bug#64229: b2sum: heap-overflow in digest_check

Hi, KLEE reported a heap-overflow in b2sum (Coreutils 9.3). When running it with: $ printf '\n\n0A0BA0' | coreutils-9.3/bin/b2sum -c (even '0BA0' seems to work on my machine) ASAN confirms the issue: > #1 0x00473de0 in __interceptor_strchr (s=, > c=) > #2 0x00500a81 in diges

bug#64229: b2sum: heap-overflow in digest_check

On 22/06/2023 17:33, Frank Busse wrote: Hi, KLEE reported a heap-overflow in b2sum (Coreutils 9.3). When running it with: $ printf '\n\n0A0BA0' | coreutils-9.3/bin/b2sum -c (even '0BA0' seems to work on my machine) ASAN confirms the issue: #1 0x00473de0 in __interceptor_strchr (s=,

bug#64233: patch: Ensure that makeinfo ≥ 6.8 checks the @menu structure

Makeinfo versions < 6.7 detected mistakes in the @menu structure of TeXinfo input. Makeinfo versions ≥ 6.8 don't do this any more by default. They need an extra option, for this validation to happen. See . Since doc/coreutils.te

bug#64233: patch: Ensure that makeinfo ≥ 6.8 checks the @menu structure

On 22/06/2023 23:05, Bruno Haible wrote: Makeinfo versions < 6.7 detected mistakes in the @menu structure of TeXinfo input. Makeinfo versions ≥ 6.8 don't do this any more by default. They need an extra option, for this validation to happen. See

bug#64233: patch: Ensure that makeinfo ≥ 6.8 checks the @menu structure

Pádraig Brady wrote: > coreutils has a dep on makeinfo >= 6.1 > and that version supports the -c option, > so the change should work everywhere. Yes. makeinfo versions < 6.8 give a warning that they don't know about the customization variable CHECK_NORMAL_MENU_STRUCTURE. You can simply ignore this