GNU bug report logs - #72682
patch around get_suffix

Previous Next

Package: gzip;

Reported by: John SETH Thielemann <sthielemann <at> jostaly.com>

Date: Sat, 17 Aug 2024 07:14:02 UTC

Severity: normal

Full log

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: John SETH Thielemann <sthielemann <at> jostaly.com>
To: bug-gzip <at> gnu.org
Subject: patch around get_suffix
Date: Sat, 17 Aug 2024 03:48:53 +0000

[Message part 1 (text/plain, inline)]
To whom it may concern;

 Spent some time chasing a red herring around the'get_suffix' function. 
The patch included aims to simplify the logic considerably.

There are a number of interesting points to note:

  Under normal situations (".gz") (could be modified by using -S) the 
predicate:
<code>
        if (z_len < suflen && strequ (z_suffix, *suf + suflen - z_len))
</code>

  Will never be true. Modifications to the suffix string, possibly at 
build time,
or on the command line will trigger the boolean to get set, executing:
<code>
    known_suffixes[suffix_of_builtin
                   ? sizeof known_suffixes / sizeof *known_suffixes - 2
                   : 0] = z_lower;
</code>

  This will drop the duplicated pointer into the next-to-last element of 
the array,
rather than the front. The const qualifier on  known_suffixes on reading 
that it is const but this is not the case.

   strlen is a size_t, there may potentially be sign extension issues. 
It could be possible to craft a pointer as an argument to a mapped 
memory region if it was large enough to trigger a sign extension error, 
however it's extremely unlikely.

Take care,
John SETH Thielemann
JOSTALY Technologies
https://www.jostaly.com
223-231-3511
[gzip.patch (text/x-diff, attachment)]
This bug report was last modified 301 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.