZnV6ei9saWIveG1hbGxvYy5jOjQxOjEzCgpTVU1NQVJZOiBBZGRyZXNzU2FuaXRpemVyOiBo ZWFwLWJ1ZmZlci1vdmVyZmxvdyAvaG9tZS9ob25neHUvRk9UL2RpZmZ1dGlscy1mdXp6L3NyYy91 dGlsLmM6MTI0OTo0NCBpbiBwcmludF8xX2xpbmVfbmwKU2hhZG93IGJ5dGVzIGFyb3VuZCB0aGUg YnVnZ3kgYWRkcmVzczoKICAweDBjNDI3ZmZmN2ZjMDogMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAg MDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAKICAweDBjNDI3ZmZmN2ZkMDogMDAgMDAgMDAgMDAgMDAg MDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAKICAweDBjNDI3ZmZmN2ZlMDogMDAgMDAg MDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAKICAweDBjNDI3ZmZmN2Zm MDogMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAKICAweDBj NDI3ZmZmODAwMDogZmEgZmEgZmEgZmEgZmEgZmEgZmEgZmEgZmEgZmEgZmEgZmEgZmEgZmEgZmEg ZmEKPT4weDBjNDI3ZmZmODAxMDogZmEgZmEgZmEgZmEgZmEgZmEgZmEgZmEgZmEgZmEgZmEgZmEg ZmEgZmEgZmFbZmFdCiAgMHgwYzQyN2ZmZjgwMjA6IDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAw IDAwIDAwIDAwIDAwIDAwIDAwIDAwCiAgMHgwYzQyN2ZmZjgwMzA6IDAwIDAwIDAwIDAwIDAwIDAw IDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwCiAgMHgwYzQyN2ZmZjgwNDA6IDAwIDAwIDAw IDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwCiAgMHgwYzQyN2ZmZjgwNTA6 IDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwCiAgMHgwYzQy N2ZmZjgwNjA6IDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAwIDAw ClNoYWRvdyBieXRlIGxlZ2VuZCAob25lIHNoYWRvdyBieXRlIHJlcHJlc2VudHMgOCBhcHBsaWNh dGlvbiBieXRlcyk6CiAgQWRkcmVzc2FibGU6ICAgICAgICAgICAwMAogIFBhcnRpYWxseSBhZGRy ZXNzYWJsZTogMDEgMDIgMDMgMDQgMDUgMDYgMDcgCiAgSGVhcCBsZWZ0IHJlZHpvbmU6ICAgICAg IGZhCiAgRnJlZWQgaGVhcCByZWdpb246ICAgICAgIGZkCiAgU3RhY2sgbGVmdCByZWR6b25lOiAg ICAgIGYxCiAgU3RhY2sgbWlkIHJlZHpvbmU6ICAgICAgIGYyCiAgU3RhY2sgcmlnaHQgcmVkem9u ZTogICAgIGYzCiAgU3RhY2sgYWZ0ZXIgcmV0dXJuOiAgICAgIGY1CiAgU3RhY2sgdXNlIGFmdGVy IHNjb3BlOiAgIGY4CiAgR2xvYmFsIHJlZHpvbmU6ICAgICAgICAgIGY5CiAgR2xvYmFsIGluaXQg b3JkZXI6ICAgICAgIGY2CiAgUG9pc29uZWQgYnkgdXNlcjogICAgICAgIGY3CiAgQ29udGFpbmVy IG92ZXJmbG93OiAgICAgIGZjCiAgQXJyYXkgY29va2llOiAgICAgICAgICAgIGFjCiAgSW50cmEg b2JqZWN0IHJlZHpvbmU6ICAgIGJiCiAgQVNhbiBpbnRlcm5hbDogICAgICAgICAgIGZlCiAgTGVm dCBhbGxvY2EgcmVkem9uZTogICAgIGNhCiAgUmlnaHQgYWxsb2NhIHJlZHpvbmU6ICAgIGNiCj09 ODMxMD09QUJPUlRJTkcK --000000000000c63d02056f357040 Content-Type: application/octet-stream; name="read_util.c:1274:28_1.err.SIG06" Content-Disposition: attachment; filename="read_util.c:1274:28_1.err.SIG06" Content-Transfer-Encoding: base64 Content-ID: X-Attachment-Id: f_jiplur624 QVNBTjpERUFETFlTSUdOQUwKPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT0KPT04MzEzPT1FUlJPUjogQWRkcmVzc1Nhbml0aXpl cjogU0VHViBvbiB1bmtub3duIGFkZHJlc3MgMHg2MjEwMDAwMTAwZDQgKHBjIDB4N2YzNjdjYTU3 YzQwIGJwIDB4MDAwMDAwMDAwNDAwIHNwIDB4N2ZmZWViZDdlMzU4IFQwKQo9PTgzMTM9PVRoZSBz aWduYWwgaXMgY2F1c2VkIGJ5IGEgUkVBRCBtZW1vcnkgYWNjZXNzLgogICAgIzAgMHg3ZjM2N2Nh NTdjM2YgIC9idWlsZC9nbGliYy1PVHNFTDUvZ2xpYmMtMi4yNy9zdHJpbmcvLi4vc3lzZGVwcy94 ODZfNjQvbXVsdGlhcmNoL21lbW1vdmUtdmVjLXVuYWxpZ25lZC1lcm1zLlM6MzcwCiAgICAjMSAw eDdmMzY3Yzk1NDk5MyBpbiBfSU9fZmlsZV94c3B1dG4gL2J1aWxkL2dsaWJjLU9Uc0VMNS9nbGli Yy0yLjI3L2xpYmlvL2ZpbGVvcHMuYzoxMjU4CiAgICAjMiAweDdmMzY3Yzk1MzUxZiBpbiBmd3Jp dGVfdW5sb2NrZWQgL2J1aWxkL2dsaWJjLU9Uc0VMNS9nbGliYy0yLjI3L2xpYmlvL2lvZndyaXRl X3UuYzo0MwogICAgIzMgMHg1NTFkYzQgaW4gb3V0cHV0XzFfbGluZSAvaG9tZS9ob25neHUvRk9U L2RpZmZ1dGlscy1mdXp6L3NyYy91dGlsLmM6MTI3NDoyOAogICAgIzQgMHg1NTBkMjQgaW4gcHJp bnRfMV9saW5lX25sIC9ob21lL2hvbmd4dS9GT1QvZGlmZnV0aWxzLWZ1enovc3JjL3V0aWwuYzox MjQ5OjMKICAgICM1IDB4NTQ0MzY2IGluIHByaW50X25vcm1hbF9odW5rIC9ob21lL2hvbmd4dS9G T1QvZGlmZnV0aWxzLWZ1enovc3JjL25vcm1hbC5jOjY2OjExCiAgICAjNiAweDU1MDg4MyBpbiBw cmludF9zY3JpcHQgL2hvbWUvaG9uZ3h1L0ZPVC9kaWZmdXRpbHMtZnV6ei9zcmMvdXRpbC5jOjEx OTU6NwogICAgIzcgMHg1MTM1MWYgaW4gZGlmZl8yX2ZpbGVzIC9ob21lL2hvbmd4dS9GT1QvZGlm ZnV0aWxzLWZ1enovc3JjL2FuYWx5emUuYzo2NjU6NQogICAgIzggMHg1Mjk3YTcgaW4gY29tcGFy ZV9maWxlcyAvaG9tZS9ob25neHUvRk9UL2RpZmZ1dGlscy1mdXp6L3NyYy9kaWZmLmM6MTQzNDox MQogICAgIzkgMHg1MjU0NmEgaW4gbWFpbiAvaG9tZS9ob25neHUvRk9UL2RpZmZ1dGlscy1mdXp6 L3NyYy9kaWZmLmM6ODAwOjE4CiAgICAjMTAgMHg3ZjM2N2M4ZWFiOTYgaW4gX19saWJjX3N0YXJ0 X21haW4gL2J1aWxkL2dsaWJjLU9Uc0VMNS9nbGliYy0yLjI3L2NzdS8uLi9jc3UvbGliYy1zdGFy dC5jOjMxMAogICAgIzExIDB4NDFkNzA5IGluIF9zdGFydCAoL2hvbWUvaG9uZ3h1L0ZPVC9kaWZm dXRpbHMtZnV6ei9pbnN0YWxsL2Jpbi9kaWZmKzB4NDFkNzA5KQoKQWRkcmVzc1Nhbml0aXplciBj YW4gbm90IHByb3ZpZGUgYWRkaXRpb25hbCBpbmZvLgpTVU1NQVJZOiBBZGRyZXNzU2FuaXRpemVy OiBTRUdWIC9idWlsZC9nbGliYy1PVHNFTDUvZ2xpYmMtMi4yNy9zdHJpbmcvLi4vc3lzZGVwcy94 ODZfNjQvbXVsdGlhcmNoL21lbW1vdmUtdmVjLXVuYWxpZ25lZC1lcm1zLlM6MzcwIAo9PTgzMTM9 PUFCT1JUSU5HCg== --000000000000c63d02056f357040 Content-Type: text/plain; charset="x-binaryenc"; name="read_util.c:1274:28_1.input.txt" Content-Disposition: attachment; filename="read_util.c:1274:28_1.input.txt" Content-Transfer-Encoding: base64 Content-ID: X-Attachment-Id: f_jiplur6c5 e3JOR11dXV1dXV1dXV1dXV1dXV1dXVxdXV1dXV1dXccdwkAUBbX3AMVdXV1dXV1dXV1dXV1dxx3C QBQFtfcAxXdKBftd9gc/P2GRAAn/ELX3AAADCxoKDQ== --000000000000c63d02056f357040 Content-Type: application/octet-stream; name="read_util.c:1274:28_2.err.SIG06" Content-Disposition: attachment; filename="read_util.c:1274:28_2.err.SIG06" Content-Transfer-Encoding: base64 Content-ID: X-Attachment-Id: f_jiplur6m6 QVNBTjpERUFETFlTSUdOQUwKPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT0KPT04MzEyPT1FUlJPUjogQWRkcmVzc1Nhbml0aXpl cjogU0VHViBvbiB1bmtub3duIGFkZHJlc3MgMHg2MjEwMDAwMTAwZDQgKHBjIDB4N2ZkYWQzYjZi YzQwIGJwIDB4MDAwMDAwMDAwNDAwIHNwIDB4N2ZmZGYxZGY2M2Q4IFQwKQo9PTgzMTI9PVRoZSBz aWduYWwgaXMgY2F1c2VkIGJ5IGEgUkVBRCBtZW1vcnkgYWNjZXNzLgogICAgIzAgMHg3ZmRhZDNi NmJjM2YgIC9idWlsZC9nbGliYy1PVHNFTDUvZ2xpYmMtMi4yNy9zdHJpbmcvLi4vc3lzZGVwcy94 ODZfNjQvbXVsdGlhcmNoL21lbW1vdmUtdmVjLXVuYWxpZ25lZC1lcm1zLlM6MzcwCiAgICAjMSAw eDdmZGFkM2E2ODk5MyBpbiBfSU9fZmlsZV94c3B1dG4gL2J1aWxkL2dsaWJjLU9Uc0VMNS9nbGli Yy0yLjI3L2xpYmlvL2ZpbGVvcHMuYzoxMjU4CiAgICAjMiAweDdmZGFkM2E2NzUxZiBpbiBmd3Jp dGVfdW5sb2NrZWQgL2J1aWxkL2dsaWJjLU9Uc0VMNS9nbGliYy0yLjI3L2xpYmlvL2lvZndyaXRl X3UuYzo0MwogICAgIzMgMHg1NTFkYzQgaW4gb3V0cHV0XzFfbGluZSAvaG9tZS9ob25neHUvRk9U L2RpZmZ1dGlscy1mdXp6L3NyYy91dGlsLmM6MTI3NDoyOAogICAgIzQgMHg1NTBkMjQgaW4gcHJp bnRfMV9saW5lX25sIC9ob21lL2hvbmd4dS9GT1QvZGlmZnV0aWxzLWZ1enovc3JjL3V0aWwuYzox MjQ5OjMKICAgICM1IDB4NTQ0MzY2IGluIHByaW50X25vcm1hbF9odW5rIC9ob21lL2hvbmd4dS9G T1QvZGlmZnV0aWxzLWZ1enovc3JjL25vcm1hbC5jOjY2OjExCiAgICAjNiAweDU1MDg4MyBpbiBw cmludF9zY3JpcHQgL2hvbWUvaG9uZ3h1L0ZPVC9kaWZmdXRpbHMtZnV6ei9zcmMvdXRpbC5jOjEx OTU6NwogICAgIzcgMHg1MTM1MWYgaW4gZGlmZl8yX2ZpbGVzIC9ob21lL2hvbmd4dS9GT1QvZGlm ZnV0aWxzLWZ1enovc3JjL2FuYWx5emUuYzo2NjU6NQogICAgIzggMHg1Mjk3YTcgaW4gY29tcGFy ZV9maWxlcyAvaG9tZS9ob25neHUvRk9UL2RpZmZ1dGlscy1mdXp6L3NyYy9kaWZmLmM6MTQzNDox MQogICAgIzkgMHg1MjU0NmEgaW4gbWFpbiAvaG9tZS9ob25neHUvRk9UL2RpZmZ1dGlscy1mdXp6 L3NyYy9kaWZmLmM6ODAwOjE4CiAgICAjMTAgMHg3ZmRhZDM5ZmViOTYgaW4gX19saWJjX3N0YXJ0 X21haW4gL2J1aWxkL2dsaWJjLU9Uc0VMNS9nbGliYy0yLjI3L2NzdS8uLi9jc3UvbGliYy1zdGFy dC5jOjMxMAogICAgIzExIDB4NDFkNzA5IGluIF9zdGFydCAoL2hvbWUvaG9uZ3h1L0ZPVC9kaWZm dXRpbHMtZnV6ei9pbnN0YWxsL2Jpbi9kaWZmKzB4NDFkNzA5KQoKQWRkcmVzc1Nhbml0aXplciBj YW4gbm90IHByb3ZpZGUgYWRkaXRpb25hbCBpbmZvLgpTVU1NQVJZOiBBZGRyZXNzU2FuaXRpemVy OiBTRUdWIC9idWlsZC9nbGliYy1PVHNFTDUvZ2xpYmMtMi4yNy9zdHJpbmcvLi4vc3lzZGVwcy94 ODZfNjQvbXVsdGlhcmNoL21lbW1vdmUtdmVjLXVuYWxpZ25lZC1lcm1zLlM6MzcwIAo9PTgzMTI9 PUFCT1JUSU5HCg== --000000000000c63d02056f357040 Content-Type: text/plain; charset="Shift_JIS"; name="read_util.c:1274:28_2.input.txt" Content-Disposition: attachment; filename="read_util.c:1274:28_2.input.txt" Content-Transfer-Encoding: base64 Content-ID: X-Attachment-Id: f_jiplur6v7 iUVFYA5FDQ0KDQ== --000000000000c63d02056f357040 Content-Type: application/octet-stream; name="add.wasm" Content-Disposition: attachment; filename="add.wasm" Content-Transfer-Encoding: base64 Content-ID: X-Attachment-Id: f_jiplw9ar8 AGFzbQEAAAABBwFgAn9/AX8DAgEABwcBA2FkZAAACgkBBwAgACABags= --000000000000c63d02056f357040-- From debbugs-submit-bounces@debbugs.gnu.org Fri Dec 28 20:13:30 2018 Received: (at 31935) by debbugs.gnu.org; 29 Dec 2018 01:13:30 +0000 Received: from localhost ([127.0.0.1]:40734 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1gd3By-0004Cb-9k for submit@debbugs.gnu.org; Fri, 28 Dec 2018 20:13:30 -0500 Received: from mail-wm1-f41.google.com ([209.85.128.41]:35597) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1gd3Bw-0004CM-KS for 31935@debbugs.gnu.org; Fri, 28 Dec 2018 20:13:29 -0500 Received: by mail-wm1-f41.google.com with SMTP id t200so8856603wmt.0 for <31935@debbugs.gnu.org>; Fri, 28 Dec 2018 17:13:28 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=bkkfFCfRbivr7CaTYxO2DuQoVQJRLPB7gSTHvA4I1Yk=; b=dEoR2tBE/MUe5KNUu5WjhWCYcM4QJdgUZQIdsZ/ET3O50t8ecetrrjO0hlwEFCitiU DT5nc7XSHzdKNEKMoZREt8Rel1il1BBGf159zo1bipHU+p2nlyZgsnp+4FRs1pWuz7k6 9MKNpE3Q/0r73KokeKpT2iIqVwatQg25CjmL/bBG5wxF5uOczEMDbC0vnwoFn38C/3U4 nz2LrrPzt+Z5HpZQpraS92MZwjWMsEv0vKcyCpMeBBNYRurDzQDXrE9pdvaA9nBE10qT KRBaVE5UJXnzqG1rrCKvDIlCDOhjAv0tlU/SPSDIB1fNib1+q0QvL1kNKd3ttOD2ajQi lM7A== X-Gm-Message-State: AA+aEWbQyCVAnr0vVakY/lb9DRgmIfyM9AIpyV7FyZMSuxmfuz2CqrFs coYjfTJwXblfhzayHlTWkKG+ZqjVG9VmrFWFheU= X-Google-Smtp-Source: ALg8bN67KVJVwJitVUqOc5MeXcDESWbgRwrD+CQaNXfzXh7iLDVvAhlVTuCPGJJjcglWJ7EqHeFqXIuUaW2nW6nS8PA= X-Received: by 2002:a1c:f613:: with SMTP id w19mr25522831wmc.0.1546046002944; Fri, 28 Dec 2018 17:13:22 -0800 (PST) MIME-Version: 1.0 References: In-Reply-To: From: Jim Meyering Date: Fri, 28 Dec 2018 17:13:10 -0800 Message-ID: Subject: Re: [bug-diffutils] bug#31935: 2 crashes in diffutills commit version 576645c To: Hongxu Chen Content-Type: multipart/mixed; boundary="000000000000d038bf057e1ee2d5" X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 31935 Cc: 31935@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) --000000000000d038bf057e1ee2d5 Content-Type: text/plain; charset="UTF-8" On Fri, Jun 22, 2018 at 7:49 AM Hongxu Chen wrote: > We found with our fuzzer 2 crashes on diffutils version 576645c: one is a heap-buffer-overflow at util.c:1249, another is an invalid read resulting from `output_1_line' at util.c:1274. > The executing command is: `./diff -a --strip-trailing-cr $file add.wasm` where $file is the poc file (I attached them as *.input.txt); "add.wasm" is also attached however it seems that content of the comparison file is not important. Thank you for fuzz-testing diffutils. FYI, here is a reproducer for the limit[-1]-related UMR bugs: valgrind src/diff -a --strip-trailing-cr <(printf '\r') <(echo a) I've attached a patch: --000000000000d038bf057e1ee2d5 Content-Type: application/octet-stream; name="diffutils-UMR.diff" Content-Disposition: attachment; filename="diffutils-UMR.diff" Content-Transfer-Encoding: base64 Content-ID: X-Attachment-Id: f_jq8rsy7j0 RnJvbSA0Y2ZiNzA5YmQ4NDhhZmJhNjgzNDg5NWE2OWViMDFkMmJiZmRhNzM2IE1vbiBTZXAgMTcg MDA6MDA6MDAgMjAwMQpGcm9tOiBKaW0gTWV5ZXJpbmcgPG1leWVyaW5nQGZiLmNvbT4KRGF0ZTog RnJpLCAyOCBEZWMgMjAxOCAxNjoxMjoxMSAtMDgwMApTdWJqZWN0OiBbUEFUQ0hdIGRpZmY6IGF2 b2lkIHVuaW5pdGlhbGl6ZWQgbWVtb3J5IHJlYWQgd2l0aAogLS1zdHJpcC10cmFpbGluZy1jcgoK KiBORVdTOiAoQnVnIGZpeGVkKTogTWVudGlvbiBpdC4KKiBzcmMvdXRpbC5jIChwcmludF8xX2xp bmVfbmwpOiBBdm9pZCAtLXN0cmlwLXRyYWlsaW5nLWNyIFVNUiB3aGVuIHRoZQpidWZmZXIgY29u c2lzdHMgb2YgYSBzb2xlIENSLiBUaGF0IGhhcHBlbmVkIGR1ZSB0byBhbiB1bmNoZWNrZWQKcmVm ZXJlbmNlIHRvIGxpbWl0Wy0xXS4gRW5zdXJlIGxpbWl0Wy0xXSBpcyB2YWxpZCBiZWZvcmUgYWNj ZXNzaW5nIGl0LgoqIHNyYy9ub3JtYWwuYyAocHJpbnRfbm9ybWFsX2h1bmspOiBMaWtld2lzZS4K KiB0ZXN0cy9zdHJpcC10cmFpbGluZy1jcjogTmV3IGZpbGUuIFRlc3QgZm9yIHRoYXQgYnVnLgoq IHRlc3RzL01ha2VmaWxlLmFtIChURVNUUyk6IEFkZCBpdC4KUmVwb3J0ZWQgYnkgSG9uZ3h1IENo ZW4gPGxlZnRjb3B5LmNoeEBnbWFpbC5jb20+IGluCmh0dHA6Ly9idWdzLmdudS5vcmcvMzE5MzUK LS0tCiBORVdTICAgICAgICAgICAgICAgICAgICB8ICA3ICsrKysrKysKIHNyYy9ub3JtYWwuYyAg ICAgICAgICAgIHwgIDQgKysrLQogc3JjL3V0aWwuYyAgICAgICAgICAgICAgfCAgNCArKy0tCiB0 ZXN0cy9NYWtlZmlsZS5hbSAgICAgICB8ICAxICsKIHRlc3RzL3N0cmlwLXRyYWlsaW5nLWNyIHwg MjAgKysrKysrKysrKysrKysrKysrKysKIDUgZmlsZXMgY2hhbmdlZCwgMzMgaW5zZXJ0aW9ucygr KSwgMyBkZWxldGlvbnMoLSkKIGNyZWF0ZSBtb2RlIDEwMDc1NSB0ZXN0cy9zdHJpcC10cmFpbGlu Zy1jcgoKZGlmZiAtLWdpdCBhL05FV1MgYi9ORVdTCmluZGV4IDU2ZTA0NDUuLjdkMTE1YTMgMTAw NjQ0Ci0tLSBhL05FV1MKKysrIGIvTkVXUwpAQCAtMiw2ICsyLDEzIEBAIEdOVSBkaWZmdXRpbHMg TkVXUyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIC0qLSBvdXRsaW5lIC0qLQoK ICogTm90ZXdvcnRoeSBjaGFuZ2VzIGluIHJlbGVhc2UgPy4/ICg/Pz8/LT8/LT8/KSBbP10KCisq KiBCdWcgZml4ZXMKKworICBkaWZmIC0tc3RyaXAtdHJhaWxpbmctY3Igd2l0aCBhIHNpbmdsZSBD UiBieXRlIGluIG9uZSBpbnB1dCBmaWxlCisgIHdvdWxkIHByb3Zva2UgYW4gdW5pbml0aWFsaXpl ZCBtZW1vcnkgcmVhZCwgZS5nLiwKKyAgICBkaWZmIC1hIC0tc3RyaXAtdHJhaWxpbmctY3IgPChw cmludGYgJ1xyJykgPChlY2hvIGEpCisgIFtidWcgaW50cm9kdWNlZCBpbiAyLjggd2l0aCBhZGRp dGlvbiBvZiB0aGUgLS1zdHJpcC10cmFpbGluZy1jciBvcHRpb25dCisKCiAqIE5vdGV3b3J0aHkg Y2hhbmdlcyBpbiByZWxlYXNlIDMuNiAoMjAxNy0wNS0yMSkgW3N0YWJsZV0KCmRpZmYgLS1naXQg YS9zcmMvbm9ybWFsLmMgYi9zcmMvbm9ybWFsLmMKaW5kZXggYzZhYWMwNy4uNTc1ZmJiZSAxMDA2 NDQKLS0tIGEvc3JjL25vcm1hbC5jCisrKyBiL3NyYy9ub3JtYWwuYwpAQCAtNjYsNyArNjYsOSBA QCBwcmludF9ub3JtYWxfaHVuayAoc3RydWN0IGNoYW5nZSAqaHVuaykKICAgICAgICAgICBwcmlu dF8xX2xpbmVfbmwgKCI8IiwgJmZpbGVzWzBdLmxpbmJ1ZltpXSwgdHJ1ZSk7CiAgICAgICAgICAg aWYgKGkgPT0gbGFzdDApCiAgICAgICAgICAgICBzZXRfY29sb3JfY29udGV4dCAoUkVTRVRfQ09O VEVYVCk7Ci0gICAgICAgICAgaWYgKGZpbGVzWzBdLmxpbmJ1ZltpICsgMV1bLTFdID09ICdcbicp CisgICAgICAgICAgY2hhciBjb25zdCAqYmFzZSA9IGZpbGVzWzBdLmxpbmJ1ZltpXTsKKyAgICAg ICAgICBjaGFyIGNvbnN0ICpsaW1pdCA9IGZpbGVzWzBdLmxpbmJ1ZltpICsgMV07CisgICAgICAg ICAgaWYgKGJhc2UgPCBsaW1pdCAmJiBsaW1pdFstMV0gPT0gJ1xuJykKICAgICAgICAgICAgIHB1 dGMgKCdcbicsIG91dGZpbGUpOwogICAgICAgICB9CiAgICAgfQpkaWZmIC0tZ2l0IGEvc3JjL3V0 aWwuYyBiL3NyYy91dGlsLmMKaW5kZXggNGY0ZDliYi4uZTRjZDBhZSAxMDA2NDQKLS0tIGEvc3Jj L3V0aWwuYworKysgYi9zcmMvdXRpbC5jCkBAIC0xMjQ2LDkgKzEyNDYsOSBAQCBwcmludF8xX2xp bmVfbmwgKGNoYXIgY29uc3QgKmxpbmVfZmxhZywgY2hhciBjb25zdCAqY29uc3QgKmxpbmUsIGJv b2wgc2tpcF9ubCkKICAgICAgIGZwcmludGYgKG91dCwgZmxhZ19mb3JtYXRfMSwgbGluZV9mbGFn XzEpOwogICAgIH0KCi0gIG91dHB1dF8xX2xpbmUgKGJhc2UsIGxpbWl0IC0gKHNraXBfbmwgJiYg bGltaXRbLTFdID09ICdcbicpLCBmbGFnX2Zvcm1hdCwgbGluZV9mbGFnKTsKKyAgb3V0cHV0XzFf bGluZSAoYmFzZSwgbGltaXQgLSAoc2tpcF9ubCAmJiBiYXNlIDwgbGltaXQgJiYgbGltaXRbLTFd ID09ICdcbicpLCBmbGFnX2Zvcm1hdCwgbGluZV9mbGFnKTsKCi0gIGlmICgoIWxpbmVfZmxhZyB8 fCBsaW5lX2ZsYWdbMF0pICYmIGxpbWl0Wy0xXSAhPSAnXG4nKQorICBpZiAoKCFsaW5lX2ZsYWcg fHwgbGluZV9mbGFnWzBdKSAmJiBiYXNlIDwgbGltaXQgJiYgbGltaXRbLTFdICE9ICdcbicpCiAg ICAgewogICAgICAgc2V0X2NvbG9yX2NvbnRleHQgKFJFU0VUX0NPTlRFWFQpOwogICAgICAgZnBy aW50ZiAob3V0LCAiXG5cXCAlc1xuIiwgXygiTm8gbmV3bGluZSBhdCBlbmQgb2YgZmlsZSIpKTsK ZGlmZiAtLWdpdCBhL3Rlc3RzL01ha2VmaWxlLmFtIGIvdGVzdHMvTWFrZWZpbGUuYW0KaW5kZXgg MjY2NDZjMC4uYjFmZTMyMSAxMDA2NDQKLS0tIGEvdGVzdHMvTWFrZWZpbGUuYW0KKysrIGIvdGVz dHMvTWFrZWZpbGUuYW0KQEAgLTIxLDYgKzIxLDcgQEAgVEVTVFMgPSBcCiAgIHN0ZGluIFwKICAg c3RyY29sbC0wLW5hbWVzIFwKICAgZmlsZW5hbWUtcXVvdGluZyBcCisgIHN0cmlwLXRyYWlsaW5n LWNyIFwKICAgY29sb3JzCgogWEZBSUxfVEVTVFMgPSBsYXJnZS1zdWJvcHQKZGlmZiAtLWdpdCBh L3Rlc3RzL3N0cmlwLXRyYWlsaW5nLWNyIGIvdGVzdHMvc3RyaXAtdHJhaWxpbmctY3IKbmV3IGZp bGUgbW9kZSAxMDA3NTUKaW5kZXggMDAwMDAwMC4uOWVjOTZmMQotLS0gL2Rldi9udWxsCisrKyBi L3Rlc3RzL3N0cmlwLXRyYWlsaW5nLWNyCkBAIC0wLDAgKzEsMjAgQEAKKyMhL2Jpbi9zaAorIyBC ZWZvcmUgZGlmZi0zLjcsIHRoaXMgd291bGQgcHJvdm9rZSBhIFVNUgorCisuICIke3NyY2Rpcj0u fS9pbml0LnNoIjsgcGF0aF9wcmVwZW5kXyAuLi9zcmMKKworZmFpbD0wCisKK3JlcXVpcmVfdmFs Z3JpbmRfCisKK3ByaW50ZiAnXHInID4gciB8fCBmcmFtZXdvcmtfZmFpbHVyZV8KK2VjaG8gYiA+ IGIgfHwgZnJhbWV3b3JrX2ZhaWx1cmVfCitwcmludGYgJyVzXG4nIDFjMSAnPCAtLS0nICc+IGIn ID4gZXhwIHx8IGZyYW1ld29ya19mYWlsdXJlXworCityZXR1cm5zXyAxIHZhbGdyaW5kIC0tcXVp ZXQgLS1lcnJvci1leGl0Y29kZT0zIFwKKyAgIGRpZmYgLWEgLS1zdHJpcC10cmFpbGluZy1jciBy IGIgPiBvdXQgMj4gZXJyIHx8IGZhaWw9MQorCitjb21wYXJlIGV4cCBvdXQgfHwgZmFpbD0xCitj b21wYXJlIC9kZXYvbnVsbCBlcnIgfHwgZmFpbD0xCisKK0V4aXQgJGZhaWwKLS0gCjIuMjAuMS4y LmdiMjFlYmI2NzFiCgo= --000000000000d038bf057e1ee2d5-- From debbugs-submit-bounces@debbugs.gnu.org Fri Dec 28 20:37:32 2018 Received: (at 31935) by debbugs.gnu.org; 29 Dec 2018 01:37:32 +0000 Received: from localhost ([127.0.0.1]:40749 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1gd3ZE-0004ny-34 for submit@debbugs.gnu.org; Fri, 28 Dec 2018 20:37:32 -0500 Received: from mail-wr1-f68.google.com ([209.85.221.68]:33847) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1gd3ZC-0004nm-N9 for 31935@debbugs.gnu.org; Fri, 28 Dec 2018 20:37:31 -0500 Received: by mail-wr1-f68.google.com with SMTP id j2so22344637wrw.1 for <31935@debbugs.gnu.org>; Fri, 28 Dec 2018 17:37:30 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=ljjpf2h4EaaiNR7znQziM/po0S9q6kILwIjpTZwVXno=; b=UB9pTPwHGxvbneSyO5kRwwmqG+rDfBrPX4mACEPYsk9ohEnNOyK9VsO0YAIpSqa0VH S5pzJfFZD6QaKNz94dTkGPWwVoAhoCH50zuWdpqKERc6u+vfi3PAMMW2OSILlOUxF1gM HvsEog7DnS+COkFElSUyX4h6oiLvst2geTATNq6ON+Y11t6ySco0m+NkHY47M7FqjnQk AcLeIe8RdBjQTSOzaDzGIvDsbAMa0XZA7aFxMhpkRNAGxkinwsjRpMkGB8XAF9Hwae84 Vk0ZUvO8zyLf/DBUdPOZs/1Ia4fSVBWKVAyLYoLtoGgb6e2ZPN0Ry8BArJto12tjNtz/ yI1Q== X-Gm-Message-State: AJcUukd8OYzHoaMtgIwww71UDtNErvkNdutmDy3QvzxDDRmN/5i8dgZJ JOP7SyA306K+IcS6y9ZRCdRJixQ/9WvuVAorOvU= X-Google-Smtp-Source: ALg8bN7US/JSc6DSzdTp3ScGbPHDP8K7Ib0M/Vg2gZ4Qo0mzWwv/0d3XSZJ9qsji+r9TrO3qvm/JS3qRhKWKrMt/Kl0= X-Received: by 2002:adf:8464:: with SMTP id 91mr28380277wrf.251.1546047444986; Fri, 28 Dec 2018 17:37:24 -0800 (PST) MIME-Version: 1.0 References: In-Reply-To: From: Jim Meyering Date: Fri, 28 Dec 2018 17:37:12 -0800 Message-ID: Subject: Re: [bug-diffutils] bug#31935: 2 crashes in diffutills commit version 576645c To: Hongxu Chen Content-Type: multipart/mixed; boundary="000000000000c3cc9b057e1f38ef" X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 31935 Cc: 31935@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) --000000000000c3cc9b057e1f38ef Content-Type: text/plain; charset="UTF-8" On Fri, Dec 28, 2018 at 5:13 PM Jim Meyering wrote: > > On Fri, Jun 22, 2018 at 7:49 AM Hongxu Chen wrote: > > We found with our fuzzer 2 crashes on diffutils version 576645c: one is a heap-buffer-overflow at util.c:1249, another is an invalid read resulting from `output_1_line' at util.c:1274. > > The executing command is: `./diff -a --strip-trailing-cr $file add.wasm` where $file is the poc file (I attached them as *.input.txt); "add.wasm" is also attached however it seems that content of the comparison file is not important. > > Thank you for fuzz-testing diffutils. > FYI, here is a reproducer for the limit[-1]-related UMR bugs: > > valgrind src/diff -a --strip-trailing-cr <(printf '\r') <(echo a) > > I've attached a patch: That patch was provably incomplete. I ran this (adding -u to the above) and found one new UMR. Guarding yet another [-1] reference fixes it. There are still numerous unguarded [-1] references, so this updated patch is doubtless still incomplete: for i in hbo*; do echo $i; valgrind --quiet src/diff -u -a --strip-trailing-cr $i add.wasm > /dev/null; echo $?; done --000000000000c3cc9b057e1f38ef Content-Type: application/octet-stream; name="diffutils-UMR.diff" Content-Disposition: attachment; filename="diffutils-UMR.diff" Content-Transfer-Encoding: base64 Content-ID: X-Attachment-Id: f_jq8spz710 RnJvbSA0Y2ZiNzA5YmQ4NDhhZmJhNjgzNDg5NWE2OWViMDFkMmJiZmRhNzM2IE1vbiBTZXAgMTcg MDA6MDA6MDAgMjAwMQpGcm9tOiBKaW0gTWV5ZXJpbmcgPG1leWVyaW5nQGZiLmNvbT4KRGF0ZTog RnJpLCAyOCBEZWMgMjAxOCAxNjoxMjoxMSAtMDgwMApTdWJqZWN0OiBbUEFUQ0hdIGRpZmY6IGF2 b2lkIHVuaW5pdGlhbGl6ZWQgbWVtb3J5IHJlYWQgd2l0aAogLS1zdHJpcC10cmFpbGluZy1jcgoK KiBORVdTOiAoQnVnIGZpeGVkKTogTWVudGlvbiBpdC4KKiBzcmMvdXRpbC5jIChwcmludF8xX2xp bmVfbmwpOiBBdm9pZCAtLXN0cmlwLXRyYWlsaW5nLWNyIFVNUiB3aGVuIHRoZQpidWZmZXIgY29u c2lzdHMgb2YgYSBzb2xlIENSLiBUaGF0IGhhcHBlbmVkIGR1ZSB0byBhbiB1bmNoZWNrZWQKcmVm ZXJlbmNlIHRvIGxpbWl0Wy0xXS4gRW5zdXJlIGxpbWl0Wy0xXSBpcyB2YWxpZCBiZWZvcmUgYWNj ZXNzaW5nIGl0LgoqIHNyYy9ub3JtYWwuYyAocHJpbnRfbm9ybWFsX2h1bmspOiBMaWtld2lzZS4K KiB0ZXN0cy9zdHJpcC10cmFpbGluZy1jcjogTmV3IGZpbGUuIFRlc3QgZm9yIHRoYXQgYnVnLgoq IHRlc3RzL01ha2VmaWxlLmFtIChURVNUUyk6IEFkZCBpdC4KUmVwb3J0ZWQgYnkgSG9uZ3h1IENo ZW4gPGxlZnRjb3B5LmNoeEBnbWFpbC5jb20+IGluCmh0dHA6Ly9idWdzLmdudS5vcmcvMzE5MzUK LS0tCiBORVdTICAgICAgICAgICAgICAgICAgICB8ICA3ICsrKysrKysKIHNyYy9ub3JtYWwuYyAg ICAgICAgICAgIHwgIDQgKysrLQogc3JjL3V0aWwuYyAgICAgICAgICAgICAgfCAgNCArKy0tCiB0 ZXN0cy9NYWtlZmlsZS5hbSAgICAgICB8ICAxICsKIHRlc3RzL3N0cmlwLXRyYWlsaW5nLWNyIHwg MjAgKysrKysrKysrKysrKysrKysrKysKIDUgZmlsZXMgY2hhbmdlZCwgMzMgaW5zZXJ0aW9ucygr KSwgMyBkZWxldGlvbnMoLSkKIGNyZWF0ZSBtb2RlIDEwMDc1NSB0ZXN0cy9zdHJpcC10cmFpbGlu Zy1jcgoKZGlmZiAtLWdpdCBhL05FV1MgYi9ORVdTCmluZGV4IDU2ZTA0NDUuLjdkMTE1YTMgMTAw NjQ0Ci0tLSBhL05FV1MKKysrIGIvTkVXUwpAQCAtMiw2ICsyLDEzIEBAIEdOVSBkaWZmdXRpbHMg TkVXUyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIC0qLSBvdXRsaW5lIC0qLQoK ICogTm90ZXdvcnRoeSBjaGFuZ2VzIGluIHJlbGVhc2UgPy4/ICg/Pz8/LT8/LT8/KSBbP10KCisq KiBCdWcgZml4ZXMKKworICBkaWZmIC0tc3RyaXAtdHJhaWxpbmctY3Igd2l0aCBhIHNpbmdsZSBD UiBieXRlIGluIG9uZSBpbnB1dCBmaWxlCisgIHdvdWxkIHByb3Zva2UgYW4gdW5pbml0aWFsaXpl ZCBtZW1vcnkgcmVhZCwgZS5nLiwKKyAgICBkaWZmIC1hIC0tc3RyaXAtdHJhaWxpbmctY3IgPChw cmludGYgJ1xyJykgPChlY2hvIGEpCisgIFtidWcgaW50cm9kdWNlZCBpbiAyLjggd2l0aCBhZGRp dGlvbiBvZiB0aGUgLS1zdHJpcC10cmFpbGluZy1jciBvcHRpb25dCisKCiAqIE5vdGV3b3J0aHkg Y2hhbmdlcyBpbiByZWxlYXNlIDMuNiAoMjAxNy0wNS0yMSkgW3N0YWJsZV0KCmRpZmYgLS1naXQg YS9zcmMvbm9ybWFsLmMgYi9zcmMvbm9ybWFsLmMKaW5kZXggYzZhYWMwNy4uNTc1ZmJiZSAxMDA2 NDQKLS0tIGEvc3JjL25vcm1hbC5jCisrKyBiL3NyYy9ub3JtYWwuYwpAQCAtNjYsNyArNjYsOSBA QCBwcmludF9ub3JtYWxfaHVuayAoc3RydWN0IGNoYW5nZSAqaHVuaykKICAgICAgICAgICBwcmlu dF8xX2xpbmVfbmwgKCI8IiwgJmZpbGVzWzBdLmxpbmJ1ZltpXSwgdHJ1ZSk7CiAgICAgICAgICAg aWYgKGkgPT0gbGFzdDApCiAgICAgICAgICAgICBzZXRfY29sb3JfY29udGV4dCAoUkVTRVRfQ09O VEVYVCk7Ci0gICAgICAgICAgaWYgKGZpbGVzWzBdLmxpbmJ1ZltpICsgMV1bLTFdID09ICdcbicp CisgICAgICAgICAgY2hhciBjb25zdCAqYmFzZSA9IGZpbGVzWzBdLmxpbmJ1ZltpXTsKKyAgICAg ICAgICBjaGFyIGNvbnN0ICpsaW1pdCA9IGZpbGVzWzBdLmxpbmJ1ZltpICsgMV07CisgICAgICAg ICAgaWYgKGJhc2UgPCBsaW1pdCAmJiBsaW1pdFstMV0gPT0gJ1xuJykKICAgICAgICAgICAgIHB1 dGMgKCdcbicsIG91dGZpbGUpOwogICAgICAgICB9CiAgICAgfQpkaWZmIC0tZ2l0IGEvc3JjL3V0 aWwuYyBiL3NyYy91dGlsLmMKaW5kZXggNGY0ZDliYi4uZTRjZDBhZSAxMDA2NDQKLS0tIGEvc3Jj L3V0aWwuYworKysgYi9zcmMvdXRpbC5jCkBAIC0xMjQ2LDkgKzEyNDYsOSBAQCBwcmludF8xX2xp bmVfbmwgKGNoYXIgY29uc3QgKmxpbmVfZmxhZywgY2hhciBjb25zdCAqY29uc3QgKmxpbmUsIGJv b2wgc2tpcF9ubCkKICAgICAgIGZwcmludGYgKG91dCwgZmxhZ19mb3JtYXRfMSwgbGluZV9mbGFn XzEpOwogICAgIH0KCi0gIG91dHB1dF8xX2xpbmUgKGJhc2UsIGxpbWl0IC0gKHNraXBfbmwgJiYg bGltaXRbLTFdID09ICdcbicpLCBmbGFnX2Zvcm1hdCwgbGluZV9mbGFnKTsKKyAgb3V0cHV0XzFf bGluZSAoYmFzZSwgbGltaXQgLSAoc2tpcF9ubCAmJiBiYXNlIDwgbGltaXQgJiYgbGltaXRbLTFd ID09ICdcbicpLCBmbGFnX2Zvcm1hdCwgbGluZV9mbGFnKTsKCi0gIGlmICgoIWxpbmVfZmxhZyB8 fCBsaW5lX2ZsYWdbMF0pICYmIGxpbWl0Wy0xXSAhPSAnXG4nKQorICBpZiAoKCFsaW5lX2ZsYWcg fHwgbGluZV9mbGFnWzBdKSAmJiBiYXNlIDwgbGltaXQgJiYgbGltaXRbLTFdICE9ICdcbicpCiAg ICAgewogICAgICAgc2V0X2NvbG9yX2NvbnRleHQgKFJFU0VUX0NPTlRFWFQpOwogICAgICAgZnBy aW50ZiAob3V0LCAiXG5cXCAlc1xuIiwgXygiTm8gbmV3bGluZSBhdCBlbmQgb2YgZmlsZSIpKTsK ZGlmZiAtLWdpdCBhL3Rlc3RzL01ha2VmaWxlLmFtIGIvdGVzdHMvTWFrZWZpbGUuYW0KaW5kZXgg MjY2NDZjMC4uYjFmZTMyMSAxMDA2NDQKLS0tIGEvdGVzdHMvTWFrZWZpbGUuYW0KKysrIGIvdGVz dHMvTWFrZWZpbGUuYW0KQEAgLTIxLDYgKzIxLDcgQEAgVEVTVFMgPSBcCiAgIHN0ZGluIFwKICAg c3RyY29sbC0wLW5hbWVzIFwKICAgZmlsZW5hbWUtcXVvdGluZyBcCisgIHN0cmlwLXRyYWlsaW5n LWNyIFwKICAgY29sb3JzCgogWEZBSUxfVEVTVFMgPSBsYXJnZS1zdWJvcHQKZGlmZiAtLWdpdCBh L3Rlc3RzL3N0cmlwLXRyYWlsaW5nLWNyIGIvdGVzdHMvc3RyaXAtdHJhaWxpbmctY3IKbmV3IGZp bGUgbW9kZSAxMDA3NTUKaW5kZXggMDAwMDAwMC4uOWVjOTZmMQotLS0gL2Rldi9udWxsCisrKyBi L3Rlc3RzL3N0cmlwLXRyYWlsaW5nLWNyCkBAIC0wLDAgKzEsMjAgQEAKKyMhL2Jpbi9zaAorIyBC ZWZvcmUgZGlmZi0zLjcsIHRoaXMgd291bGQgcHJvdm9rZSBhIFVNUgorCisuICIke3NyY2Rpcj0u fS9pbml0LnNoIjsgcGF0aF9wcmVwZW5kXyAuLi9zcmMKKworZmFpbD0wCisKK3JlcXVpcmVfdmFs Z3JpbmRfCisKK3ByaW50ZiAnXHInID4gciB8fCBmcmFtZXdvcmtfZmFpbHVyZV8KK2VjaG8gYiA+ IGIgfHwgZnJhbWV3b3JrX2ZhaWx1cmVfCitwcmludGYgJyVzXG4nIDFjMSAnPCAtLS0nICc+IGIn ID4gZXhwIHx8IGZyYW1ld29ya19mYWlsdXJlXworCityZXR1cm5zXyAxIHZhbGdyaW5kIC0tcXVp ZXQgLS1lcnJvci1leGl0Y29kZT0zIFwKKyAgIGRpZmYgLWEgLS1zdHJpcC10cmFpbGluZy1jciBy IGIgPiBvdXQgMj4gZXJyIHx8IGZhaWw9MQorCitjb21wYXJlIGV4cCBvdXQgfHwgZmFpbD0xCitj b21wYXJlIC9kZXYvbnVsbCBlcnIgfHwgZmFpbD0xCisKK0V4aXQgJGZhaWwKLS0gCjIuMjAuMS4y LmdiMjFlYmI2NzFiCgo= --000000000000c3cc9b057e1f38ef-- From debbugs-submit-bounces@debbugs.gnu.org Fri Dec 28 22:11:14 2018 Received: (at 31935) by debbugs.gnu.org; 29 Dec 2018 03:11:14 +0000 Received: from localhost ([127.0.0.1]:40773 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1gd51t-000723-AO for submit@debbugs.gnu.org; Fri, 28 Dec 2018 22:11:14 -0500 Received: from zimbra.cs.ucla.edu ([131.179.128.68]:60972) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1gd51q-00071o-KV for 31935@debbugs.gnu.org; Fri, 28 Dec 2018 22:11:11 -0500 Received: from localhost (localhost [127.0.0.1]) by zimbra.cs.ucla.edu (Postfix) with ESMTP id 309F7160E1A; Fri, 28 Dec 2018 19:11:04 -0800 (PST) Received: from zimbra.cs.ucla.edu ([127.0.0.1]) by localhost (zimbra.cs.ucla.edu [127.0.0.1]) (amavisd-new, port 10032) with ESMTP id hejH3Oaxmoha; Fri, 28 Dec 2018 19:11:03 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by zimbra.cs.ucla.edu (Postfix) with ESMTP id 44097160E1E; Fri, 28 Dec 2018 19:11:03 -0800 (PST) X-Virus-Scanned: amavisd-new at zimbra.cs.ucla.edu Received: from zimbra.cs.ucla.edu ([127.0.0.1]) by localhost (zimbra.cs.ucla.edu [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id WXcb7QsHtIyl; Fri, 28 Dec 2018 19:11:03 -0800 (PST) Received: from [192.168.1.9] (cpe-23-242-74-103.socal.res.rr.com [23.242.74.103]) by zimbra.cs.ucla.edu (Postfix) with ESMTPSA id 1625D160D37; Fri, 28 Dec 2018 19:11:03 -0800 (PST) Subject: Re: [bug-diffutils] bug#31935: bug#31935: 2 crashes in diffutills commit version 576645c To: Jim Meyering , Hongxu Chen References: From: Paul Eggert Organization: UCLA Computer Science Department Message-ID: Date: Fri, 28 Dec 2018 19:11:02 -0800 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.2.1 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/mixed; boundary="------------A901DA17227073F06831BACC" Content-Language: en-US X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 31935 Cc: 31935@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) This is a multi-part message in MIME format. --------------A901DA17227073F06831BACC Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Jim Meyering wrote: > There are still numerous unguarded [-1] references, so this updated > patch is doubtless still incomplete: The real bug was elsewhere, I think. I installed the attached patch. This patch lacks your test case, which didn't work for me because there is no require_valgrind_ in diffutils. Is require_valgrind_ from coreutils or from some other location? --------------A901DA17227073F06831BACC Content-Type: text/x-patch; name="0001-diff-fix-UMR-with-strip-trailing-cr.patch" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="0001-diff-fix-UMR-with-strip-trailing-cr.patch" >From c0097514df398ab70c58fe75af17ba0d7ec58c73 Mon Sep 17 00:00:00 2001 From: Paul Eggert Date: Fri, 28 Dec 2018 19:00:50 -0800 Subject: [PATCH] diff: fix UMR with --strip-trailing-cr Problem reported by Hongxu Chen (Bug#31935). * src/io.c (prepare_text): Strip trailing CR before doing the rest of the analysis. * NEWS: Mention the fix. Co-authored-by: Jim Meyering --- NEWS | 7 +++++++ src/io.c | 39 +++++++++++++++------------------------ 2 files changed, 22 insertions(+), 24 deletions(-) diff --git a/NEWS b/NEWS index 56e0445..7d115a3 100644 --- a/NEWS +++ b/NEWS @@ -2,6 +2,13 @@ GNU diffutils NEWS -*- outline -*- * Noteworthy changes in release ?.? (????-??-??) [?] +** Bug fixes + + diff --strip-trailing-cr with a single CR byte in one input file + would provoke an uninitialized memory read, e.g., + diff -a --strip-trailing-cr <(printf '\r') <(echo a) + [bug introduced in 2.8 with addition of the --strip-trailing-cr option] + * Noteworthy changes in release 3.6 (2017-05-21) [stable] diff --git a/src/io.c b/src/io.c index fb86392..6c03c70 100644 --- a/src/io.c +++ b/src/io.c @@ -481,42 +481,33 @@ prepare_text (struct file_data *current) { size_t buffered = current->buffered; char *p = FILE_BUFFER (current); - - if (buffered == 0 || p[buffered - 1] == '\n') - current->missing_newline = false; - else - { - p[buffered++] = '\n'; - current->missing_newline = true; - } - if (!p) return; - /* Don't use uninitialized storage when planting or using sentinels. */ - memset (p + buffered, 0, sizeof (word)); - if (strip_trailing_cr) { - char *dst; char *srclim = p + buffered; *srclim = '\r'; - dst = rawmemchr (p, '\r'); + char *dst = rawmemchr (p, '\r'); - if (dst != srclim) + for (char const *src = dst; src != srclim; src++) { - char const *src = dst; - do - { - *dst = *src++; - dst += ! (*dst == '\r' && *src == '\n'); - } - while (src < srclim); - - buffered -= src - dst; + src += *src == '\r' && src[1] == '\n'; + *dst++ = *src; } + + buffered -= srclim - dst; } + if (buffered != 0 && p[buffered - 1] != '\n') + { + p[buffered++] = '\n'; + current->missing_newline = true; + } + + /* Don't use uninitialized storage when planting or using sentinels. */ + memset (p + buffered, 0, sizeof (word)); + current->buffered = buffered; } -- 2.17.1 --------------A901DA17227073F06831BACC-- From debbugs-submit-bounces@debbugs.gnu.org Sat Dec 29 00:08:52 2018 Received: (at 31935) by debbugs.gnu.org; 29 Dec 2018 05:08:52 +0000 Received: from localhost ([127.0.0.1]:40786 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1gd6rj-0001OU-TM for submit@debbugs.gnu.org; Sat, 29 Dec 2018 00:08:52 -0500 Received: from mail-wr1-f50.google.com ([209.85.221.50]:34501) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1gd6rh-0001OF-Q6 for 31935@debbugs.gnu.org; Sat, 29 Dec 2018 00:08:50 -0500 Received: by mail-wr1-f50.google.com with SMTP id j2so22536242wrw.1 for <31935@debbugs.gnu.org>; Fri, 28 Dec 2018 21:08:49 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Z6qXSa9jI7iLPmHRnjhRxYmpmTg5sDCmooolELOUo10=; b=tb2Ti/8RMNIBP/7+SKJj3Jr7tlvXlBAGRUybwU+Bv9nXuwTFmpCo/iOC4tvVsEl736 +ejkEde36XX198xAxyxocw6hIgMK8wbm1pP+dho3XcqoLY/Mnl+To+7+K2jtkjAOySUy hXYKEOZ4WBKBtZzT8lz5X864dR2OVkj3HlAY4E5TXRfqMUZucxtEiyi/JDjkOvtZSGEj HaY+jE8XuxI6pLMH3WxzndvrWx7lI0yXj4Us18NaKb7/QNYcofro2jZj33Z+B/WQ/kkU Lrt7UgKLOZ+vXiYxQ3gOYQshRkt/bPctlhYOFDvPVI/nra7eUk7CJH078HhcdAY0iD5x suNQ== X-Gm-Message-State: AJcUukc1DR+pq4E4e0/5sN9F3SVQydcNG3Vv/zoDNZONLykizMZBDsAb BWFhdyFVy+xrF7kLWlDvZ73GNgiATS0y+Dtv46U= X-Google-Smtp-Source: ALg8bN47rq27z4fOqfkICuQYSWalfNazdYWFkzwkQ5e60tbU0H6msp7e1dmKwQSV6iouUPB/6/D+OgQLUWvwWAj6e+A= X-Received: by 2002:adf:9422:: with SMTP id 31mr28773505wrq.106.1546060124161; Fri, 28 Dec 2018 21:08:44 -0800 (PST) MIME-Version: 1.0 References: In-Reply-To: From: Jim Meyering Date: Fri, 28 Dec 2018 21:08:31 -0800 Message-ID: Subject: Re: [bug-diffutils] bug#31935: bug#31935: 2 crashes in diffutills commit version 576645c To: Paul Eggert Content-Type: text/plain; charset="UTF-8" X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 31935 Cc: 31935@debbugs.gnu.org, Hongxu Chen X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) On Fri, Dec 28, 2018 at 7:11 PM Paul Eggert wrote: > > Jim Meyering wrote: > > There are still numerous unguarded [-1] references, so this updated > > patch is doubtless still incomplete: > > The real bug was elsewhere, I think. I installed the attached patch. This patch > lacks your test case, which didn't work for me because there is no > require_valgrind_ in diffutils. Is require_valgrind_ from coreutils or from some > other location? Thanks. Nice patch. I've pushed the two test-related patches. From debbugs-submit-bounces@debbugs.gnu.org Sat Dec 29 02:15:53 2018 Received: (at 31935-done) by debbugs.gnu.org; 29 Dec 2018 07:15:53 +0000 Received: from localhost ([127.0.0.1]:40799 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1gd8qe-0004bt-Rn for submit@debbugs.gnu.org; Sat, 29 Dec 2018 02:15:53 -0500 Received: from mail-wm1-f65.google.com ([209.85.128.65]:37911) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1gd8qc-0004bf-PY for 31935-done@debbugs.gnu.org; Sat, 29 Dec 2018 02:15:51 -0500 Received: by mail-wm1-f65.google.com with SMTP id m22so21238645wml.3 for <31935-done@debbugs.gnu.org>; Fri, 28 Dec 2018 23:15:50 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=ippVQAWfcq5nQ+bTNlAUQ8ZO3wBN745SKvRuTYZstZY=; b=lxKKLPvBREBAz/ycP9eopShvOdZ3dijAT6J78Xm+qUjxlSlAl5oohjCI+PnlhQVBrn WgItYcCfG70XmpTbKn9+X875KjAO2wK6/p+dd/hLRvWQPYhud1wWHI5dfGTqOxN9phCi 9TWjvkFsS4zA/QAVY1ux/MfiZMQ2sg+5X+Kw1rSMPcd33WIRvSMNX0r3SxOjJC/koD9n xkR4wCr1UM25DQguzBEiQazSTtAUvDqqplsFVV27nRD4HTBiPbtitFXu0HNJytjf4FXr oA7+PE/Q51cstu8A2C+PPbKswXyJ579RuI+ZV3OtfZpGWWfMjq/igX6n7MQBZFBiKYJf ZnBw== X-Gm-Message-State: AA+aEWa8hwRSnF6MChApycuOFE2CISCIgRYP7WOMPPf8GZcc8Np6NZ+Y nywIUGixsQzMLPeOXDRs8r57G5dE9y1mfVLFw0I= X-Google-Smtp-Source: ALg8bN41gtiGFI2/vC9DuIYhkwzEQyveY8bs0VR3Tk8pYMop6c1LzUn0xmCc9JR48qPIyS2VAeuIcUTaRuPjm8mITjc= X-Received: by 2002:a1c:4346:: with SMTP id q67mr27571933wma.114.1546067745094; Fri, 28 Dec 2018 23:15:45 -0800 (PST) MIME-Version: 1.0 References: In-Reply-To: From: Jim Meyering Date: Fri, 28 Dec 2018 23:15:33 -0800 Message-ID: Subject: Re: [bug-diffutils] bug#31935: bug#31935: bug#31935: 2 crashes in diffutills commit version 576645c To: Paul Eggert Content-Type: multipart/mixed; boundary="000000000000bee36b057e23f2a7" X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 31935-done Cc: 31935-done@debbugs.gnu.org, Hongxu Chen X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) --000000000000bee36b057e23f2a7 Content-Type: text/plain; charset="UTF-8" On Fri, Dec 28, 2018 at 9:20 PM Jim Meyering wrote: > > On Fri, Dec 28, 2018 at 7:11 PM Paul Eggert wrote: > > > > Jim Meyering wrote: > > > There are still numerous unguarded [-1] references, so this updated > > > patch is doubtless still incomplete: > > > > The real bug was elsewhere, I think. I installed the attached patch. This patch > > lacks your test case, which didn't work for me because there is no > > require_valgrind_ in diffutils. Is require_valgrind_ from coreutils or from some > > other location? > > Thanks. Nice patch. > I've pushed the two test-related patches. I noticed that the new test would fail when built with ASAN, so will push this: --000000000000bee36b057e23f2a7 Content-Type: application/octet-stream; name="umr-test-vs-asan.diff" Content-Disposition: attachment; filename="umr-test-vs-asan.diff" Content-Transfer-Encoding: base64 Content-ID: X-Attachment-Id: f_jq94sqcy0 RnJvbSBmNWRhZWE3ZjEwZTA2YmIxYjVmYzgyNjZmYzc1N2RmOTcyNzQ4MDIxIE1vbiBTZXAgMTcg MDA6MDA6MDAgMjAwMQpGcm9tOiBKaW0gTWV5ZXJpbmcgPG1leWVyaW5nQGZiLmNvbT4KRGF0ZTog RnJpLCAyOCBEZWMgMjAxOCAyMzoxMzowMSAtMDgwMApTdWJqZWN0OiBbUEFUQ0hdIHRlc3RzOiBz dHJpcC10cmFpbGluZy1jcjogYXZvaWQgZmFpbHVyZSB3aXRoIEFTQU4KCiogdGVzdHMvc3RyaXAt dHJhaWxpbmctY3IgKHZhbGdyaW5kKTogRGVmaW5lIGFzIG5vLW9wIHdoZW4gZGlmZgpoYXMgY29t cGlsZWQgd2l0aCBzYW5pdGl6ZXIgc3VwcG9ydC4KLS0tCiB0ZXN0cy9zdHJpcC10cmFpbGluZy1j ciB8IDcgKysrKysrLQogMSBmaWxlIGNoYW5nZWQsIDYgaW5zZXJ0aW9ucygrKSwgMSBkZWxldGlv bigtKQoKZGlmZiAtLWdpdCBhL3Rlc3RzL3N0cmlwLXRyYWlsaW5nLWNyIGIvdGVzdHMvc3RyaXAt dHJhaWxpbmctY3IKaW5kZXggMzE4ODI5NC4uMjgxMDU5NSAxMDA3NTUKLS0tIGEvdGVzdHMvc3Ry aXAtdHJhaWxpbmctY3IKKysrIGIvdGVzdHMvc3RyaXAtdHJhaWxpbmctY3IKQEAgLTEwLDggKzEw LDEzIEBAIHJlcXVpcmVfdmFsZ3JpbmRfCiBwcmludGYgJ1xyJyA+IHIgfHwgZnJhbWV3b3JrX2Zh aWx1cmVfCiBlY2hvIGIgPiBiIHx8IGZyYW1ld29ya19mYWlsdXJlXwoKKyMgVXNlIHZhbGdyaW5k IG9ubHkgd2hlbiBubyBTYW5pdGl6ZXIgaXMgaW4gdXNlOgorQVNBTl9PUFRJT05TPWhlbHA9dHJ1 ZSBkaWZmIC0taGVscCAyPiYxIHxncmVwIFNhbml0aXplciA+IC9kZXYvbnVsbCBcCisgICYmIGV2 YWwgJ3ZhbGdyaW5kKCkgeyAiJEAiOyB9JyBcCisgIHx8IGV2YWwgJ3ZhbGdyaW5kKCkgeyBlbnYg dmFsZ3JpbmQgLS1xdWlldCAtLWVycm9yLWV4aXRjb2RlPTMgIiRAIjsgfScKKwogZm9yIG9wdCBp biAnJyB1IGMgRGZvbzsgZG8KLSAgcmV0dXJuc18gMSB2YWxncmluZCAtLXF1aWV0IC0tZXJyb3It ZXhpdGNvZGU9MyBcCisgIHJldHVybnNfIDEgdmFsZ3JpbmQgXAogICAgIGRpZmYgLWEkb3B0IC0t c3RyaXAtdHJhaWxpbmctY3IgciBiID4gb3V0IDI+IGVyciB8fCBmYWlsPTEKIGRvbmUKCi0tIAoy LjIwLjEuMi5nYjIxZWJiNjcxYgoK --000000000000bee36b057e23f2a7-- From unknown Sat Aug 16 16:10:30 2025 Received: (at fakecontrol) by fakecontrolmessage; To: internal_control@debbugs.gnu.org From: Debbugs Internal Request Subject: Internal Control Message-Id: bug archived. Date: Sat, 26 Jan 2019 12:24:05 +0000 User-Agent: Fakemail v42.6.9 # This is a fake control message. # # The action: # bug archived. thanks # This fakemail brought to you by your local debbugs # administrator