svn commit: r198671 - in head/usr.bin/bsdiff: bsdiff bspatch

Colin Percival cperciva at FreeBSD.org
Fri Oct 30 11:13:01 UTC 2009 

Author: cperciva
Date: Fri Oct 30 11:13:00 2009
New Revision: 198671
URL: http://svn.freebsd.org/changeset/base/198671

Log:
  Add notes pointing out that bsdiff does not store file hashes and
  bspatch thus does not verify file hashes, and that consequently it
  is recommended that users store hashes separately and verify files
  before and after running bspatch.
  
  Requested by:	BugMagnet
  MFC after:	1 week

Modified:
  head/usr.bin/bsdiff/bsdiff/bsdiff.1
  head/usr.bin/bsdiff/bspatch/bspatch.1

Modified: head/usr.bin/bsdiff/bsdiff/bsdiff.1
==============================================================================
--- head/usr.bin/bsdiff/bsdiff/bsdiff.1	Fri Oct 30 10:10:39 2009	(r198670)
+++ head/usr.bin/bsdiff/bsdiff/bsdiff.1	Fri Oct 30 11:13:00 2009	(r198671)
@@ -65,5 +65,24 @@ an absolute minimum working set size of 
 .Ar oldfile .
 .Sh SEE ALSO
 .Xr bspatch 1
+.Sh BUGS
+The
+.Nm
+utility does not store the hashes of
+.Ar oldfile
+or 
+.Ar newfile
+in
+.Ar patchfile .
+As a result, it is possible to apply a patch to the wrong file; this
+will usually produce garbage.
+It is recommended that users of
+.Nm
+store the hashes of
+.Ar oldfile
+and
+.Ar newfile
+and compare against them before and after applying
+.Ar patchfile .
 .Sh AUTHORS
 .An Colin Percival Aq cperciva at FreeBSD.org

Modified: head/usr.bin/bsdiff/bspatch/bspatch.1
==============================================================================
--- head/usr.bin/bsdiff/bspatch/bspatch.1	Fri Oct 30 10:10:39 2009	(r198670)
+++ head/usr.bin/bsdiff/bspatch/bspatch.1	Fri Oct 30 11:13:00 2009	(r198671)
@@ -61,5 +61,26 @@ but can tolerate a very small working se
 of performance.
 .Sh SEE ALSO
 .Xr bsdiff 1
+.Sh BUGS
+The
+.Nm
+utility does not verify that
+.Ar oldfile
+is the correct source file for
+.Ar patchfile .
+Attempting to apply a patch to the wrong file will usually produce
+garbage; consequently it is strongly recommended that users of
+.Nm
+verify that
+.Ar oldfile
+matches the source file from which
+.Ar patchfile
+was built, by comparing cryptographic hashes, for example.
+Users may also wish to verify after running
+.Nm
+that
+.Ar newfile
+matches the target file from which
+.Ar was built.
 .Sh AUTHORS
 .An Colin Percival Aq cperciva at FreeBSD.org

More information about the svn-src-head mailing list