Package: release.debian.org Severity: normal Tags: bullseye User: release.debian....@packages.debian.org Usertags: pu
[ Reason ] This is not a regression, but a discovered bug. dcfldd is an enhanced dd command that is able to calculate the following hashes when copying data: MD5, SHA1 and SHA2. The SHA1 was being wrongly calculated on big endian architectures. dcfldd SHA1 implementation relies on the WORDS_BIGENDIAN define on big-endian platforms to operate correctly, but it was not defined anywhere, causing wrong results. [ Impact ] If not approved, the SHA1 will be wrong on big endian archs. [ Tests ] Some tests were made on s390x and the current CI test on unstable was improved. [ Risks ] This is a trivial change, no risks. [ Checklist ] [x] *all* changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in (old)stable [x] the issue is verified as fixed in unstable [ Changes ] All changes were made in configure.ac file, via patch, to enable big endian. Please, see the debdiff. [ Other info ] No more information.
diff -Nru dcfldd-1.7/debian/changelog dcfldd-1.7/debian/changelog --- dcfldd-1.7/debian/changelog 2020-12-07 01:28:07.000000000 -0300 +++ dcfldd-1.7/debian/changelog 2022-10-17 20:32:39.000000000 -0300 @@ -1,3 +1,21 @@ +dcfldd (1.7-3+deb11u1) bullseye; urgency=medium + + * debian/patches/010_fix-sha1-big-endian.patch: created to fix SHA1 output + on big-endian architectures. dcfldd SHA1 implementation relies on the + WORDS_BIGENDIAN defined on big-endian platforms to operate correctly, + but it was not defined anywhere, causing wrong results. + . + Autoconf's AC_C_BIGENDIAN macro defines WORDS_BIGENDIAN when building on + those platforms, fixing the issue. + . + dcfldd SHA1 implementation can perform endianness runtime checks if + RUNTIME_ENDIAN is defined. This patch also makes runtime checking the + default when configuring the build. + . + Closes: #1021784 + + -- Joao Eriberto Mota Filho <eribe...@debian.org> Mon, 17 Oct 2022 20:32:39 -0300 + dcfldd (1.7-3) unstable; urgency=medium * debian/control: diff -Nru dcfldd-1.7/debian/patches/010_fix-sha1-big-endian.patch dcfldd-1.7/debian/patches/010_fix-sha1-big-endian.patch --- dcfldd-1.7/debian/patches/010_fix-sha1-big-endian.patch 1969-12-31 21:00:00.000000000 -0300 +++ dcfldd-1.7/debian/patches/010_fix-sha1-big-endian.patch 2022-10-17 20:32:39.000000000 -0300 @@ -0,0 +1,42 @@ +Description: Fix SHA1 output on big-endian architectures + dcfldd SHA1 implementation relies on the WORDS_BIGENDIAN define on + big-endian platforms to operate correctly, but it was not defined + anywhere, causing wrong results. + . + Autoconf's AC_C_BIGENDIAN macro defines WORDS_BIGENDIAN when building on + those platforms, fixing the issue. + . + dcfldd SHA1 implementation can perform endianness runtime checks if + RUNTIME_ENDIAN is defined. This patch also makes runtime checking the + default when configuring the build. +Author: David Polverari <david.polver...@gmail.com> +Origin: https://github.com/resurrecting-open-source-projects/dcfldd/commit/cb54a40d831999fff4158e3ac1c2c561c3dea59f.patch + https://github.com/resurrecting-open-source-projects/dcfldd/commit/72fcf757553965ab7f9fca108768b7c4b843baff.patch + https://github.com/resurrecting-open-source-projects/dcfldd/commit/0a03a00875bc59a8983b022da8bfee77ef8b0cd9.patch +Bug: https://github.com/resurrecting-open-source-projects/dcfldd/issues/11 +Bug-Debian: https://bugs.debian.org/1021784 +Last-Update: 2022-10-17 +Index: dcfldd-1.7/configure.ac +=================================================================== +--- dcfldd-1.7.orig/configure.ac ++++ dcfldd-1.7/configure.ac +@@ -38,9 +38,19 @@ AC_PROG_RANLIB + AC_HEADER_STDC + + AC_C_CONST ++AC_C_BIGENDIAN + AC_TYPE_OFF_T + AC_TYPE_SIZE_T + ++AC_ARG_ENABLE([runtime-endian-check], ++ AC_HELP_STRING([--disable-runtime-endian-check], [disable runtime checks for endianness]) ++) ++ ++AS_IF([test "x$enable_runtime_endian_check" != "xno"], [ ++ dnl Do the stuff needed for enabling the feature ++ AC_DEFINE([RUNTIME_ENDIAN], 1, [Define whether to check for endianness during runtime]) ++]) ++ + AC_CHECK_DECLS([strtol, strtoul, strtoumax, strndup]) + + AC_OUTPUT(Makefile src/Makefile man/Makefile) diff -Nru dcfldd-1.7/debian/patches/series dcfldd-1.7/debian/patches/series --- dcfldd-1.7/debian/patches/series 1969-12-31 21:00:00.000000000 -0300 +++ dcfldd-1.7/debian/patches/series 2022-10-17 20:32:39.000000000 -0300 @@ -0,0 +1 @@ +010_fix-sha1-big-endian.patch