|
From: | Paul Eggert |
Subject: | Bash printf should diagnose integer overflow |
Date: | Tue, 12 Mar 2024 12:49:49 -0700 |
User-agent: | Mozilla Thunderbird |
Configuration Information: Machine: x86_64 OS: linux-gnu Compiler: gcc Compilation CFLAGS: -g -O2uname output: Linux penguin.cs.ucla.edu 6.7.7-200.fc39.x86_64 #1 SMP PREEMPT_DYNAMIC Fri Mar 1 16:53:59 UTC 2024 x86_64 GNU/Linux
Machine Type: x86_64-redhat-linux-gnu Bash Version: 5.3 Patch Level: 26 Release Status: devel Description: Commands like "printf '%10000000000000000000000000000s' ''" silently ignore width and precision. They should report the integer overflow before continuing with a lesser width or precision. (I ran into this bug while using Bash to output very long strings of spaces for some test cases.) Repeat-By: printf '%10000000000000000000000000000s' '' It prints nothing. It should print a diagnostic if it cannot do the requested operation. Fix: Bash should use C23 <stdckdint.h> to check for integer overflow. Gnulib supplies a replacement stdckdint.h that works on pre-C23 platforms; it's been extensively tested in other GNU apps and doesn't require much setup. The attached patches first add <stdckdint.h> to Bash, then replace Bash's by-hand overflow checking (which I think I contributed a while ago, if memory serves) with uses of the standard C23 macros, and finally fixes printf. Although there are several other integer overflow bugs in Bash I thought I'd send these fixes in now. These patches use the Gnulib files intprops-internal.h and stdckdint.in.h unmodified. I thought this would be better than trying to simplify them to cover just Bash's needs, as it will make it easier to sync with Gnulib later. However, for simplicity these patches do not use all the Gnulib machinery for <stdckdint.h>. These patches can be applied to Bash's devel branch (commit 54f3ed2278025081f897b9bd958fcf099fd5be18 dated Mon Mar 4 14:59:33 2024 -0500) by using the command "git am".
0001-maint-add-support-for-C23-style-stdckdint.h.patch
Description: Text Data
0002-Coalesce-multiple-PRIdMAX-definitions.patch
Description: Text Data
0003-Fix-problems-with-large-brace-expansions.patch
Description: Text Data
0004-printf-now-diagnoses-width-or-prec-overflow.patch
Description: Text Data
[Prev in Thread] | Current Thread | [Next in Thread] |