Bug#192991: Fixed: md5sum for files > 2GB
Kernel: Linux debian 2.4.21-rc1-ac2 #3 Tue Apr 29 20:06:05 CEST 2003 i686 unknown unknown GNU/Linux
Affected: dpkg-1.10.9 and earlier
Dear dpkg maintainer!
As several people before reported before, 'md5sum' fails with a
non-intuitive message "success" when called on files larger than
wagner /aux/v>ls -al aux.tar
-rw-r--r-- 1 wagner users 3928698880 May 12 01:26 aux.tar
wagner /aux/v>md5sum aux.tar
wagner /aux/v>cat aux.tar | md5sum
A look into the code of md5sum.c revealed that for reads from stdin
the function 'fd_md5' is called without result checking, while for
file arguments it is called with result checking. The result type of
'fd_md5' is 'ssize_t', which on some platforms (e.g. i386) is a 32 bit
signed int. It seems that the result of 'fd_md5' is the number of
bytes processed. When this number overflows, 'fd_md5' may return a
negative result. The error handling code then incorrectly detects an
error and calls 'perror' which outputs 'Success', since no error
Explicitely check 'errno' when 'fd_md5' returns a negative result.
This should allways work, regardless of platform or size of 'ssize_t'.
diff dpkg-1.10.9/utils/md5sum.c dpkg-1.10.9-patched/utils/md5sum.c
> #include <errno.h>
> /* Since on some systems 'ssize_t' is only 32 bit,
> * 'fd_md5' may return < 0 on files > 2GB.
> * Do additional checking to be sure errors are
> * actually errors and not numeric overflows.
> errno = 0;
< if ( ret >= 0 )
> if ( ret >= 0 || errno == 0 )
Arno Wagner, Communication Systems Group, ETH Zuerich, firstname.lastname@example.org
GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F
For every complex problem there is an answer that is clear, simple,
and wrong. -- H L Mencken