From 46444af9e485b95f7ddf24c7fd9ed2586209286c Mon Sep 17 00:00:00 2001 From: Jim Meyering Date: Sat, 18 Aug 2012 07:26:30 +0200 Subject: tests: trigger the sort -u free-memory-read bug * tests/misc/sort-u-FMR: New file. * tests/Makefile.am (TESTS): Add it. * tests/misc/sort: Add the test here, too. * NEWS (Bug fixes): Mention it. --- NEWS | 5 +++++ gnulib | 2 +- tests/Makefile.am | 1 + tests/misc/sort | 4 ++++ tests/misc/sort-u-FMR | 29 +++++++++++++++++++++++++++++ 5 files changed, 40 insertions(+), 1 deletion(-) create mode 100755 tests/misc/sort-u-FMR diff --git a/NEWS b/NEWS index f39a76ae6..1737235d0 100644 --- a/NEWS +++ b/NEWS @@ -14,6 +14,11 @@ GNU coreutils NEWS -*- outline -*- (yes 7 | head -11; echo 1) | sort --p=1 -S32b -u [bug introduced in coreutils-8.6] + sort -u could read freed memory. + For example, this evokes a read from freed memory: + perl -le 'print "a\n"."0"x900'|valgrind sort --p=1 -S32b -u>/dev/null + [bug introduced in coreutils-8.6] + ** New features rm now accepts the --dir (-d) option which makes it remove empty directories. diff --git a/gnulib b/gnulib index 39cedf6f4..bc33a8a0c 160000 --- a/gnulib +++ b/gnulib @@ -1 +1 @@ -Subproject commit 39cedf6f427350ac47118d231c05a7b73b609f89 +Subproject commit bc33a8a0c77285b2bdb5c5d0a4243f7b442a0293 diff --git a/tests/Makefile.am b/tests/Makefile.am index 09d2658e7..69078bdd2 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -260,6 +260,7 @@ TESTS = \ misc/sort-unique-segv \ misc/sort-version \ misc/sort-NaN-infloop \ + misc/sort-u-FMR \ split/filter \ split/suffix-auto-length \ split/suffix-length \ diff --git a/tests/misc/sort b/tests/misc/sort index 4e5116155..10d1e5fbd 100755 --- a/tests/misc/sort +++ b/tests/misc/sort @@ -237,6 +237,10 @@ my @Tests = {IN=>"a 7\n"x10 . "b 1\n"}, {OUT=>"b 1\na 7\n"}], ["unique-key-x86_64", '-u -k2,2 --p=1 -S32b', {IN=>"a 7\n"x11 . "b 1\n"}, {OUT=>"b 1\na 7\n"}], +# Before 8.19, this would trigger a free-memory read. +["unique-free-mem-read", '-u --p=1 -S32b', + {IN=>"a\n"."b"x900 ."\n"}, + {OUT=>"a\n"."b"x900 ."\n"}], # From Erick Branderhorst -- fixed around 1.19e ["16a", '-f', diff --git a/tests/misc/sort-u-FMR b/tests/misc/sort-u-FMR new file mode 100755 index 000000000..303b4291c --- /dev/null +++ b/tests/misc/sort-u-FMR @@ -0,0 +1,29 @@ +#!/bin/sh +# Before 8.19, this would trigger a free-memory read. + +# Copyright (C) 2012 Free Software Foundation, Inc. + +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. + +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +. "${srcdir=.}/init.sh"; path_prepend_ ../src +print_ver_ sort +require_valgrind_ + +{ echo 0; printf '%0900d\n' 1; } > in || framework_failure_ + +valgrind --error-exitcode=1 sort --p=1 -S32b -u in > out || fail=1 + +compare in out || fail=1 + +Exit $fail -- cgit v1.2.3-54-g00ecf