[Bug 267032] diff(1) -U and -C with very large number of context may produce incorrect line indicator

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=267032

            Bug ID: 267032
           Summary: diff(1) -U and -C with very large number of context
                    may produce incorrect line indicator
           Product: Base System
           Version: 13.0-RELEASE
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: bin
          Assignee: bugs@FreeBSD.org
          Reporter: freebsd-bug-report-yf@yf.bsdclub.org

diff(1) can accept number of context lines up to INT_MAX-1, however, it can
cause signed integer overflow while calculating line number in line indicator.

e.g. on FreeBSD/amd64,

$ /usr/bin/diff -U2147483645 /usr/src/usr.bin/diff/diff.h
/usr/src/usr.bin/diff/diff.c | /usr/bin/grep '^@@'
@@ -1,117 +1,659 @@
@@ --2147483646,0 +-2147483647,0 @@
@@ --2147483634,0 +-2147483643,0 @@
@@ --2147483622,0 +-2147483635,0 @@
@@ --2147483619,0 +-2147483631,0 @@
@@ --2147483616,0 +-2147483627,0 @@
@@ --2147483613,0 +-2147483625,0 @@
@@ --2147483598,0 +-2147483615,0 @@
@@ --2147483596,0 +-2147483612,0 @@
@@ --2147483595,0 +-2147483597,0 @@
@@ --2147483588,0 +-2147483581,0 @@
@@ --2147483574,0 +-2147483535,0 @@
@@ --2147483573,0 +-2147483167,0 @@
@@ --2147483571,0 +-2147483165,0 @@
@@ --2147483562,0 +-2147483158,0 @@
@@ --2147483561,0 +-2147483142,0 @@
@@ --2147483559,0 +-2147483140,0 @@
@@ --2147483555,0 +-2147483135,0 @@
@@ --2147483550,0 +-2147483129,0 @@
@@ --2147483538,0 +-2147483124,0 @@
@@ --2147483534,0 +-2147482992,0 @@

I tried it on FreeBSD/amd64 13.0-RELEASE, with diff built from source brought
from commit 3736b2dd327050d2e6c925964b210eccbaac51ab in main branch.

-- 
You are receiving this mail because:
You are the assignee for the bug.