From 0cfd4f2161de5e942cbd7c273d03a90c1dfd2062 Mon Sep 17 00:00:00 2001 From: Jim Meyering Date: Wed, 10 Nov 2010 13:53:38 +0100 Subject: csplit: avoid buffer overrun when writing more than 999 files Without this fix, seq 1000 | csplit - /./ '{*}' would write the NUL-terminated file name, xx1000, into a buffer of size 6. * src/csplit.c (main): Use properly sized file name buffer. * NEWS (Bug fixes): Mention it. * tests/misc/csplit-1000: New test to trigger the bug. * tests/Makefile.am (TESTS): Add misc/csplit-1000. --- tests/misc/csplit-1000 | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100755 tests/misc/csplit-1000 (limited to 'tests/misc/csplit-1000') diff --git a/tests/misc/csplit-1000 b/tests/misc/csplit-1000 new file mode 100755 index 000000000..accbe4685 --- /dev/null +++ b/tests/misc/csplit-1000 @@ -0,0 +1,29 @@ +#!/bin/sh +# various csplit tests + +# Copyright (C) 2010 Free Software Foundation, Inc. + +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. + +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +. "${srcdir=.}/init.sh"; path_prepend_ ../src +test "$VERBOSE" = yes && FIXME --version + +# Before coreutils-8.7, this would overrun the 6-byte filename_space buffer. +# It's hard to detect that without using valgrind, so here, we simply +# run the demonstrator. +seq 1000 | csplit - '/./' '{*}' || fail=1 +test -f xx1000 || fail=1 +test -f xx1001 && fail=1 + +Exit $fail -- cgit v1.2.3-54-g00ecf