Bug#192991: Fixed: md5sum for files > 2GB
Package: dpkg
Version: 1.10.9
Kernel: Linux debian 2.4.21-rc1-ac2 #3 Tue Apr 29 20:06:05 CEST 2003 i686 unknown unknown GNU/Linux
libc: 2.3.1-16
Affected: dpkg-1.10.9 and earlier
Dear dpkg maintainer!
As several people before reported before, 'md5sum' fails with a
non-intuitive message "success" when called on files larger than
2GB. Example:
wagner /aux/v>ls -al aux.tar
-rw-r--r-- 1 wagner users 3928698880 May 12 01:26 aux.tar
wagner /aux/v>md5sum aux.tar
aux.tar: Success
however:
wagner /aux/v>cat aux.tar | md5sum
ecd7d51416837f891a344ccb61e39dc3 -
A look into the code of md5sum.c revealed that for reads from stdin
the function 'fd_md5' is called without result checking, while for
file arguments it is called with result checking. The result type of
'fd_md5' is 'ssize_t', which on some platforms (e.g. i386) is a 32 bit
signed int. It seems that the result of 'fd_md5' is the number of
bytes processed. When this number overflows, 'fd_md5' may return a
negative result. The error handling code then incorrectly detects an
error and calls 'perror' which outputs 'Success', since no error
actually happened.
Fix:
Explicitely check 'errno' when 'fd_md5' returns a negative result.
This should allways work, regardless of platform or size of 'ssize_t'.
Diff:
diff dpkg-1.10.9/utils/md5sum.c dpkg-1.10.9-patched/utils/md5sum.c
23a24
> #include <errno.h>
198a200,205
> /* Since on some systems 'ssize_t' is only 32 bit,
> * 'fd_md5' may return < 0 on files > 2GB.
> * Do additional checking to be sure errors are
> * actually errors and not numeric overflows.
> */
> errno = 0;
200c207
< if ( ret >= 0 )
---
> if ( ret >= 0 || errno == 0 )
Regards,
Arno Wagner
--
Arno Wagner, Communication Systems Group, ETH Zuerich, wagner@tik.ee.ethz.ch
GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F
----
For every complex problem there is an answer that is clear, simple,
and wrong. -- H L Mencken
Reply to: