Bug 16054 - du: size overflow
Summary: du: size overflow
Status: NEW
Alias: None
Product: Busybox
Classification: Unclassified
Component: Other (show other bugs)
Version: unspecified
Hardware: All Linux
: P5 normal
Target Milestone: ---
Assignee: unassigned
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2024-05-01 14:10 UTC by sertonix
Modified: 2024-05-01 14:10 UTC (History)
1 user (show)

See Also:
Host:
Target:
Build:

Attachments
Minimal config (37.55 KB, application/octet-stream)
2024-05-01 14:10 UTC, sertonix 		Details
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description sertonix 2024-05-01 14:10:25 UTC 
Created attachment 9742 [details]
Minimal config

busybox `du` stores the size sum as `unsigned long long`. This works (with musl at least) until ~16 Exabytes (`2^64-1`) but overflows beyond that due to missing overflow check. This size can be reached with sparse files.

(Run in a tmpfs. Otherwise `dd` may throw size errors)
```sh
dd if=/dev/null bs=1 seek=$(echo '2^63-1' | bc) of=a
dd if=/dev/null bs=1 seek=$(echo '2^63-1' | bc) of=b
printf 12 > more
busybox du -bc a b
=> 18446744073709551614	total
busybox du -bc a b more
=> 0	total
```

The `du` implementation of coreutils prints `Infinity` and a 0 exit code. I think a non zero exit code makes more sense but that is debatable.

Downstream issue: https://gitlab.alpinelinux.org/alpine/aports/-/issues/16075