Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 19 May 2007 04:11:28 GMT
From:      Ighighi<ighighi@gmail.com>
To:        freebsd-gnats-submit@FreeBSD.org
Subject:   bin/112775: libmd(3) bug for some zero-length files
Message-ID:  <200705190411.l4J4BSgn021189@www.freebsd.org>
Resent-Message-ID: <200705190420.l4J4K4QH054698@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         112775
>Category:       bin
>Synopsis:       libmd(3) bug for some zero-length files
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sat May 19 04:20:03 GMT 2007
>Closed-Date:
>Last-Modified:
>Originator:     Ighighi
>Release:        6.2-STABLE
>Organization:
>Environment:
FreeBSD orion 6.2-STABLE FreeBSD 6.2-STABLE #1: Fri May 18 01:56:15 VET 2007     root@orion:/usr/obj/usr/src/sys/CUSTOM  i386
>Description:
A bug was introduced into version 1.14 of src/lib/libmd/mdXhl.c that prevents any application using the libmd(3) functions {MD4,MD5,SHA_,SHA1_,SHA256_}File() from correctly processing zero-length files on filesystems such as procfs(5).
>How-To-Repeat:
$ /sbin/md5 /proc/1/cmdline
MD5 (/proc/1/cmdline) = d41d8cd98f00b204e9800998ecf8427e
$ /bin/cat /proc/1/cmdline | /sbin/md5
8624f652bec9bf7d9376dca7ea02a6b5

>Fix:
The attached patch uses the code from the previous 1.13 version modified for style(9).
To apply it on your system, run:
cd /usr/src/lib/libmd
make clean && make obj && make depend && make && make install


Patch attached with submission follows:

--- lib/libmd/mdXhl.c.orig	Sun Sep  8 11:10:04 2002
+++ lib/libmd/mdXhl.c	Sat May 19 00:04:24 2007
@@ -43,7 +43,22 @@
 char *
 MDXFile(const char *filename, char *buf)
 {
-	return (MDXFileChunk(filename, buf, 0, 0));
+	unsigned char buffer[BUFSIZ];
+	MDX_CTX ctx;
+	int f, i, j;
+
+	MDXInit(&ctx);
+	f = open(filename, O_RDONLY);
+	if (f < 0)
+		return 0;
+	while ((i = read(f, buffer, sizeof(buffer))) > 0)
+		MDXUpdate(&ctx, buffer, i);
+	j = errno;
+	close(f);
+	errno = j;
+	if (i < 0)
+		return 0;
+	return MDXEnd(&ctx, buf);
 }
 
 char *

>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200705190411.l4J4BSgn021189>