Package: binutils Version: 2.22-1 Severity: normal Tags: patch upstream Dear Maintainer,
Here is how to reproduce the problem: $ dd if=/dev/zero of=file2G bs=1M count=2049 2049+0 records in 2049+0 records out 2148532224 bytes (2.1 GB) copied, 47.9032 s, 44.9 MB/s $ ar q ar2G.ar file2G $ od -a ar2G.ar 0000000 ! < a r c h > nl f i l e 2 G / sp 0000020 sp sp sp sp sp sp sp sp 1 3 2 4 4 6 6 2 0000040 8 0 sp sp 1 0 0 0 sp sp 1 0 0 0 sp sp 0000060 1 0 0 6 4 4 sp sp - 2 1 4 6 4 3 5 0000100 0 7 ` nl nul nul nul nul nul nul nul nul nul nul nul nul ^C Note that the archive claims that the 'file2G' size is negative: -214643507. This results in an invalid archive that cannot be extracted: $ ar xv ar2G.ar x - file2G ar: ar2G.ar is not a valid archive A consequence of this, it is impossible to generate Debian packages bigger than 2GB (for instance for applications that have a large dataset). Obviously the file size was stored into a signed 32bit variable. Reading the source code shows that it was actually a long which means there will be further issues if such an archive is moved from a 32bit system to a 64bit one. More precisely, the archive file format is a linked list of element headers and relies on these having accurate size information to find the position of the next element header. Since the archive format allocates 10 characters for the file size, it should be able to handle files up to 10GB. However: * Files between 2GiB and 4GiB The file size is stored as being negative. The archive cannot be extracted by either the 32bit ar or the 64bit one. * Files between 4GiB and 10GB Only the first 32bits are taken into account so ar will write a size of 0.1GiB for a 4.1GiB file. As a result, during extraction ar will think there is an archive element header in the middle of the file, resulting in an error (if not worse). There are also sign issues between 6GiB and 8GiB. * Files bigger than 10GB ar will silently truncated the file size to its first 10 decimal digits. Decoding will fail for the same reason as above. Even 64bit systems are not immune to these issues due to the file sizes being stored in 'unsigned int' variables in various places. -- System Information: Debian Release: wheezy/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.39-2-686-pae (SMP w/2 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages binutils depends on: ii libc6 2.13-21 ii libgcc1 1:4.6.2-7 ii libstdc++6 4.6.2-7 ii zlib1g 1:1.2.3.4.dfsg-3 binutils recommends no packages. Versions of packages binutils suggests: pn binutils-doc <none> -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
