GNU bug report logs - #64229
b2sum: heap-overflow in digest_check

Previous Next

Package: coreutils;

Reported by: Frank Busse <f.busse <at> imperial.ac.uk>

Date: Thu, 22 Jun 2023 16:35:02 UTC

Severity: normal

Done: Pádraig Brady <P <at> draigBrady.com>

Bug is archived. No further changes may be made.

Full log

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Frank Busse <f.busse <at> imperial.ac.uk>
To: bug-coreutils <at> gnu.org
Subject: b2sum: heap-overflow in digest_check
Date: Thu, 22 Jun 2023 17:33:40 +0100

Hi,


KLEE reported a heap-overflow in b2sum (Coreutils 9.3). When running it
with:

$ printf '\n\n0A0BA0' | coreutils-9.3/bin/b2sum -c

(even '0BA0' seems to work on my machine) ASAN confirms the issue:

> #1  0x0000000000473de0 in __interceptor_strchr (s=<optimized out>, c=<optimized out>)
> #2  0x0000000000500a81 in digest_check (checkfile_name=0x7fffffffe69e "stdin") at /tmp/src/coreutils-9.3/src/digest.c:1216
> #3  0x00000000005005e9 in main (argc=3, argv=0x7fffffffe3a8) at /tmp/src/coreutils-9.3/src/digest.c:1607


Best,

Frank
This bug report was last modified 1 year and 338 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.