From 8d78a0d331ec2c168efe6cb85bbc2da86e9a6124 Mon Sep 17 00:00:00 2001 From: Kyle Evans Date: Mon, 13 Feb 2023 00:32:38 -0600 Subject: [PATCH] md5: fix *sum -c with missing files If we fail to open one of the files in the file listing, we still need to advance `rec` along with `argv` so that the checksum we're checking against lines up with the file we're hashing. Tests added both for the -c flag, as well as the -b and -t modes of the *sum programs. PR: 267722 Reviewed by: emaste (earlier version) MFC after: 3 days Differential Revision: https://reviews.freebsd.org/D37374 --- sbin/md5/md5.c | 2 + sbin/md5/tests/Makefile | 4 +- sbin/md5/tests/md5_test.sh | 82 ++++++++++++++++++++++++++++++++++ sbin/md5/tests/sum_a.in | 1 + sbin/md5/tests/sum_b.in | 1 + sbin/md5/tests/sum_c.in | 1 + sbin/md5/tests/sum_sums.digest | 3 ++ 7 files changed, 93 insertions(+), 1 deletion(-) create mode 100644 sbin/md5/tests/md5_test.sh create mode 100644 sbin/md5/tests/sum_a.in create mode 100644 sbin/md5/tests/sum_b.in create mode 100644 sbin/md5/tests/sum_c.in create mode 100644 sbin/md5/tests/sum_sums.digest diff --git a/sbin/md5/md5.c b/sbin/md5/md5.c index db4cdd7da1ff..6bc1a780df86 100644 --- a/sbin/md5/md5.c +++ b/sbin/md5/md5.c @@ -368,6 +368,8 @@ main(int argc, char *argv[]) if ((fd = open(*argv, O_RDONLY)) < 0) { warn("%s", *argv); failed++; + if (cflag && gnu_emu) + rec = rec->next; continue; } /* diff --git a/sbin/md5/tests/Makefile b/sbin/md5/tests/Makefile index 93f3913c687d..7429233ebeaf 100644 --- a/sbin/md5/tests/Makefile +++ b/sbin/md5/tests/Makefile @@ -11,7 +11,7 @@ TEST_DIR= ${SRCTOP}/sbin/md5/tests FILESGROUPS+= FILESinputs FILESinputsPACKAGE= ${PACKAGE} FILESinputsDIR= ${TESTSDIR} -FILESinputs!= echo ${TEST_DIR}/*.inp +FILESinputs!= echo ${TEST_DIR}/*.inp ${TEST_DIR}/*.in FILESGROUPS+= FILESchkfiles FILESchkfilesPACKAGE= ${PACKAGE} @@ -28,6 +28,8 @@ FILESparamPACKAGE= ${PACKAGE} FILESparamDIR= ${TESTSDIR} FILESparam!= echo ${TEST_DIR}/*.txt +ATF_TESTS_SH+= md5_test + PLAIN_TESTS_SH+= self-test PLAIN_TESTS_SH+= bsd-c-test PLAIN_TESTS_SH+= bsd-p-test diff --git a/sbin/md5/tests/md5_test.sh b/sbin/md5/tests/md5_test.sh new file mode 100644 index 000000000000..1aeb91321c74 --- /dev/null +++ b/sbin/md5/tests/md5_test.sh @@ -0,0 +1,82 @@ +# +# SPDX-License-Identifier: BSD-2-Clause +# +# Copyright (c) 2022 Kyle Evans +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. +# + +atf_test_case sum_bflag +sum_bflag_body() +{ + cp $(atf_get_srcdir)/sum_a.in a + cp $(atf_get_srcdir)/sum_a.in b + + (sha256 -q a | tr -d '\n'; echo " *a") > expected + (sha256 -q b | tr -d '\n'; echo " *b") >> expected + + atf_check -o file:expected sha256sum -b a b +} + +atf_test_case sum_cflag +sum_cflag_body() +{ + + # Verify that the *sum -c mode works even if some files are missing. + # PR 267722 identified that we would never advance past the first record + # to check against. As a result, things like checking the published + # checksums for the install media became a more manual process again if + # you didn't download all of the images. + for combo in "a b c" "b c" "a c" "a b" "a" "b" "c" ""; do + rm -f a b c + :> out + cnt=0 + for f in ${combo}; do + cp $(atf_get_srcdir)/sum_${f}.in ${f} + printf "${f}: OK\n" >> out + cnt=$((cnt + 1)) + done + + err=0 + [ "$cnt" -eq 3 ] || err=1 + atf_check -o file:out -e ignore -s exit:${err} \ + sha256sum -c $(atf_get_srcdir)/sum_sums.digest + done + +} + +atf_test_case sum_tflag +sum_tflag_body() +{ + cp $(atf_get_srcdir)/sum_a.in a + + # -t is a nop, not a time trial, when used with the *sum versions + (sha256 -q a | tr -d '\n'; echo " a") > expected + atf_check -o file:expected sha256sum -t a +} + +atf_init_test_cases() +{ + atf_add_test_case sum_bflag + atf_add_test_case sum_cflag + atf_add_test_case sum_tflag +} diff --git a/sbin/md5/tests/sum_a.in b/sbin/md5/tests/sum_a.in new file mode 100644 index 000000000000..257cc5642cb1 --- /dev/null +++ b/sbin/md5/tests/sum_a.in @@ -0,0 +1 @@ +foo diff --git a/sbin/md5/tests/sum_b.in b/sbin/md5/tests/sum_b.in new file mode 100644 index 000000000000..5716ca5987cb --- /dev/null +++ b/sbin/md5/tests/sum_b.in @@ -0,0 +1 @@ +bar diff --git a/sbin/md5/tests/sum_c.in b/sbin/md5/tests/sum_c.in new file mode 100644 index 000000000000..76018072e09c --- /dev/null +++ b/sbin/md5/tests/sum_c.in @@ -0,0 +1 @@ +baz diff --git a/sbin/md5/tests/sum_sums.digest b/sbin/md5/tests/sum_sums.digest new file mode 100644 index 000000000000..613c49dd031d --- /dev/null +++ b/sbin/md5/tests/sum_sums.digest @@ -0,0 +1,3 @@ +SHA256 (a) = b5bb9d8014a0f9b1d61e21e796d78dccdf1352f23cd32812f4850b878ae4944c +SHA256 (b) = 7d865e959b2466918c9863afca942d0fb89d7c9ac0c99bafc3749504ded97730 +SHA256 (c) = bf07a7fbb825fc0aae7bf4a1177b2b31fcf8a3feeaf7092761e18c859ee52a9c