# Process this file with autom4te to create testsuite. -*- Autotest -*-
# Test suite for GNU tar.
# Copyright 2018-2023 Free Software Foundation, Inc.
# This file is part of GNU tar.
# GNU tar is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 3 of the License, or
# (at your option) any later version.
# GNU tar is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
# You should have received a copy of the GNU General Public License
# along with this program. If not, see .
# Tar up to 1.30 would loop endlessly if a sparse file had been truncated
# while being archived (with --sparse flag).
#
# The bug has been assigned id CVE-2018-20482 (on the grounds that it is a
# denial of service possibility).
#
# Reported by: Chris Siebenmann
# References: <20181226223948.781EB32008E@apps1.cs.toronto.edu>,
#
#
#
AT_SETUP([sparse file truncated while archiving])
AT_KEYWORDS([truncate filechange sparse sptr sptrcreat])
AT_TAR_CHECK([
genfile --sparse --block-size=1024 --file foo \
0 ABCDEFGHIJ 1M ABCDEFGHIJ 10M ABCDEFGHIJ 200M ABCDEFGHIJ || AT_SKIP_TEST
genfile --file baz
genfile --run --checkpoint 3 --length 200m --truncate foo -- \
tar --sparse -vcf bar foo baz
echo Exit status: $?
echo separator
genfile --file foo --seek 200m --length 11575296 --pattern=zeros
tar dvf bar | sed '/foo: Mod time differs/d'],
[0],
[foo
baz
Exit status: 1
separator
foo
baz
],
[tar: foo: File shrank by 11575296 bytes; padding with zeros
],
[],[],[posix, gnu, oldgnu])
AT_CLEANUP