netbsd-bugs: bin/10028: long overflow in gzip

Subject: bin/10028: long overflow in gzip
To: None <gnats-bugs@gnats.netbsd.org>
From: None <prlw1@cam.ac.uk>
List: netbsd-bugs
Date: 05/01/2000 12:42:14
>Number:         10028
>Category:       bin
>Synopsis:       long overflow in gzip
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Mon May 01 12:41:00 PDT 2000
>Closed-Date:
>Last-Modified:
>Originator:     Patrick Welche
>Release:        source of 28 April 2000
>Organization:
	
>Environment:
NetBSD-1.4X/i386
>Description:

henry% gzip -l quartz.tar.gz
compressed  uncompr. ratio uncompressed_name
1292954731 -1772896256   0.0% quartz.tar
henry% gzip -lv quartz.tar.gz
method  crc     date  time  compressed  uncompr. ratio uncompressed_name
defla bde1482d May  1 18:53 1292954731 -1772896256   0.0% quartz.tar

makes for a rather odd uncompressed file size
>How-To-Repeat:

backup a disk with tar czvf, then test your gzipped file
>Fix:

I think the following is OK. The various variables are long rather than
unsigned long, but -1L is essentially used to mean "not set" within the
code. I suppose this could be changed from -1L to NAN and <=0 to isnan() but
then again, just printing out as an unsigned is good enough?

Now:

henry% ./gzip -l ~/quartz.tar.gz
compressed  uncompr. ratio uncompressed_name
1292954731 2522071040   0.0% /home/prlw1/quartz.tar
henry% ./gzip -lv ~/quartz.tar.gz
method  crc     date  time  compressed  uncompr. ratio uncompressed_name
defla bde1482d May  1 18:53 1292954731 2522071040   0.0%
/home/prlw1/quartz.tar


Index: gzip.c
===================================================================
RCS file: /cvsroot/gnusrc/gnu/usr.bin/gzip/gzip.c,v
retrieving revision 1.6
diff -c -r1.6 gzip.c
*** gzip.c	1999/08/20 02:36:28	1.6
--- gzip.c	2000/05/01 19:34:53
***************
*** 1354,1360 ****
  	    printf("                            %9lu %9lu ",
  		   total_in, total_out);
  	} else if (!quiet) {
! 	    printf("%9ld %9ld ", total_in, total_out);
  	}
  	display_ratio(total_out-(total_in-header_bytes), total_out, stdout);
  	/* header_bytes is not meaningful but used to ensure the same
--- 1354,1360 ----
  	    printf("                            %9lu %9lu ",
  		   total_in, total_out);
  	} else if (!quiet) {
! 	    printf("%9lu %9lu ", total_in, total_out);
  	}
  	display_ratio(total_out-(total_in-header_bytes), total_out, stdout);
  	/* header_bytes is not meaningful but used to ensure the same
***************
*** 1392,1398 ****
      if (verbose) {
          printf("%5s %08lx %11s ", methods[method], crc, date);
      }
!     printf("%9ld %9ld ", bytes_in, bytes_out);
      if (bytes_in  == -1L) {
  	total_in = -1L;
  	bytes_in = bytes_out = header_bytes = 0;
--- 1392,1398 ----
      if (verbose) {
          printf("%5s %08lx %11s ", methods[method], crc, date);
      }
!     printf("%9lu %9lu ", bytes_in, bytes_out);
      if (bytes_in  == -1L) {
  	total_in = -1L;
  	bytes_in = bytes_out = header_bytes = 0;
>Release-Note:
>Audit-Trail:
>Unformatted: