diff options
author | Jim Meyering <meyering@redhat.com> | 2008-04-15 08:19:11 +0200 |
---|---|---|
committer | Jim Meyering <meyering@redhat.com> | 2008-04-15 08:46:48 +0200 |
commit | 7cb24684cc4ef96bb25dfc1c819acfc3b98d9442 (patch) | |
tree | b0d71c4140509c1906993d06e5c1497fa04a13d8 /src | |
parent | 739cf4e8325775dd6400984b3b52e67b3102e556 (diff) | |
download | coreutils-7cb24684cc4ef96bb25dfc1c819acfc3b98d9442.tar.xz |
md5sum, sha1sum, etc: handle invalid input (i.e., don't segfault)
* src/md5sum.c (bsd_split_3): Return right away if s_len == 0.
* tests/misc/md5sum (bsd-segv): New test for the above.
* tests/misc/sha1sum (bsd-segv): Likewise.
* NEWS: Mention the bug fix.
Reported by Cristian Cadar, Daniel Dunbar and Dawson Engler.
Diffstat (limited to 'src')
-rw-r--r-- | src/md5sum.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/src/md5sum.c b/src/md5sum.c index 28bde9909..5eb8494b0 100644 --- a/src/md5sum.c +++ b/src/md5sum.c @@ -1,5 +1,5 @@ /* Compute MD5, SHA1, SHA224, SHA256, SHA384 or SHA512 checksum of files or strings - Copyright (C) 1995-2007 Free Software Foundation, Inc. + Copyright (C) 1995-2008 Free Software Foundation, Inc. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -205,6 +205,9 @@ bsd_split_3 (char *s, size_t s_len, unsigned char **hex_digest, char **file_name { size_t i; + if (s_len == 0) + return false; + *file_name = s; /* Find end of filename. The BSD 'md5' and 'sha1' commands do not escape |