Bug 265461

Summary:

"skein* -q -c <string> <file>" command returns 0 exit code with '-q' and with incorrect skein string

Product:

Base System

Reporter:

Dmitrij <bugs.freebsd>

Component:

bin

Assignee:

Stefan Eßer <se>

Status:

Closed FIXED

Severity:

Affects Many People

CC:

se, vsasjason

Priority:

---

Version:

13.1-RELEASE

Hardware:

amd64

OS:

Any

Attachments:

Description	Flags
Make skein256 -q -c <hash> return 2 on mismatch	se: maintainer-approval+

Description Dmitrij 2022-07-26 18:57:45 UTC

Hello.
skein* -q -c <skein hash string> <file>
returns 0 even if the hash doesn't match file.
without '-q' same command returns 2 on exit if the hash doesn't match file.

Example:
$ date > test.txt
$ skein256sum test.txt > test.txt.skein256
$ cat test.txt.skein256
73581ce92a851207f700d87efdaad6428554d0699bf43b187c67782119446e24  test.txt
$ skein256 -c 73581ce92a851207f700d87efdaad6428554d0699bf43b187c67782119446e24 test.txt; echo $?
Skein256 (test.txt) = 73581ce92a851207f700d87efdaad6428554d0699bf43b187c67782119446e24
0

# change skein string (zeros at the end)
$ skein256 -c 73581ce92a851207f700d87efdaad6428554d0699bf43b187c67782119440000 test.txt ; echo $?
Skein256 (test.txt) = 73581ce92a851207f700d87efdaad6428554d0699bf43b187c67782119446e24 [ Failed ]
2

### Exit code 0 with '-q' and changed skein string!
$ skein256 -q -c 73581ce92a851207f700d87efdaad6428554d0699bf43b187c67782119440000 test.txt ; echo $?
73581ce92a851207f700d87efdaad6428554d0699bf43b187c67782119446e24
0

Comment 1 Dmitrij 2022-07-26 18:59:03 UTC

Tested on amd64

Comment 2 Dmitrij 2022-07-26 19:08:08 UTC

Same result using sha*, rmd* commands, it looks like a general bug, not related to a particular hash algorithm.

Comment 3 Dmitrij 2022-07-26 19:11:05 UTC

# skein256sum -q works fine:
$ skein256sum -q -c test.txt.skein256 ; echo $?
test.txt: FAILED
skein256sum: WARNING: 1 computed checksums did NOT match
2

Comment 4 Stefan Eßer freebsd_committer

2022-07-26 20:45:13 UTC

Created attachment 235498 [details]
Make skein256 -q -c <hash> return 2 on mismatch

The man page does not state that skein256 -q -c <hash> should an return non-zero exit status if the passed hash does not match the contents of the file.

But it seems obvious, that this was an oversight. If the -c option is ignored if combined with -q, it should not be rejected to let the user know that the combination is not supported.

The attached patch makes -q -c <hash> do what the man page says: it prints the calculated hash. And it adds the exist status that results from the check performed by the -c <hash> option.

Comment 5 Stefan Eßer freebsd_committer

2022-07-26 20:48:28 UTC

(In reply to Stefan Eßer from comment #4)

Sorry, editing the response led to out-of-order words, let me try again:

Make skein256 -q -c <hash> return 2 on mismatch

The man page does not state that skein256 -q -c <hash> should return a non-zero exit status if the passed hash does not match the contents of the file.

But it seems obvious, that this was an oversight. If the -c option is ignored if combined with -q, it should be rejected to let the user know that the combination is not supported.

The attached patch makes -q -c <hash> do what the man page says: it prints the calculated hash, and it also adds the exist status that results from the check performed by the -c <hash> option.

Comment 6 commit-hook freebsd_committer

2022-07-26 21:13:45 UTC

A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/src/commit/?id=9f3aa538e307743b2b5048d38f87b7fd32d0c596

commit 9f3aa538e307743b2b5048d38f87b7fd32d0c596
Author:     Stefan Eßer <se@FreeBSD.org>
AuthorDate: 2022-07-26 21:04:57 +0000
Commit:     Stefan Eßer <se@FreeBSD.org>
CommitDate: 2022-07-26 21:04:57 +0000

    sbin/md5.c: fix -q -c for BSD style versions

    The BSD style commands (with names not ending in "sum") ignored the -c
    options and the passed digest value when invoked with -q.

    The man page stated that -q causes only the calculated digest to be
    printed, but did not consider the case of both the -q and -c being
    used in combination.

    Since there is no warning that -c will be ignored when the -q option
    is used, users night (and did) expect that the exit code would reflect
    the matching of the calculated digest and the argument passed with -c.

    This update implements and documents this expected behavior.

    PR:             265461
    Reported by:    Dmitrij <bugs.freebsd@1fff.net>
    MFC after:      2 weeks

 sbin/md5/md5.1 | 11 +++++++----
 sbin/md5/md5.c |  2 ++
 2 files changed, 9 insertions(+), 4 deletions(-)

Comment 7 commit-hook freebsd_committer

2023-02-09 20:18:11 UTC

A commit in branch stable/13 references this bug:

URL: https://cgit.FreeBSD.org/src/commit/?id=a9c97a5ba1ec3fc8ed2aa802c0d085a394e8450d

commit a9c97a5ba1ec3fc8ed2aa802c0d085a394e8450d
Author:     Stefan Eßer <se@FreeBSD.org>
AuthorDate: 2022-07-26 21:04:57 +0000
Commit:     Stefan Eßer <se@FreeBSD.org>
CommitDate: 2023-02-09 20:17:13 +0000

    sbin/md5.c: fix -q -c for BSD style versions

    The BSD style commands (with names not ending in "sum") ignored the -c
    options and the passed digest value when invoked with -q.

    The man page stated that -q causes only the calculated digest to be
    printed, but did not consider the case of both the -q and -c being
    used in combination.

    Since there is no warning that -c will be ignored when the -q option
    is used, users night (and did) expect that the exit code would reflect
    the matching of the calculated digest and the argument passed with -c.

    This update implements and documents this expected behavior.

    PR:             265461
    Reported by:    Dmitrij <bugs.freebsd@1fff.net>
    MFC after:      2 weeks

    (cherry picked from commit 9f3aa538e307743b2b5048d38f87b7fd32d0c596)

 sbin/md5/md5.1 | 11 +++++++----
 sbin/md5/md5.c |  2 ++
 2 files changed, 9 insertions(+), 4 deletions(-)

Comment 8 Mark Linimon freebsd_committer

2024-02-08 03:57:39 UTC

^Triage: committed and MFCed in 2022.