Bug#877369: perl: Digest::MD5 64 bit issue, calculates incorrect MD5
Marc Lehmann
debian-reportbug at plan9.de
Sun Oct 1 04:19:34 UTC 2017
Package: perl
Version: 5.24.1-3+deb9u2
Severity: normal
Dear Maintainer,
Digest::MD5 calculates the wrong MD5 for large scalars:
$ perl -e 'print "\x00" x 1024 x 1024 x 1024 x 9'|md5sum -
97606009c3309d3a0b4b40ae9fadc720 -
$ perl -MDigest::MD5 -E 'say Digest::MD5::md5_hex "\x00" x 1024 x 1024 x 1024 x 9'
e02694e929aec3068ff272bebe0ae0a4
This is likely due to buggy length calculation in MD5.xs, which fails for
large values of "len" (and hasn't changed for 5.26):
ctx->bytes_low += len;
if (ctx->bytes_low < len) /* wrap around */
ctx->bytes_high++;
-- System Information:
Debian Release: 9.1
APT prefers stable
APT policy: (990, 'stable'), (500, 'stable-updates'), (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.9.51-040951-generic (SMP w/8 CPU cores)
Locale: LANG=C, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=C (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/bash
Init: systemd (via /run/systemd/system)
Versions of packages perl depends on:
ii dpkg 1.18.24
ii libperl5.24 5.24.1-3+deb9u2
ii perl-base 5.24.1-3+deb9u2
ii perl-modules-5.24 5.24.1-3+deb9u2
Versions of packages perl recommends:
ii netbase 5.4
pn rename <none>
Versions of packages perl suggests:
ii libterm-readline-gnu-perl 1.35-1
ii libterm-readline-perl-perl 1.0303-1
ii make 4.1-9.1
pn perl-doc <none>
-- no debconf information
More information about the Perl-maintainers
mailing list