diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..e85e645 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +/cpio-2.12.tar.bz2 diff --git a/EMPTY b/EMPTY deleted file mode 100644 index 0519ecb..0000000 --- a/EMPTY +++ /dev/null @@ -1 +0,0 @@ - \ No newline at end of file diff --git a/cpio-2.10-longnames-split.patch b/cpio-2.10-longnames-split.patch new file mode 100644 index 0000000..6f4ba6e --- /dev/null +++ b/cpio-2.10-longnames-split.patch @@ -0,0 +1,27 @@ +From: Pavel Raiskup +Date: Mon, 14 Sep 2015 09:49:12 +0200 +Subject: [PATCH 6/7] Fix for splitting long file names while creating ustar + archive + +Resolves: #866467 + +diff --git a/src/tar.c b/src/tar.c +index a2ce171..e2b5f45 100644 +--- a/src/tar.c ++++ b/src/tar.c +@@ -49,10 +49,12 @@ split_long_name (const char *name, size_t length) + { + size_t i; + +- if (length > TARPREFIXSIZE) +- length = TARPREFIXSIZE+2; ++ if (length > TARPREFIXSIZE + 1) ++ length = TARPREFIXSIZE + 1; ++ else if (ISSLASH (name[length - 1])) ++ length--; + for (i = length - 1; i > 0; i--) +- if (name[i] == '/') ++ if (ISSLASH (name[i])) + break; + return i; + } diff --git a/cpio-2.10-patternnamesigsegv.patch b/cpio-2.10-patternnamesigsegv.patch new file mode 100644 index 0000000..27e3742 --- /dev/null +++ b/cpio-2.10-patternnamesigsegv.patch @@ -0,0 +1,49 @@ +From: =?UTF-8?q?Ond=C5=99ej=20Va=C5=A1=C3=ADk?= +Date: Mon, 14 Sep 2015 09:47:05 +0200 +Subject: [PATCH 5/7] fix segfault with nonexisting file with patternnames + (#567022) + +diff --git a/src/copyin.c b/src/copyin.c +index 12bd27c..183b5b5 100644 +--- a/src/copyin.c ++++ b/src/copyin.c +@@ -870,21 +870,24 @@ read_pattern_file () + + pattern_fp = fopen (pattern_file_name, "r"); + if (pattern_fp == NULL) +- open_fatal (pattern_file_name); +- while (ds_fgetstr (pattern_fp, &pattern_name, '\n') != NULL) +- { +- if (new_num_patterns >= max_new_patterns) +- { +- max_new_patterns += 1; +- new_save_patterns = (char **) +- xrealloc ((char *) new_save_patterns, +- max_new_patterns * sizeof (char *)); +- } +- new_save_patterns[new_num_patterns] = xstrdup (pattern_name.ds_string); +- ++new_num_patterns; +- } +- if (ferror (pattern_fp) || fclose (pattern_fp) == EOF) +- close_error (pattern_file_name); ++ open_error (pattern_file_name); ++ else ++ { ++ while (ds_fgetstr (pattern_fp, &pattern_name, '\n') != NULL) ++ { ++ if (new_num_patterns >= max_new_patterns) ++ { ++ max_new_patterns += 1; ++ new_save_patterns = (char **) ++ xrealloc ((char *) new_save_patterns, ++ max_new_patterns * sizeof (char *)); ++ } ++ new_save_patterns[new_num_patterns] = xstrdup (pattern_name.ds_string); ++ ++new_num_patterns; ++ } ++ if (ferror (pattern_fp) || fclose (pattern_fp) == EOF) ++ close_error (pattern_file_name); ++ } + + for (i = 0; i < num_patterns; ++i) + new_save_patterns[i] = save_patterns[i]; diff --git a/cpio-2.11-crc-fips-nit.patch b/cpio-2.11-crc-fips-nit.patch new file mode 100644 index 0000000..bd447b5 --- /dev/null +++ b/cpio-2.11-crc-fips-nit.patch @@ -0,0 +1,19 @@ +From: Pavel Raiskup +Date: Mon, 14 Sep 2015 09:51:12 +0200 +Subject: [PATCH 7/7] Note that cpio uses Sum32 checksum only + +Related to Package Wrangler and FIPS check. + +diff --git a/src/main.c b/src/main.c +index a875a13..13cdfcf 100644 +--- a/src/main.c ++++ b/src/main.c +@@ -167,7 +167,7 @@ static struct argp_option options[] = { + {"pattern-file", 'E', N_("FILE"), 0, + N_("Read additional patterns specifying filenames to extract or list from FILE"), 210}, + {"only-verify-crc", ONLY_VERIFY_CRC_OPTION, 0, 0, +- N_("When reading a CRC format archive, only verify the CRC's of each file in the archive, don't actually extract the files"), 210}, ++ N_("When reading a CRC format archive, only verify the checksum of each file in the archive, don't actually extract the files"), 210}, + {"rename", 'r', 0, 0, + N_("Interactively rename files"), GRID+1 }, + {"rename-batch-file", RENAME_BATCH_FILE_OPTION, N_("FILE"), OPTION_HIDDEN, diff --git a/cpio-2.11-retain-symlink-times.patch b/cpio-2.11-retain-symlink-times.patch new file mode 100644 index 0000000..a4e015d --- /dev/null +++ b/cpio-2.11-retain-symlink-times.patch @@ -0,0 +1,92 @@ +From 7a4094d382e74aaed0a0b8356dc24d64952852f9 Mon Sep 17 00:00:00 2001 +From: Pavel Raiskup +Date: Fri, 3 Jul 2020 12:32:58 +0200 +Subject: [PATCH] Extract: retain times for symlinks + +Original report by Pat Riehecky at +https://bugzilla.redhat.com/1486364 + +* src/copyin.c (copyin_device): Don't check for retain_time_flag +global, it's done by set_file_times. +(copyin_link): Call set_file_times to restore symlink times. +* src/util.c (set_perms): Don't check for retain_time_flag global, +done by set_file_times call. +(set_file_times): Do nothing if retain_time_flag global is false. +* src/copypass.c (process_copy_pass): Call set_file_times for +symlinks. +--- + src/copyin.c | 5 ++--- + src/copypass.c | 2 ++ + src/util.c | 6 ++++-- + 3 files changed, 8 insertions(+), 5 deletions(-) + +diff --git a/src/copyin.c b/src/copyin.c +index 183b5b5..267ed4b 100644 +--- a/src/copyin.c ++++ b/src/copyin.c +@@ -639,9 +639,7 @@ copyin_device (struct cpio_file_stat* file_hdr) + /* chown may have turned off some permissions we wanted. */ + if (chmod (file_hdr->c_name, file_hdr->c_mode) < 0) + chmod_error_details (file_hdr->c_name, file_hdr->c_mode); +- if (retain_time_flag) +- set_file_times (-1, file_hdr->c_name, file_hdr->c_mtime, +- file_hdr->c_mtime); ++ set_file_times (-1, file_hdr->c_name, file_hdr->c_mtime, file_hdr->c_mtime); + } + + static void +@@ -692,6 +690,7 @@ copyin_link (struct cpio_file_stat *file_hdr, int in_file_des) + && errno != EPERM) + chown_error_details (file_hdr->c_name, uid, gid); + } ++ set_file_times (-1, file_hdr->c_name, file_hdr->c_mtime, file_hdr->c_mtime); + free (link_name); + } + +diff --git a/src/copypass.c b/src/copypass.c +index c5a9899..b4e7169 100644 +--- a/src/copypass.c ++++ b/src/copypass.c +@@ -317,6 +317,8 @@ process_copy_pass () + && errno != EPERM) + chown_error_details (output_name.ds_string, uid, gid); + } ++ set_file_times (-1, output_name.ds_string, ++ in_file_stat.st_atime, in_file_stat.st_mtime); + free (link_name); + } + #endif +diff --git a/src/util.c b/src/util.c +index 6ff6032..11f9c30 100644 +--- a/src/util.c ++++ b/src/util.c +@@ -1389,7 +1389,6 @@ set_perms (int fd, struct cpio_file_stat *header) + we have to refer to it using name+ instead of name. */ + file_hdr->c_name [cdf_char] = '+'; + #endif +- if (retain_time_flag) + set_file_times (fd, header->c_name, header->c_mtime, header->c_mtime); + } + +@@ -1398,6 +1397,8 @@ set_file_times (int fd, + const char *name, unsigned long atime, unsigned long mtime) + { + struct timespec ts[2]; ++ if (!retain_time_flag) ++ return; + + memset (&ts, 0, sizeof ts); + +@@ -1406,7 +1407,8 @@ set_file_times (int fd, + + /* Silently ignore EROFS because reading the file won't have upset its + timestamp if it's on a read-only filesystem. */ +- if (fdutimens (fd, name, ts) < 0 && errno != EROFS) ++ if ((fd >= 0 ? fdutimens (fd, NULL, ts) : lutimens (name, ts)) < 0 ++ && errno != EROFS) + utime_error (name); + } + +-- +2.24.1 + diff --git a/cpio-2.12-improper-input-validation.patch b/cpio-2.12-improper-input-validation.patch new file mode 100644 index 0000000..ae75da5 --- /dev/null +++ b/cpio-2.12-improper-input-validation.patch @@ -0,0 +1,154 @@ +From: Thomas Habets +Subject: [PATCH] Check for size overflow in tar header fields. + +This prevents surprising outputs being created, e.g. this cpio tar +output with more than one file: + +tar cf suffix.tar AUTHORS +dd if=/dev/zero seek=16G bs=1 count=0 of=suffix.tar +echo suffix.tar | cpio -H tar -o | tar tvf - + +-rw-r--r-- 1000/1000 0 2019-08-30 16:40 suffix.tar +-rw-r--r-- thomas/thomas 161 2019-08-30 16:40 AUTHORS +--- + src/copyout.c | 3 +-- + src/extern.h | 2 +- + src/tar.c | 45 ++++++++++++++++++++++++++++++++------------- + 3 files changed, 34 insertions(+), 16 deletions(-) + +diff --git a/src/copyout.c b/src/copyout.c +index dcae449..56416ba 100644 +--- a/src/copyout.c ++++ b/src/copyout.c +@@ -552,8 +552,7 @@ write_out_header (struct cpio_file_stat *file_hdr, int out_des) + error (0, 0, _("%s: file name too long"), file_hdr->c_name); + return 1; + } +- write_out_tar_header (file_hdr, out_des); /* FIXME: No error checking */ +- return 0; ++ return write_out_tar_header (file_hdr, out_des); + + case arf_binary: + return write_out_binary_header (makedev (file_hdr->c_rdev_maj, +diff --git a/src/extern.h b/src/extern.h +index e27d662..47b477a 100644 +--- a/src/extern.h ++++ b/src/extern.h +@@ -145,7 +145,7 @@ int make_path (char *argpath, uid_t owner, gid_t group, + const char *verbose_fmt_string); + + /* tar.c */ +-void write_out_tar_header (struct cpio_file_stat *file_hdr, int out_des); ++int write_out_tar_header (struct cpio_file_stat *file_hdr, int out_des); + int null_block (long *block, int size); + void read_in_tar_header (struct cpio_file_stat *file_hdr, int in_des); + int otoa (char *s, unsigned long *n); +diff --git a/src/tar.c b/src/tar.c +index e2b5f45..53dc99a 100644 +--- a/src/tar.c ++++ b/src/tar.c +@@ -93,8 +93,9 @@ stash_tar_filename (char *prefix, char *filename) + sprintf (where, "%*lo ", digits - 2, value); + except that sprintf fills in the trailing NUL and we don't. */ + +-static void +-to_oct (register long value, register int digits, register char *where) ++static int ++to_oct_or_error (register long value, register int digits, register char *where, ++ const char *filename, const char *fieldname) + { + --digits; /* Leave the trailing NUL slot alone. */ + +@@ -105,10 +106,17 @@ to_oct (register long value, register int digits, register char *where) + value >>= 3; + } + while (digits > 0 && value != 0); ++ if (value > 0) ++ { ++ error (1, 0, _("%s: field width not sufficient for storing %s"), ++ filename, fieldname); ++ return 1; ++ } + + /* Add leading zeroes, if necessary. */ + while (digits > 0) + where[--digits] = '0'; ++ return 0; + } + + +@@ -139,7 +147,7 @@ tar_checksum (struct tar_header *tar_hdr) + /* Write out header FILE_HDR, including the file name, to file + descriptor OUT_DES. */ + +-void ++int + write_out_tar_header (struct cpio_file_stat *file_hdr, int out_des) + { + int name_len; +@@ -168,11 +176,16 @@ write_out_tar_header (struct cpio_file_stat *file_hdr, int out_des) + + /* Ustar standard (POSIX.1-1988) requires the mode to contain only 3 octal + digits */ +- to_oct (file_hdr->c_mode & MODE_ALL, 8, tar_hdr->mode); +- to_oct (file_hdr->c_uid, 8, tar_hdr->uid); +- to_oct (file_hdr->c_gid, 8, tar_hdr->gid); +- to_oct (file_hdr->c_filesize, 12, tar_hdr->size); +- to_oct (file_hdr->c_mtime, 12, tar_hdr->mtime); ++ if (to_oct_or_error (file_hdr->c_mode & MODE_ALL, 8, tar_hdr->mode, file_hdr->c_name, _("mode"))) ++ return 1; ++ if (to_oct_or_error (file_hdr->c_uid, 8, tar_hdr->uid, file_hdr->c_name, _("uid"))) ++ return 1; ++ if (to_oct_or_error (file_hdr->c_gid, 8, tar_hdr->gid, file_hdr->c_name, _("gid"))) ++ return 1; ++ if (to_oct_or_error (file_hdr->c_filesize, 12, tar_hdr->size, file_hdr->c_name, _("file size"))) ++ return 1; ++ if (to_oct_or_error (file_hdr->c_mtime, 12, tar_hdr->mtime, file_hdr->c_name, _("modification time"))) ++ return 1; + + switch (file_hdr->c_mode & CP_IFMT) + { +@@ -184,7 +197,8 @@ write_out_tar_header (struct cpio_file_stat *file_hdr, int out_des) + strncpy (tar_hdr->linkname, file_hdr->c_tar_linkname, + TARLINKNAMESIZE); + tar_hdr->typeflag = LNKTYPE; +- to_oct (0, 12, tar_hdr->size); ++ if (to_oct_or_error (0, 12, tar_hdr->size, file_hdr->c_name, _("file size"))) ++ return 1; + } + else + tar_hdr->typeflag = REGTYPE; +@@ -210,7 +224,8 @@ write_out_tar_header (struct cpio_file_stat *file_hdr, int out_des) + than TARLINKNAMESIZE. */ + strncpy (tar_hdr->linkname, file_hdr->c_tar_linkname, + TARLINKNAMESIZE); +- to_oct (0, 12, tar_hdr->size); ++ if (to_oct_or_error (0, 12, tar_hdr->size, file_hdr->c_name, _("file size"))) ++ return 1; + break; + #endif /* CP_IFLNK */ + } +@@ -229,13 +244,17 @@ write_out_tar_header (struct cpio_file_stat *file_hdr, int out_des) + if (name) + strcpy (tar_hdr->gname, name); + +- to_oct (file_hdr->c_rdev_maj, 8, tar_hdr->devmajor); +- to_oct (file_hdr->c_rdev_min, 8, tar_hdr->devminor); ++ if (to_oct_or_error (file_hdr->c_rdev_maj, 8, tar_hdr->devmajor, file_hdr->c_name, _("rdev major"))) ++ return 1; ++ if (to_oct_or_error (file_hdr->c_rdev_min, 8, tar_hdr->devminor, file_hdr->c_name, _("rdev minor"))) ++ return 1; + } + +- to_oct (tar_checksum (tar_hdr), 8, tar_hdr->chksum); ++ if (to_oct_or_error (tar_checksum (tar_hdr), 8, tar_hdr->chksum, file_hdr->c_name, _("checksum"))) ++ return 1; + + tape_buffered_write ((char *) &tar_rec, out_des, TARRECORDSIZE); ++ return 0; + } + + /* Return nonzero iff all the bytes in BLOCK are NUL. +-- +2.26.0 + diff --git a/cpio-2.13-CVE-2021-38185.patch b/cpio-2.13-CVE-2021-38185.patch new file mode 100644 index 0000000..556959c --- /dev/null +++ b/cpio-2.13-CVE-2021-38185.patch @@ -0,0 +1,1266 @@ +From be54882039632c791493d3657042f7ea9d6f4a20 Mon Sep 17 00:00:00 2001 +From: Ondrej Dubaj +Date: Tue, 21 Sep 2021 11:42:02 +0200 +Subject: [PATCH] * src/dstring.c (ds_init): Take a single argument. + (ds_free): New function. (ds_resize): Take a single argument. Use + x2nrealloc to expand the storage. + (ds_reset,ds_append,ds_concat,ds_endswith): New function. (ds_fgetstr): + Rewrite. In particular, this fixes integer overflow. (ds_resize): Take + additional argument: number of bytes to leave available after ds_idx. All + uses changed. * src/dstring.h (dynamic_string): Keep both the allocated + length (ds_size) and index of the next free byte in the string (ds_idx). + (ds_init,ds_resize): Change signature. (ds_len): New macro. + (ds_free,ds_reset,ds_append,ds_concat,ds_endswith): New protos. * + src/copyin.c: Use new ds_ functions. (read_name_from_file): Handle len == 0. + (read_name_from_file): Print error message and skip file if its name is not + nul-terminated. (long_format): Cast rdev numbers to unsigned long * + src/copyout.c: Likewise. * src/copypass.c: Likewise. * src/util.c: Likewise. + (tape_empty_output_buffer): Fix condition. * src/idcache.c + (getuser,getgroup): Use umaxtostr instead of sprintf. * src/userspec.c + (parse_user_spec): Likewise. + +--- + configure.ac | 4 +- + src/copyin.c | 228 ++++++++++++++++++------------------------------- + src/copyout.c | 77 +++++++++-------- + src/copypass.c | 34 ++++---- + src/cpiohdr.h | 9 +- + src/dstring.c | 89 +++++++++++++------ + src/dstring.h | 30 +++---- + src/extern.h | 22 +++-- + src/idcache.c | 11 ++- + src/makepath.c | 2 +- + src/userspec.c | 9 +- + src/util.c | 53 +++++++++--- + 12 files changed, 294 insertions(+), 274 deletions(-) + +diff --git a/configure.ac b/configure.ac +index c68bd44..49eaacd 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -21,8 +21,8 @@ AC_INIT([GNU cpio], [2.12], [bug-cpio@gnu.org],, + AC_CONFIG_SRCDIR(src/cpio.h) + AC_CONFIG_AUX_DIR([build-aux]) + AC_CONFIG_HEADERS([config.h]) +-AC_PREREQ([2.63]) +-AM_INIT_AUTOMAKE([1.11.1 gnits tar-ustar dist-bzip2 std-options silent-rules]) ++AC_PREREQ([2.64]) ++AM_INIT_AUTOMAKE([1.15 gnits tar-ustar dist-bzip2 std-options silent-rules]) + + # Enable silent rules by default: + AM_SILENT_RULES([yes]) +diff --git a/src/copyin.c b/src/copyin.c +index 267ed4b..2f9da73 100644 +--- a/src/copyin.c ++++ b/src/copyin.c +@@ -56,10 +56,10 @@ query_rename(struct cpio_file_stat* file_hdr, FILE *tty_in, FILE *tty_out, + static dynamic_string new_name; /* New file name for rename option. */ + static int initialized_new_name = false; + if (!initialized_new_name) +- { +- ds_init (&new_name, 128); +- initialized_new_name = true; +- } ++ { ++ ds_init (&new_name); ++ initialized_new_name = true; ++ } + + if (rename_flag) + { +@@ -76,28 +76,7 @@ query_rename(struct cpio_file_stat* file_hdr, FILE *tty_in, FILE *tty_out, + return -1; + } + else +- /* Debian hack: file_hrd.c_name is sometimes set to +- point to static memory by code in tar.c. This +- causes a segfault. This has been fixed and an +- additional check to ensure that the file name +- is not too long has been added. (Reported by +- Horst Knobloch.) This bug has been reported to +- "bug-gnu-utils@prep.ai.mit.edu". (99/1/6) -BEM */ +- { +- if (archive_format != arf_tar && archive_format != arf_ustar) +- { +- free (file_hdr->c_name); +- file_hdr->c_name = xstrdup (new_name.ds_string); +- } +- else +- { +- if (is_tar_filename_too_long (new_name.ds_string)) +- error (0, 0, _("%s: file name too long"), +- new_name.ds_string); +- else +- strcpy (file_hdr->c_name, new_name.ds_string); +- } +- } ++ cpio_set_c_name (file_hdr, new_name.ds_string); + return 0; + } + +@@ -173,10 +152,8 @@ list_file (struct cpio_file_stat* file_hdr, int in_file_des) + } + else + { +- /* Debian hack: Modified to print a list of filenames +- terminiated by a null character when the -t and -0 +- flags are used. This has been submitted as a +- suggestion to "bug-gnu-utils@prep.ai.mit.edu". -BEM */ ++ /* Print out the name as it is. The name_end delimiter is normally ++ '\n', but can be reset to '\0' by the -0 option. */ + printf ("%s%c", file_hdr->c_name, name_end); + } + +@@ -201,7 +178,7 @@ list_file (struct cpio_file_stat* file_hdr, int in_file_des) + + static int + try_existing_file (struct cpio_file_stat* file_hdr, int in_file_des, +- int *existing_dir) ++ bool *existing_dir) + { + struct stat file_stat; + +@@ -344,8 +321,7 @@ create_defered_links_to_skipped (struct cpio_file_stat *file_hdr, + d_prev->next = d->next; + else + deferments = d->next; +- free (file_hdr->c_name); +- file_hdr->c_name = xstrdup(d->header.c_name); ++ cpio_set_c_name (file_hdr, d->header.c_name); + free_deferment (d); + copyin_regular_file(file_hdr, in_file_des); + return 0; +@@ -697,7 +673,7 @@ copyin_link (struct cpio_file_stat *file_hdr, int in_file_des) + static void + copyin_file (struct cpio_file_stat *file_hdr, int in_file_des) + { +- int existing_dir; ++ bool existing_dir = false; + + if (!to_stdout_option + && try_existing_file (file_hdr, in_file_des, &existing_dir) < 0) +@@ -748,7 +724,7 @@ static time_t current_time; + this file is a symbolic link to. */ + + void +-long_format (struct cpio_file_stat *file_hdr, char *link_name) ++long_format (struct cpio_file_stat *file_hdr, char const *link_name) + { + char mbuf[11]; + char tbuf[40]; +@@ -780,92 +756,42 @@ long_format (struct cpio_file_stat *file_hdr, char *link_name) + + if ((file_hdr->c_mode & CP_IFMT) == CP_IFCHR + || (file_hdr->c_mode & CP_IFMT) == CP_IFBLK) +- printf ("%3lu, %3lu ", file_hdr->c_rdev_maj, +- file_hdr->c_rdev_min); ++ printf ("%3lu, %3lu ", ++ (unsigned long) file_hdr->c_rdev_maj, ++ (unsigned long) file_hdr->c_rdev_min); + else + printf ("%8"PRIuMAX" ", (uintmax_t) file_hdr->c_filesize); + + printf ("%s ", tbuf + 4); + +- print_name_with_quoting (file_hdr->c_name); ++ printf ("%s", quotearg (file_hdr->c_name)); + if (link_name) + { + printf (" -> "); +- print_name_with_quoting (link_name); ++ printf ("%s", quotearg (link_name)); + } + putc ('\n', stdout); + } + +-void +-print_name_with_quoting (register char *p) +-{ +- register unsigned char c; +- +- while ( (c = *p++) ) +- { +- switch (c) +- { +- case '\\': +- printf ("\\\\"); +- break; +- +- case '\n': +- printf ("\\n"); +- break; +- +- case '\b': +- printf ("\\b"); +- break; +- +- case '\r': +- printf ("\\r"); +- break; +- +- case '\t': +- printf ("\\t"); +- break; +- +- case '\f': +- printf ("\\f"); +- break; +- +- case ' ': +- printf ("\\ "); +- break; +- +- case '"': +- printf ("\\\""); +- break; +- +- default: +- if (c > 040 && c < 0177) +- putchar (c); +- else +- printf ("\\%03o", (unsigned int) c); +- } +- } +-} +- + /* Read a pattern file (for the -E option). Put a list of + `num_patterns' elements in `save_patterns'. Any patterns that were + already in `save_patterns' (from the command line) are preserved. */ + + static void +-read_pattern_file () ++read_pattern_file (void) + { +- int max_new_patterns; +- char **new_save_patterns; +- int new_num_patterns; ++ char **new_save_patterns = NULL; ++ size_t max_new_patterns; ++ size_t new_num_patterns; + int i; +- dynamic_string pattern_name; ++ dynamic_string pattern_name = DYNAMIC_STRING_INITIALIZER; + FILE *pattern_fp; + + if (num_patterns < 0) + num_patterns = 0; +- max_new_patterns = 1 + num_patterns; +- new_save_patterns = (char **) xmalloc (max_new_patterns * sizeof (char *)); + new_num_patterns = num_patterns; +- ds_init (&pattern_name, 128); ++ max_new_patterns = num_patterns; ++ new_save_patterns = xcalloc (max_new_patterns, sizeof (new_save_patterns[0])); + + pattern_fp = fopen (pattern_file_name, "r"); + if (pattern_fp == NULL) +@@ -874,16 +800,16 @@ read_pattern_file () + { + while (ds_fgetstr (pattern_fp, &pattern_name, '\n') != NULL) + { +- if (new_num_patterns >= max_new_patterns) +- { +- max_new_patterns += 1; +- new_save_patterns = (char **) +- xrealloc ((char *) new_save_patterns, +- max_new_patterns * sizeof (char *)); +- } ++ if (new_num_patterns == max_new_patterns) ++ new_save_patterns = x2nrealloc (new_save_patterns, ++ &max_new_patterns, ++ sizeof (new_save_patterns[0])); + new_save_patterns[new_num_patterns] = xstrdup (pattern_name.ds_string); + ++new_num_patterns; + } ++ ++ ds_free (&pattern_name); ++ + if (ferror (pattern_fp) || fclose (pattern_fp) == EOF) + close_error (pattern_file_name); + } +@@ -1066,6 +992,27 @@ read_in_header (struct cpio_file_stat *file_hdr, int in_des) + } + } + ++static void ++read_name_from_file (struct cpio_file_stat *file_hdr, int fd, uintmax_t len) ++{ ++ if (len == 0) ++ { ++ error (0, 0, _("malformed header: file name of zero length")); ++ } ++ else ++ { ++ cpio_realloc_c_name (file_hdr, len); ++ tape_buffered_read (file_hdr->c_name, fd, len); ++ if (file_hdr->c_name[len-1] != 0) ++ { ++ error (0, 0, _("malformed header: file name is not nul-terminated")); ++ /* Skip this file */ ++ len = 0; ++ } ++ } ++ file_hdr->c_namesize = len; ++} ++ + /* Fill in FILE_HDR by reading an old-format ASCII format cpio header from + file descriptor IN_DES, except for the magic number, which is + already filled in. */ +@@ -1092,14 +1039,9 @@ read_in_old_ascii (struct cpio_file_stat *file_hdr, int in_des) + file_hdr->c_rdev_min = minor (dev); + + file_hdr->c_mtime = FROM_OCTAL (ascii_header.c_mtime); +- file_hdr->c_namesize = FROM_OCTAL (ascii_header.c_namesize); + file_hdr->c_filesize = FROM_OCTAL (ascii_header.c_filesize); + +- /* Read file name from input. */ +- if (file_hdr->c_name != NULL) +- free (file_hdr->c_name); +- file_hdr->c_name = (char *) xmalloc (file_hdr->c_namesize + 1); +- tape_buffered_read (file_hdr->c_name, in_des, (long) file_hdr->c_namesize); ++ read_name_from_file (file_hdr, in_des, FROM_OCTAL (ascii_header.c_namesize)); + + /* HP/UX cpio creates archives that look just like ordinary archives, + but for devices it sets major = 0, minor = 1, and puts the +@@ -1154,14 +1096,9 @@ read_in_new_ascii (struct cpio_file_stat *file_hdr, int in_des) + file_hdr->c_dev_min = FROM_HEX (ascii_header.c_dev_min); + file_hdr->c_rdev_maj = FROM_HEX (ascii_header.c_rdev_maj); + file_hdr->c_rdev_min = FROM_HEX (ascii_header.c_rdev_min); +- file_hdr->c_namesize = FROM_HEX (ascii_header.c_namesize); + file_hdr->c_chksum = FROM_HEX (ascii_header.c_chksum); + +- /* Read file name from input. */ +- if (file_hdr->c_name != NULL) +- free (file_hdr->c_name); +- file_hdr->c_name = (char *) xmalloc (file_hdr->c_namesize); +- tape_buffered_read (file_hdr->c_name, in_des, (long) file_hdr->c_namesize); ++ read_name_from_file (file_hdr, in_des, FROM_HEX (ascii_header.c_namesize)); + + /* In SVR4 ASCII format, the amount of space allocated for the header + is rounded up to the next long-word, so we might need to drop +@@ -1209,16 +1146,10 @@ read_in_binary (struct cpio_file_stat *file_hdr, + file_hdr->c_rdev_min = minor ((unsigned short)short_hdr->c_rdev); + file_hdr->c_mtime = (unsigned long) short_hdr->c_mtimes[0] << 16 + | short_hdr->c_mtimes[1]; +- +- file_hdr->c_namesize = short_hdr->c_namesize; + file_hdr->c_filesize = (unsigned long) short_hdr->c_filesizes[0] << 16 + | short_hdr->c_filesizes[1]; + +- /* Read file name from input. */ +- if (file_hdr->c_name != NULL) +- free (file_hdr->c_name); +- file_hdr->c_name = (char *) xmalloc (file_hdr->c_namesize); +- tape_buffered_read (file_hdr->c_name, in_des, (long) file_hdr->c_namesize); ++ read_name_from_file (file_hdr, in_des, short_hdr->c_namesize); + + /* In binary mode, the amount of space allocated in the header for + the filename is `c_namesize' rounded up to the next short-word, +@@ -1278,14 +1209,14 @@ swab_array (char *ptr, int count) + in the file system. */ + + void +-process_copy_in () ++process_copy_in (void) + { +- char done = false; /* True if trailer reached. */ + FILE *tty_in = NULL; /* Interactive file for rename option. */ + FILE *tty_out = NULL; /* Interactive file for rename option. */ + FILE *rename_in = NULL; /* Batch file for rename option. */ + struct stat file_stat; /* Output file stat record. */ +- struct cpio_file_stat file_hdr; /* Output header information. */ ++ struct cpio_file_stat file_hdr = CPIO_FILE_STAT_INITIALIZER; ++ /* Output header information. */ + int in_file_des; /* Input file descriptor. */ + char skip_file; /* Flag for use with patterns. */ + int i; /* Loop index variable. */ +@@ -1298,8 +1229,7 @@ process_copy_in () + { + read_pattern_file (); + } +- file_hdr.c_name = NULL; +- ++ file_hdr.c_namesize = 0; + if (rename_batch_file) + { + rename_in = fopen (rename_batch_file, "r"); +@@ -1352,7 +1282,7 @@ process_copy_in () + change_dir (); + + /* While there is more input in the collection, process the input. */ +- while (!done) ++ while (1) + { + swapping_halfwords = swapping_bytes = false; + +@@ -1380,30 +1310,32 @@ process_copy_in () + + } + #endif +- /* Is this the header for the TRAILER file? */ +- if (strcmp (CPIO_TRAILER_NAME, file_hdr.c_name) == 0) ++ if (file_hdr.c_namesize == 0) ++ skip_file = true; ++ else + { +- done = true; +- break; +- } ++ /* Is this the header for the TRAILER file? */ ++ if (strcmp (CPIO_TRAILER_NAME, file_hdr.c_name) == 0) ++ break; + +- cpio_safer_name_suffix (file_hdr.c_name, false, !no_abs_paths_flag, +- false); ++ cpio_safer_name_suffix (file_hdr.c_name, false, !no_abs_paths_flag, ++ false); + +- /* Does the file name match one of the given patterns? */ +- if (num_patterns <= 0) +- skip_file = false; +- else +- { +- skip_file = copy_matching_files; +- for (i = 0; i < num_patterns +- && skip_file == copy_matching_files; i++) ++ /* Does the file name match one of the given patterns? */ ++ if (num_patterns <= 0) ++ skip_file = false; ++ else + { +- if (fnmatch (save_patterns[i], file_hdr.c_name, 0) == 0) +- skip_file = !copy_matching_files; ++ skip_file = copy_matching_files; ++ for (i = 0; i < num_patterns ++ && skip_file == copy_matching_files; i++) ++ { ++ if (fnmatch (save_patterns[i], file_hdr.c_name, 0) == 0) ++ skip_file = !copy_matching_files; ++ } + } + } +- ++ + if (skip_file) + { + /* If we're skipping a file with links, there might be other +@@ -1494,6 +1426,8 @@ process_copy_in () + fputc ('\n', stderr); + + apply_delayed_set_stat (); ++ ++ cpio_file_stat_free (&file_hdr); + + if (append_flag) + return; +diff --git a/src/copyout.c b/src/copyout.c +index 56416ba..a576f27 100644 +--- a/src/copyout.c ++++ b/src/copyout.c +@@ -269,26 +269,32 @@ writeout_final_defers (int out_des) + so it should be moved to paxutils too. + Allowed values for logbase are: 1 (binary), 2, 3 (octal), 4 (hex) */ + int +-to_ascii (char *where, uintmax_t v, size_t digits, unsigned logbase) ++to_ascii (char *where, uintmax_t v, size_t digits, unsigned logbase, bool nul) + { + static char codetab[] = "0123456789ABCDEF"; +- int i = digits; + +- do ++ if (nul) ++ where[--digits] = 0; ++ while (digits > 0) + { +- where[--i] = codetab[(v & ((1 << logbase) - 1))]; ++ where[--digits] = codetab[(v & ((1 << logbase) - 1))]; + v >>= logbase; + } +- while (i); + + return v != 0; + } + +-static void +-field_width_error (const char *filename, const char *fieldname) ++void ++field_width_error (const char *filename, const char *fieldname, ++ uintmax_t value, size_t width, bool nul) + { +- error (1, 0, _("%s: field width not sufficient for storing %s"), +- filename, fieldname); ++ char valbuf[UINTMAX_STRSIZE_BOUND + 1]; ++ char maxbuf[UINTMAX_STRSIZE_BOUND + 1]; ++ error (1, 0, _("%s: value %s %s out of allowed range 0..%s"), ++ filename, fieldname, ++ STRINGIFY_BIGINT (value, valbuf), ++ STRINGIFY_BIGINT (MAX_VAL_WITH_DIGITS (width - nul, LG_8), ++ maxbuf)); + } + + static void +@@ -303,7 +309,7 @@ to_ascii_or_warn (char *where, uintmax_t n, size_t digits, + unsigned logbase, + const char *filename, const char *fieldname) + { +- if (to_ascii (where, n, digits, logbase)) ++ if (to_ascii (where, n, digits, logbase, false)) + field_width_warning (filename, fieldname); + } + +@@ -312,9 +318,9 @@ to_ascii_or_error (char *where, uintmax_t n, size_t digits, + unsigned logbase, + const char *filename, const char *fieldname) + { +- if (to_ascii (where, n, digits, logbase)) ++ if (to_ascii (where, n, digits, logbase, false)) + { +- field_width_error (filename, fieldname); ++ field_width_error (filename, fieldname, n, digits, false); + return 1; + } + return 0; +@@ -371,7 +377,7 @@ write_out_new_ascii_header (const char *magic_string, + _("name size"))) + return 1; + p += 8; +- to_ascii (p, file_hdr->c_chksum & 0xffffffff, 8, LG_16); ++ to_ascii (p, file_hdr->c_chksum & 0xffffffff, 8, LG_16, false); + + tape_buffered_write (ascii_header, out_des, sizeof ascii_header); + +@@ -388,7 +394,7 @@ write_out_old_ascii_header (dev_t dev, dev_t rdev, + char ascii_header[76]; + char *p = ascii_header; + +- to_ascii (p, file_hdr->c_magic, 6, LG_8); ++ to_ascii (p, file_hdr->c_magic, 6, LG_8, false); + p += 6; + to_ascii_or_warn (p, dev, 6, LG_8, file_hdr->c_name, _("device number")); + p += 6; +@@ -492,7 +498,10 @@ write_out_binary_header (dev_t rdev, + short_hdr.c_namesize = file_hdr->c_namesize & 0xFFFF; + if (short_hdr.c_namesize != file_hdr->c_namesize) + { +- field_width_error (file_hdr->c_name, _("name size")); ++ char maxbuf[UINTMAX_STRSIZE_BOUND + 1]; ++ error (1, 0, _("%s: value %s %s out of allowed range 0..%u"), ++ file_hdr->c_name, _("name size"), ++ STRINGIFY_BIGINT (file_hdr->c_namesize, maxbuf), 0xFFFFu); + return 1; + } + +@@ -502,7 +511,10 @@ write_out_binary_header (dev_t rdev, + if (((off_t)short_hdr.c_filesizes[0] << 16) + short_hdr.c_filesizes[1] + != file_hdr->c_filesize) + { +- field_width_error (file_hdr->c_name, _("file size")); ++ char maxbuf[UINTMAX_STRSIZE_BOUND + 1]; ++ error (1, 0, _("%s: value %s %s out of allowed range 0..%lu"), ++ file_hdr->c_name, _("file size"), ++ STRINGIFY_BIGINT (file_hdr->c_namesize, maxbuf), 0xFFFFFFFFlu); + return 1; + } + +@@ -582,17 +594,18 @@ assign_string (char **pvar, char *value) + The format of the header depends on the compatibility (-c) flag. */ + + void +-process_copy_out () ++process_copy_out (void) + { +- dynamic_string input_name; /* Name of file read from stdin. */ ++ dynamic_string input_name = DYNAMIC_STRING_INITIALIZER; ++ /* Name of file read from stdin. */ + struct stat file_stat; /* Stat record for file. */ +- struct cpio_file_stat file_hdr; /* Output header information. */ ++ struct cpio_file_stat file_hdr = CPIO_FILE_STAT_INITIALIZER; ++ /* Output header information. */ + int in_file_des; /* Source file descriptor. */ + int out_file_des; /* Output file descriptor. */ + char *orig_file_name = NULL; + + /* Initialize the copy out. */ +- ds_init (&input_name, 128); + file_hdr.c_magic = 070707; + + /* Check whether the output file might be a tape. */ +@@ -644,14 +657,9 @@ process_copy_out () + { + if (file_hdr.c_mode & CP_IFDIR) + { +- int len = strlen (input_name.ds_string); + /* Make sure the name ends with a slash */ +- if (input_name.ds_string[len-1] != '/') +- { +- ds_resize (&input_name, len + 2); +- input_name.ds_string[len] = '/'; +- input_name.ds_string[len+1] = 0; +- } ++ if (!ds_endswith (&input_name, '/')) ++ ds_append (&input_name, '/'); + } + } + +@@ -659,8 +667,7 @@ process_copy_out () + cpio_safer_name_suffix (input_name.ds_string, false, + !no_abs_paths_flag, true); + #ifndef HPUX_CDF +- file_hdr.c_name = input_name.ds_string; +- file_hdr.c_namesize = strlen (input_name.ds_string) + 1; ++ cpio_set_c_name (&file_hdr, input_name.ds_string); + #else + if ( (archive_format != arf_tar) && (archive_format != arf_ustar) ) + { +@@ -669,16 +676,15 @@ process_copy_out () + properly recreate the directory as hidden (in case the + files of a directory go into the archive before the + directory itself (e.g from "find ... -depth ... | cpio")). */ +- file_hdr.c_name = add_cdf_double_slashes (input_name.ds_string); +- file_hdr.c_namesize = strlen (file_hdr.c_name) + 1; ++ cpio_set_c_name (&file_hdr, ++ add_cdf_double_slashes (input_name.ds_string)); + } + else + { + /* We don't mark CDF's in tar files. We assume the "hidden" + directory will always go into the archive before any of + its files. */ +- file_hdr.c_name = input_name.ds_string; +- file_hdr.c_namesize = strlen (input_name.ds_string) + 1; ++ cpio_set_c_name (&file_hdr, input_name.ds_string); + } + #endif + +@@ -865,8 +871,7 @@ process_copy_out () + file_hdr.c_chksum = 0; + + file_hdr.c_filesize = 0; +- file_hdr.c_namesize = 11; +- file_hdr.c_name = CPIO_TRAILER_NAME; ++ cpio_set_c_name (&file_hdr, CPIO_TRAILER_NAME); + if (archive_format != arf_tar && archive_format != arf_ustar) + write_out_header (&file_hdr, out_file_des); + else +@@ -884,6 +889,8 @@ process_copy_out () + ngettext ("%lu block\n", "%lu blocks\n", + (unsigned long) blocks), (unsigned long) blocks); + } ++ cpio_file_stat_free (&file_hdr); ++ ds_free (&input_name); + } + + +diff --git a/src/tar.c b/src/tar.c +index 1b1156e..0a34845 100644 +--- a/src/tar.c ++++ b/src/tar.c +@@ -282,7 +282,7 @@ read_in_tar_header (struct cpio_file_stat *file_hdr, int in_des) + if (null_block ((long *) &tar_rec, TARRECORDSIZE)) + #endif + { +- file_hdr->c_name = CPIO_TRAILER_NAME; ++ cpio_set_c_name (file_hdr, CPIO_TRAILER_NAME); + return; + } + #if 0 +@@ -316,9 +316,11 @@ read_in_tar_header (struct cpio_file_stat *file_hdr, int in_des) + } + + if (archive_format != arf_ustar) +- file_hdr->c_name = stash_tar_filename (NULL, tar_hdr->name); ++ cpio_set_c_name (file_hdr, stash_tar_filename (NULL, tar_hdr->name)); + else +- file_hdr->c_name = stash_tar_filename (tar_hdr->prefix, tar_hdr->name); ++ cpio_set_c_name (file_hdr, stash_tar_filename (tar_hdr->prefix, ++ tar_hdr->name)); ++ + file_hdr->c_nlink = 1; + file_hdr->c_mode = FROM_OCTAL (tar_hdr->mode); + file_hdr->c_mode = file_hdr->c_mode & 07777; +@@ -398,7 +400,7 @@ read_in_tar_header (struct cpio_file_stat *file_hdr, int in_des) + case AREGTYPE: + /* Old tar format; if the last char in filename is '/' then it is + a directory, otherwise it's a regular file. */ +- if (file_hdr->c_name[strlen (file_hdr->c_name) - 1] == '/') ++ if (file_hdr->c_name[file_hdr->c_namesize - 1] == '/') + file_hdr->c_mode |= CP_IFDIR; + else + file_hdr->c_mode |= CP_IFREG; +diff --git a/src/copypass.c b/src/copypass.c +index b4e7169..8378a9b 100644 +--- a/src/copypass.c ++++ b/src/copypass.c +@@ -48,10 +48,12 @@ set_copypass_perms (int fd, const char *name, struct stat *st) + If `link_flag', link instead of copying. */ + + void +-process_copy_pass () ++process_copy_pass (void) + { +- dynamic_string input_name; /* Name of file from stdin. */ +- dynamic_string output_name; /* Name of new file. */ ++ dynamic_string input_name = DYNAMIC_STRING_INITIALIZER; ++ /* Name of file from stdin. */ ++ dynamic_string output_name = DYNAMIC_STRING_INITIALIZER; ++ /* Name of new file. */ + size_t dirname_len; /* Length of `directory_name'. */ + int res; /* Result of functions. */ + char *slash; /* For moving past slashes in input name. */ +@@ -69,25 +71,19 @@ process_copy_pass () + created files */ + + /* Initialize the copy pass. */ +- ds_init (&input_name, 128); + + dirname_len = strlen (directory_name); + if (change_directory_option && !ISSLASH (directory_name[0])) + { + char *pwd = xgetcwd (); + +- dirname_len += strlen (pwd) + 1; +- ds_init (&output_name, dirname_len + 2); +- strcpy (output_name.ds_string, pwd); +- strcat (output_name.ds_string, "/"); +- strcat (output_name.ds_string, directory_name); ++ ds_concat (&output_name, pwd); ++ ds_append (&output_name, '/'); + } +- else +- { +- ds_init (&output_name, dirname_len + 2); +- strcpy (output_name.ds_string, directory_name); +- } +- output_name.ds_string[dirname_len] = '/'; ++ ++ ds_concat (&output_name, directory_name); ++ ds_append (&output_name, '/'); ++ dirname_len = ds_len (&output_name); + output_is_seekable = true; + + change_dir (); +@@ -127,8 +123,8 @@ process_copy_pass () + keep track of which directories in a path are "hidden". */ + slash = add_cdf_double_slashes (slash); + #endif +- ds_resize (&output_name, dirname_len + strlen (slash) + 2); +- strcpy (output_name.ds_string + dirname_len + 1, slash); ++ ds_reset (&output_name, dirname_len); ++ ds_concat (&output_name, slash); + + existing_dir = false; + if (lstat (output_name.ds_string, &out_file_stat) == 0) +@@ -346,6 +342,8 @@ process_copy_pass () + (unsigned long) blocks), + (unsigned long) blocks); + } ++ ds_free (&input_name); ++ ds_free (&output_name); + } + + /* Try and create a hard link from FILE_NAME to another file +@@ -385,7 +383,7 @@ link_to_maj_min_ino (char *file_name, int st_dev_maj, int st_dev_min, + is created, -1 otherwise. */ + + int +-link_to_name (char *link_name, char *link_target) ++link_to_name (char const *link_name, char const *link_target) + { + int res = link (link_target, link_name); + if (res < 0 && create_dir_flag) +diff --git a/src/cpiohdr.h b/src/cpiohdr.h +index b29e6fb..aa4a8c4 100644 +--- a/src/cpiohdr.h ++++ b/src/cpiohdr.h +@@ -126,8 +126,15 @@ struct cpio_file_stat /* Internal representation of a CPIO header */ + size_t c_namesize; + uint32_t c_chksum; + char *c_name; +- char *c_tar_linkname; ++ size_t c_name_buflen; ++ char const *c_tar_linkname; + }; + ++#define CPIO_FILE_STAT_INITIALIZER \ ++ { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, NULL, 0, NULL } ++void cpio_file_stat_init (struct cpio_file_stat *file_hdr); ++void cpio_file_stat_free (struct cpio_file_stat *file_hdr); ++void cpio_set_c_name(struct cpio_file_stat *file_hdr, char *name); ++void cpio_realloc_c_name (struct cpio_file_stat *file_hdr, size_t len); + + #endif /* cpiohdr.h */ +diff --git a/src/dstring.c b/src/dstring.c +index 2e6b97b..b70d72e 100644 +--- a/src/dstring.c ++++ b/src/dstring.c +@@ -22,37 +22,52 @@ + #endif + + #include ++#include + #if defined(HAVE_STRING_H) || defined(STDC_HEADERS) + #include + #else + #include + #endif + #include "dstring.h" +- +-char *xmalloc (unsigned n); +-char *xrealloc (char *p, unsigned n); ++#include + + /* Initialiaze dynamic string STRING with space for SIZE characters. */ + + void +-ds_init (dynamic_string *string, int size) ++ds_init (dynamic_string *string) ++{ ++ memset (string, 0, sizeof *string); ++} ++ ++/* Free the dynamic string storage. */ ++ ++void ++ds_free (dynamic_string *string) + { +- string->ds_length = size; +- string->ds_string = (char *) xmalloc (size); ++ free (string->ds_string); + } + +-/* Expand dynamic string STRING, if necessary, to hold SIZE characters. */ ++/* Expand dynamic string STRING, if necessary. */ + + void +-ds_resize (dynamic_string *string, int size) ++ds_resize (dynamic_string *string, size_t len) + { +- if (size > string->ds_length) ++ while (len + string->ds_idx >= string->ds_size) + { +- string->ds_length = size; +- string->ds_string = (char *) xrealloc ((char *) string->ds_string, size); ++ string->ds_string = x2nrealloc (string->ds_string, &string->ds_size, ++ 1); + } + } + ++/* Reset the index of the dynamic string S to LEN. */ ++ ++void ++ds_reset (dynamic_string *s, size_t len) ++{ ++ ds_resize (s, len); ++ s->ds_idx = len; ++} ++ + /* Dynamic string S gets a string terminated by the EOS character + (which is removed) from file F. S will increase + in size during the function if the string from F is longer than +@@ -63,34 +78,49 @@ ds_resize (dynamic_string *string, int size) + char * + ds_fgetstr (FILE *f, dynamic_string *s, char eos) + { +- int insize; /* Amount needed for line. */ +- int strsize; /* Amount allocated for S. */ + int next_ch; + + /* Initialize. */ +- insize = 0; +- strsize = s->ds_length; ++ s->ds_idx = 0; + + /* Read the input string. */ +- next_ch = getc (f); +- while (next_ch != eos && next_ch != EOF) ++ while ((next_ch = getc (f)) != eos && next_ch != EOF) + { +- if (insize >= strsize - 1) +- { +- ds_resize (s, strsize * 2 + 2); +- strsize = s->ds_length; +- } +- s->ds_string[insize++] = next_ch; +- next_ch = getc (f); ++ ds_resize (s, 0); ++ s->ds_string[s->ds_idx++] = next_ch; + } +- s->ds_string[insize++] = '\0'; ++ ds_resize (s, 0); ++ s->ds_string[s->ds_idx] = '\0'; + +- if (insize == 1 && next_ch == EOF) ++ if (s->ds_idx == 0 && next_ch == EOF) + return NULL; + else + return s->ds_string; + } + ++void ++ds_append (dynamic_string *s, int c) ++{ ++ ds_resize (s, 0); ++ s->ds_string[s->ds_idx] = c; ++ if (c) ++ { ++ s->ds_idx++; ++ ds_resize (s, 0); ++ s->ds_string[s->ds_idx] = 0; ++ } ++} ++ ++void ++ds_concat (dynamic_string *s, char const *str) ++{ ++ size_t len = strlen (str); ++ ds_resize (s, len); ++ memcpy (s->ds_string + s->ds_idx, str, len); ++ s->ds_idx += len; ++ s->ds_string[s->ds_idx] = 0; ++} ++ + char * + ds_fgets (FILE *f, dynamic_string *s) + { +@@ -102,3 +132,10 @@ ds_fgetname (FILE *f, dynamic_string *s) + { + return ds_fgetstr (f, s, '\0'); + } ++ ++/* Return true if the dynamic string S ends with character C. */ ++int ++ds_endswith (dynamic_string *s, int c) ++{ ++ return (s->ds_idx > 0 && s->ds_string[s->ds_idx - 1] == c); ++} +diff --git a/src/dstring.h b/src/dstring.h +index 5b49def..a2b6183 100644 +--- a/src/dstring.h ++++ b/src/dstring.h +@@ -17,10 +17,6 @@ + Software Foundation, Inc., 51 Franklin Street, Fifth Floor, + Boston, MA 02110-1301 USA. */ + +-#ifndef NULL +-#define NULL 0 +-#endif +- + /* A dynamic string consists of record that records the size of an + allocated string and the pointer to that string. The actual string + is a normal zero byte terminated string that can be used with the +@@ -30,22 +26,24 @@ + + typedef struct + { +- int ds_length; /* Actual amount of storage allocated. */ +- char *ds_string; /* String. */ ++ size_t ds_size; /* Actual amount of storage allocated. */ ++ size_t ds_idx; /* Index of the next free byte in the string. */ ++ char *ds_string; /* String storage. */ + } dynamic_string; + ++#define DYNAMIC_STRING_INITIALIZER { 0, 0, NULL } + +-/* Macros that look similar to the original string functions. +- WARNING: These macros work only on pointers to dynamic string records. +- If used with a real record, an "&" must be used to get the pointer. */ +-#define ds_strlen(s) strlen ((s)->ds_string) +-#define ds_strcmp(s1, s2) strcmp ((s1)->ds_string, (s2)->ds_string) +-#define ds_strncmp(s1, s2, n) strncmp ((s1)->ds_string, (s2)->ds_string, n) +-#define ds_index(s, c) index ((s)->ds_string, c) +-#define ds_rindex(s, c) rindex ((s)->ds_string, c) ++void ds_init (dynamic_string *string); ++void ds_free (dynamic_string *string); ++void ds_reset (dynamic_string *s, size_t len); + +-void ds_init (dynamic_string *string, int size); +-void ds_resize (dynamic_string *string, int size); ++/* All functions below guarantee that s->ds_string[s->ds_idx] == '\0' */ + char *ds_fgetname (FILE *f, dynamic_string *s); + char *ds_fgets (FILE *f, dynamic_string *s); + char *ds_fgetstr (FILE *f, dynamic_string *s, char eos); ++void ds_append (dynamic_string *s, int c); ++void ds_concat (dynamic_string *s, char const *str); ++ ++#define ds_len(s) ((s)->ds_idx) ++ ++int ds_endswith (dynamic_string *s, int c); +diff --git a/src/extern.h b/src/extern.h +index 47b477a..6330e04 100644 +--- a/src/extern.h ++++ b/src/extern.h +@@ -111,18 +111,21 @@ void read_in_binary (struct cpio_file_stat *file_hdr, + struct old_cpio_header *short_hdr, int in_des); + void swab_array (char *arg, int count); + void process_copy_in (void); +-void long_format (struct cpio_file_stat *file_hdr, char *link_name); +-void print_name_with_quoting (char *p); ++void long_format (struct cpio_file_stat *file_hdr, char const *link_name); + + /* copyout.c */ + int write_out_header (struct cpio_file_stat *file_hdr, int out_des); + void process_copy_out (void); ++int to_ascii (char *where, uintmax_t v, size_t digits, unsigned logbase, ++ bool nul); ++void field_width_error (const char *filename, const char *fieldname, ++ uintmax_t value, size_t width, bool nul); + + /* copypass.c */ + void process_copy_pass (void); + int link_to_maj_min_ino (char *file_name, int st_dev_maj, + int st_dev_min, ino_t st_ino); +-int link_to_name (char *link_name, char *link_target); ++int link_to_name (char const *link_name, char const *link_target); + + /* dirname.c */ + char *dirname (char *path); +@@ -141,7 +144,7 @@ void process_args (int argc, char *argv[]); + void initialize_buffers (void); + + /* makepath.c */ +-int make_path (char *argpath, uid_t owner, gid_t group, ++int make_path (char const *argpath, uid_t owner, gid_t group, + const char *verbose_fmt_string); + + /* tar.c */ +@@ -169,7 +172,7 @@ void copy_files_disk_to_tape (int in_des, int out_des, off_t num_bytes, char *fi + void copy_files_disk_to_disk (int in_des, int out_des, off_t num_bytes, char *filename); + void warn_if_file_changed (char *file_name, off_t old_file_size, + time_t old_file_mtime); +-void create_all_directories (char *name); ++void create_all_directories (char const *name); + void prepare_append (int out_file_des); + char *find_inode_file (ino_t node_num, + unsigned long major_num, unsigned long minor_num); +@@ -204,10 +207,17 @@ void cpio_safer_name_suffix (char *name, bool link_target, + int cpio_create_dir (struct cpio_file_stat *file_hdr, int existing_dir); + void change_dir (void); + +-/* FIXME: These two defines should be defined in paxutils */ ++/* FIXME: The following three should be defined in paxutils */ + #define LG_8 3 + #define LG_16 4 + ++/* The maximum uintmax_t value that can be represented with DIGITS digits, ++ assuming that each digit is BITS_PER_DIGIT wide. */ ++#define MAX_VAL_WITH_DIGITS(digits, bits_per_digit) \ ++ ((digits) * (bits_per_digit) < sizeof (uintmax_t) * CHAR_BIT \ ++ ? ((uintmax_t) 1 << ((digits) * (bits_per_digit))) - 1 \ ++ : (uintmax_t) -1) ++ + uintmax_t from_ascii (char const *where, size_t digs, unsigned logbase); + + #define FROM_OCTAL(f) from_ascii (f, sizeof f, LG_8) +diff --git a/src/idcache.c b/src/idcache.c +index c89e7f1..e82414e 100644 +--- a/src/idcache.c ++++ b/src/idcache.c +@@ -34,6 +34,7 @@ + #endif + + #include ++#include + + struct userid + { +@@ -59,7 +60,6 @@ getuser (uid_t uid) + { + register struct userid *tail; + struct passwd *pwent; +- char usernum_string[20]; + + for (tail = user_alist; tail; tail = tail->next) + if (tail->id.u == uid) +@@ -70,8 +70,8 @@ getuser (uid_t uid) + tail->id.u = uid; + if (pwent == 0) + { +- sprintf (usernum_string, "%u", (unsigned) uid); +- tail->name = xstrdup (usernum_string); ++ char nbuf[UINTMAX_STRSIZE_BOUND]; ++ tail->name = xstrdup (umaxtostr (uid, nbuf)); + } + else + tail->name = xstrdup (pwent->pw_name); +@@ -134,7 +134,6 @@ getgroup (gid_t gid) + { + register struct userid *tail; + struct group *grent; +- char groupnum_string[20]; + + for (tail = group_alist; tail; tail = tail->next) + if (tail->id.g == gid) +@@ -145,8 +144,8 @@ getgroup (gid_t gid) + tail->id.g = gid; + if (grent == 0) + { +- sprintf (groupnum_string, "%u", (unsigned int) gid); +- tail->name = xstrdup (groupnum_string); ++ char nbuf[UINTMAX_STRSIZE_BOUND]; ++ tail->name = xstrdup (umaxtostr (gid, nbuf)); + } + else + tail->name = xstrdup (grent->gr_name); +diff --git a/src/makepath.c b/src/makepath.c +index 18d5b69..bad2537 100644 +--- a/src/makepath.c ++++ b/src/makepath.c +@@ -49,7 +49,7 @@ + ownership and permissions when done, otherwise 1. */ + + int +-make_path (char *argpath, ++make_path (char const *argpath, + uid_t owner, + gid_t group, + const char *verbose_fmt_string) +diff --git a/src/userspec.c b/src/userspec.c +index 14d608c..7b8bf2f 100644 +--- a/src/userspec.c ++++ b/src/userspec.c +@@ -24,6 +24,7 @@ + #include + #include + #include ++#include + + #ifndef HAVE_ENDPWENT + # define endpwent() +@@ -141,12 +142,8 @@ parse_user_spec (const char *spec_arg, uid_t *uid, gid_t *gid, + grp = getgrgid (pwd->pw_gid); + if (grp == NULL) + { +- /* This is enough room to hold the unsigned decimal +- representation of any 32-bit quantity and the trailing +- zero byte. */ +- char uint_buf[21]; +- sprintf (uint_buf, "%u", (unsigned) (pwd->pw_gid)); +- V_STRDUP (groupname, uint_buf); ++ char nbuf[UINTMAX_STRSIZE_BOUND]; ++ V_STRDUP (groupname, umaxtostr (pwd->pw_gid, nbuf)); + } + else + { +diff --git a/src/util.c b/src/util.c +index 11f9c30..097304f 100644 +--- a/src/util.c ++++ b/src/util.c +@@ -79,8 +79,7 @@ tape_empty_output_buffer (int out_des) + + if (output_is_special + && (bytes_written >= 0 +- || (bytes_written < 0 +- && (errno == ENOSPC || errno == EIO || errno == ENXIO)))) ++ || (errno == ENOSPC || errno == EIO || errno == ENXIO))) + { + get_next_reel (out_des); + if (bytes_written > 0) +@@ -596,7 +595,7 @@ warn_if_file_changed (char *file_name, off_t old_file_size, + Do not destroy any nondirectories while creating directories. */ + + void +-create_all_directories (char *name) ++create_all_directories (char const *name) + { + char *dir; + int mode; +@@ -718,7 +717,6 @@ find_inode_val (ino_t node_num, unsigned long major_num, + unsigned long minor_num) + { + struct inode_val sample; +- struct inode_val *ival; + + if (!hash_table) + return NULL; +@@ -768,7 +766,7 @@ add_inode (ino_t node_num, char *file_name, unsigned long major_num, + return e; + } + +-static ino_t ++static void + get_inode_and_dev (struct cpio_file_stat *hdr, struct stat *st) + { + if (renumber_inodes_option) +@@ -859,11 +857,9 @@ get_next_reel (int tape_des) + FILE *tty_out; /* File for interacting with user. */ + int old_tape_des; + char *next_archive_name; +- dynamic_string new_name; ++ dynamic_string new_name = DYNAMIC_STRING_INITIALIZER; + char *str_res; + +- ds_init (&new_name, 128); +- + /* Open files for interactive communication. */ + tty_in = fopen (TTY_NAME, "r"); + if (tty_in == NULL) +@@ -938,7 +934,7 @@ get_next_reel (int tape_des) + error (PAXEXIT_FAILURE, 0, _("internal error: tape descriptor changed from %d to %d"), + old_tape_des, tape_des); + +- free (new_name.ds_string); ++ ds_free (&new_name); + fclose (tty_in); + fclose (tty_out); + } +@@ -1412,8 +1408,28 @@ set_file_times (int fd, + utime_error (name); + } + ++/* Reallocate file_hdr->c_name to accomodate len bytes (including final \0) */ ++void ++cpio_realloc_c_name (struct cpio_file_stat *file_hdr, size_t len) ++{ ++ while (file_hdr->c_name_buflen < len) ++ file_hdr->c_name = x2realloc (file_hdr->c_name, &file_hdr->c_name_buflen); ++} ++ ++void ++cpio_set_c_name (struct cpio_file_stat *file_hdr, char *name) ++{ ++ size_t len = strlen (name) + 1; ++ ++ cpio_realloc_c_name (file_hdr, len); ++ file_hdr->c_namesize = len; ++ memmove (file_hdr->c_name, name, len); ++} ++ + /* Do we have to ignore absolute paths, and if so, does the filename +- have an absolute path? */ ++ have an absolute path? Before calling this function make sure that the ++ allocated NAME buffer has capacity at least 2 bytes. */ ++ + void + cpio_safer_name_suffix (char *name, bool link_target, bool absolute_names, + bool strip_leading_dots) +@@ -1428,6 +1444,10 @@ cpio_safer_name_suffix (char *name, bool link_target, bool absolute_names, + ++p; + } + if (p != name) ++ /* The 'p' string is shortened version of 'name' with one exception; when ++ the 'name' points to an empty string (buffer where name[0] == '\0') the ++ 'p' then points to static string ".". So caller needs to ensure there ++ are at least two bytes available in 'name' buffer so memmove succeeds. */ + memmove (name, p, (size_t)(strlen (p) + 1)); + } + +@@ -1689,4 +1709,17 @@ arf_stores_inode_p (enum archive_format arf) + } + return 1; + } ++ ++void ++cpio_file_stat_init (struct cpio_file_stat *file_hdr) ++{ ++ memset (file_hdr, 0, sizeof (*file_hdr)); ++} ++ ++void ++cpio_file_stat_free (struct cpio_file_stat *file_hdr) ++{ ++ free (file_hdr->c_name); ++ cpio_file_stat_init (file_hdr); ++} + +-- +2.31.1 + diff --git a/cpio-2.9-dev_number.patch b/cpio-2.9-dev_number.patch new file mode 100644 index 0000000..cf6d242 --- /dev/null +++ b/cpio-2.9-dev_number.patch @@ -0,0 +1,28 @@ +From: Kamil Dudka +Date: Mon, 14 Sep 2015 09:37:15 +0200 +Subject: [PATCH 3/7] Support major/minor device numbers over 127 (bz#450109) + +diff --git a/src/copyin.c b/src/copyin.c +index cde911e..12bd27c 100644 +--- a/src/copyin.c ++++ b/src/copyin.c +@@ -1196,15 +1196,15 @@ read_in_binary (struct cpio_file_stat *file_hdr, + swab_array ((char *) short_hdr, 13); + } + +- file_hdr->c_dev_maj = major (short_hdr->c_dev); +- file_hdr->c_dev_min = minor (short_hdr->c_dev); ++ file_hdr->c_dev_maj = major ((unsigned short)short_hdr->c_dev); ++ file_hdr->c_dev_min = minor ((unsigned short)short_hdr->c_dev); + file_hdr->c_ino = short_hdr->c_ino; + file_hdr->c_mode = short_hdr->c_mode; + file_hdr->c_uid = short_hdr->c_uid; + file_hdr->c_gid = short_hdr->c_gid; + file_hdr->c_nlink = short_hdr->c_nlink; +- file_hdr->c_rdev_maj = major (short_hdr->c_rdev); +- file_hdr->c_rdev_min = minor (short_hdr->c_rdev); ++ file_hdr->c_rdev_maj = major ((unsigned short)short_hdr->c_rdev); ++ file_hdr->c_rdev_min = minor ((unsigned short)short_hdr->c_rdev); + file_hdr->c_mtime = (unsigned long) short_hdr->c_mtimes[0] << 16 + | short_hdr->c_mtimes[1]; + diff --git a/cpio-2.9-exitCode.patch b/cpio-2.9-exitCode.patch new file mode 100644 index 0000000..e4a4781 --- /dev/null +++ b/cpio-2.9-exitCode.patch @@ -0,0 +1,18 @@ +From: Peter Vrabec +Date: Mon, 14 Sep 2015 09:31:08 +0200 +Subject: [PATCH 2/7] set exit code to 1 when cpio fails to store file > 4GB + (#183224) + +diff --git a/src/copyout.c b/src/copyout.c +index 1f0987a..dcae449 100644 +--- a/src/copyout.c ++++ b/src/copyout.c +@@ -287,7 +287,7 @@ to_ascii (char *where, uintmax_t v, size_t digits, unsigned logbase) + static void + field_width_error (const char *filename, const char *fieldname) + { +- error (0, 0, _("%s: field width not sufficient for storing %s"), ++ error (1, 0, _("%s: field width not sufficient for storing %s"), + filename, fieldname); + } + diff --git a/cpio-2.9-rh.patch b/cpio-2.9-rh.patch new file mode 100644 index 0000000..23d70db --- /dev/null +++ b/cpio-2.9-rh.patch @@ -0,0 +1,69 @@ +From: Pavel Raiskup +Date: Mon, 14 Sep 2015 09:27:21 +0200 +Subject: [PATCH 1/7] make '-c' equivalent to '-H newc' + +diff --git a/doc/cpio.texi b/doc/cpio.texi +index e631934..a788b5d 100644 +--- a/doc/cpio.texi ++++ b/doc/cpio.texi +@@ -261,7 +261,8 @@ Sets the I/O block size to @var{block-size} * 512 bytes. + @item -B + Set the I/O block size to 5120 bytes. + @item -c +-Use the old portable (ASCII) archive format. ++Identical to "-H newc", use the new (SVR4) portable format. If you wish the old ++portable (ASCII) archive format, use "-H odc" instead. + @item -C @var{number} + @itemx --io-size=@var{number} + Set the I/O block size to the given @var{number} of bytes. +@@ -343,7 +344,8 @@ Equivalent to @option{-sS}. + @item -B + Set the I/O block size to 5120 bytes. + @item -c +-Use the old portable (ASCII) archive format. ++Identical to "-H newc", use the new (SVR4) portable format. If you wish the old ++portable (ASCII) archive format, use "-H odc" instead. + @item -C @var{number} + @itemx --io-size=@var{number} + Set the I/O block size to the given @var{number} of bytes. +@@ -454,7 +456,8 @@ Sets the I/O block size to @var{block-size} * 512 bytes. + @item -B + Set the I/O block size to 5120 bytes. + @item -c +-Use the old portable (ASCII) archive format. ++Identical to "-H newc", use the new (SVR4) portable format. If you wish the old ++portable (ASCII) archive format, use "-H odc" instead. + @item -C @var{number} + @itemx --io-size=@var{number} + Set the I/O block size to the given @var{number} of bytes. +@@ -600,7 +603,8 @@ block size is 512 bytes. + + @item -c + [@ref{copy-in},@ref{copy-out},@ref{copy-pass}] +-@*Use the old portable (ASCII) archive format. ++@*Identical to "-H newc", use the new (SVR4) portable format. If you wish the ++old portable (ASCII) archive format, use "-H odc" instead. + + @item -C @var{io-size} + @itemx --io-size=@var{io-size} +diff --git a/src/main.c b/src/main.c +index a13861f..a875a13 100644 +--- a/src/main.c ++++ b/src/main.c +@@ -124,7 +124,7 @@ static struct argp_option options[] = { + {"block-size", BLOCK_SIZE_OPTION, N_("BLOCK-SIZE"), 0, + N_("Set the I/O block size to BLOCK-SIZE * 512 bytes"), GRID+1 }, + {NULL, 'c', NULL, 0, +- N_("Use the old portable (ASCII) archive format"), GRID+1 }, ++ N_("Identical to \"-H newc\", use the new (SVR4) portable format. If you wish the old portable (ASCII) archive format, use \"-H odc\" instead."), GRID+1 }, + {"dot", 'V', NULL, 0, + N_("Print a \".\" for each file processed"), GRID+1 }, + {"io-size", 'C', N_("NUMBER"), 0, +@@ -329,6 +329,7 @@ parse_opt (int key, char *arg, struct argp_state *state) + case 'c': /* Use the old portable ASCII format. */ + if (archive_format != arf_unknown) + USAGE_ERROR ((0, 0, _("Archive format multiply defined"))); ++#define SVR4_COMPAT + #ifdef SVR4_COMPAT + archive_format = arf_newascii; /* -H newc. */ + #else diff --git a/cpio-2.9.90-defaultremoteshell.patch b/cpio-2.9.90-defaultremoteshell.patch new file mode 100644 index 0000000..01dbd5d --- /dev/null +++ b/cpio-2.9.90-defaultremoteshell.patch @@ -0,0 +1,20 @@ +From: =?UTF-8?q?Ond=C5=99ej=20Va=C5=A1=C3=ADk?= +Date: Mon, 14 Sep 2015 09:39:13 +0200 +Subject: [PATCH 4/7] define default remote shell as /usr/bin/ssh(#452904), use + /etc/rmt as default rmt command + +diff --git a/lib/rtapelib.c b/lib/rtapelib.c +index 7213031..7d0bd52 100644 +--- a/lib/rtapelib.c ++++ b/lib/rtapelib.c +@@ -59,6 +59,10 @@ + # include + #endif + ++#ifndef REMOTE_SHELL ++# define REMOTE_SHELL "/usr/bin/ssh" ++#endif ++ + #include + #include + diff --git a/cpio.1 b/cpio.1 new file mode 100644 index 0000000..670277c --- /dev/null +++ b/cpio.1 @@ -0,0 +1,438 @@ +.\" DO NOT MODIFY THIS FILE! It was (partly) generated by help2man from +.\" cpio --help/cpio --version output and partly patched by downstream +.\" package maintainers. +.TH CPIO 1L \" -*- nroff -*- +.SH NAME +cpio \- copy files to and from archives +.SH __WARNING__ +.PP +The cpio utility is considered LEGACY based on POSIX specification. Users are +encouraged to use other archiving tools for archive creation. + +If you decided to use cpio, you should almost always force cpio to use the +ustar format in copy-out mode by the -H option (cpio -o -H ustar). This is +because the ustar format is well defined in POSIX specification and thus +readable by wide range of other archiving tools (including tar e.g.). + +By default, GNU cpio uses (for historical reasons) the very old binary format +('bin') which has significant problems nowadays, e.g. with storing big inode +numbers (see the Red Hat bug #952313). + +Note also that these days the modern 'pax' archive format should be considered +as the default -- but this format is not implemented in GNU cpio. You should, +again, consider using other archivers (e.g. 'tar --format=pax'). + +.SH SYNOPSIS +\&\fBCopy-out mode\fR +.PP +In copy-out mode, cpio copies files into an archive. It reads a list +of filenames, one per line, on the standard input, and writes the +archive onto the standard output. A typical way to generate the list +of filenames is with the find command; you should give find the \-depth +option to minimize problems with permissions on directories that are +unreadable. see \*(lqOptions\*(rq. +.PP +.B cpio +{\-o|\-\-create} [\-0acvABLV] [\-C bytes] [\-H format] [\-D DIR] +[\-M message] [\-O [[user@]host:]archive] [\-F [[user@]host:]archive] +[\-\-file=[[user@]host:]archive] [\-\-format=format] [\-\-warning=FLAG] +[\-\-message=message][\-\-null] [\-\-reset\-access\-time] [\-\-verbose] +[\-\-dot] [\-\-append] [\-\-block\-size=blocks] [\-\-dereference] +[\-\-io\-size=bytes] [\-\-rsh\-command=command] [\-\-license] [\-\-usage] +[\-\-help] [\-\-version] +< name-list [> archive] +.PP +\&\fBCopy-in mode\fR +.PP +In copy-in mode, cpio copies files out of an archive or lists the +archive contents. It reads the archive from the standard input. Any +non-option command line arguments are shell globbing patterns; only +files in the archive whose names match one or more of those patterns are +copied from the archive. Unlike in the shell, an initial `\fB.\fR' in a +filename does match a wildcard at the start of a pattern, and a `\fB/\fR' in a +filename can match wildcards. If no patterns are given, all files are +extracted. see \*(lqOptions\*(rq. +.PP +.B cpio +{\-i|\-\-extract} [\-bcdfmnrtsuvBSV] [\-C bytes] [\-E file] [\-H format] +[\-D DIR] +[\-M message] [\-R [user][:.][group]] [\-I [[user@]host:]archive] +[\-F [[user@]host:]archive] [\-\-file=[[user@]host:]archive] +[\-\-make-directories] [\-\-nonmatching] [\-\-preserve-modification-time] +[\-\-numeric-uid-gid] [\-\-rename] [\-t|\-\-list] [\-\-swap-bytes] [\-\-swap] +[\-\-dot] [\-\-warning=FLAG] [\-\-unconditional] [\-\-verbose] +[\-\-block-size=blocks] [\-\-swap-halfwords] [\-\-io-size=bytes] +[\-\-pattern-file=file] [\-\-format=format] [\-\-owner=[user][:.][group]] +[\-\-no-preserve-owner] [\-\-message=message] +[\-\-force\-local] [\-\-no\-absolute\-filenames] [\-\-absolute\-filenames] +[\-\-sparse] [\-\-only\-verify\-crc] [\-\-to\-stdout] [\-\-quiet] +[\-\-ignore\-devno] [\-\-renumber\-inodes] [\-\-device\-independent] +[\-\-reproducible] +[\-\-rsh-command=command] [\-\-license] [\-\-usage] [\-\-help] +[\-\-version] [pattern...] [< archive] +.PP +\&\fBCopy-pass mode\fR +.PP +In copy-pass mode, cpio copies files from one directory tree to +another, combining the copy-out and copy-in steps without actually +using an archive. It reads the list of files to copy from the standard +input; the directory into which it will copy them is given as a +non-option argument. see \*(lqOptions\*(rq. +.PP +.B cpio +{\-p|\-\-pass-through} [\-0adlmuvLV] [\-R [user][:.][group]] [\-D DIR] +[\-\-null] [\-\-reset-access-time] [\-\-make-directories] [\-\-link] [\-\-quiet] +[\-\-preserve-modification-time] [\-\-unconditional] [\-\-verbose] [\-\-dot] +[\-\-warning=FLAG] [\-\-dereference] [\-\-owner=[user][:.][group]] +[\-\-no-preserve-owner] [\-\-sparse] [\-\-license] [\-\-usage] [\-\-help] +[\-\-version] destination-directory < name-list +.PP +.SH DESCRIPTION +GNU cpio is a tool for creating and extracting archives, or copying +files from one place to another. It handles a number of cpio formats as +well as reading and writing tar files. +.PP +Following archive formats are supported: binary, old ASCII, new ASCII, crc, HPUX binary, HPUX old +ASCII, old tar, and POSIX.1 tar. The tar format is provided for compatibility with the tar program. By +default, cpio creates binary format archives, for compatibility with older cpio programs. When extracting +from archives, cpio automatically recognizes which kind of archive it is reading and can read archives created +on machines with a different byte-order. +.PP +.SS "Main operation mode:" +.TP +\fB\-i\fR, \fB\-\-extract\fR +Extract files from an archive (run in copy\-in +mode) +.TP +\fB\-o\fR, \fB\-\-create\fR +Create the archive (run in copy\-out mode) +.TP +\fB\-p\fR, \fB\-\-pass\-through\fR +Run in copy\-pass mode +.TP +\fB\-t\fR, \fB\-\-list\fR +Print a table of contents of the input +.SS "Operation modifiers valid in any mode:" +.TP +\fB\-\-block\-size\fR=\fI\,BLOCK\-SIZE\/\fR +Set the I/O block size to BLOCK\-SIZE * 512 +bytes +.TP +\fB\-B\fR +Set the I/O block size to 5120 bytes. +Initially the block size is 512 bytes. +.TP +\fB\-c\fR +Identical to "\-H newc", use the new (SVR4) +portable format. If you wish the old portable +(ASCII) archive format, use "\-H odc" instead. +.TP +\fB\-C\fR, \fB\-\-io\-size\fR=\fI\,NUMBER\/\fR +Set the I/O block size to the given NUMBER of +bytes +.TP +\fB\-D\fR, \fB\-\-directory\fR=\fI\,DIR\/\fR +Change to directory DIR +.TP +\fB\-\-force\-local\fR +With \-F, \-I, or \-O, take the archive file name to be a local file +even if it contains a colon, which would ordinarily indicate a +remote host name. +.TP +\fB\-H\fR, \fB\-\-format\fR=\fI\,FORMAT\/\fR +Use given archive FORMAT. +The valid formats are listed below; the same names are also recognized in +all\-caps. The default in copy-in mode is to automatically detect the archive +format, and in copy-out mode is `\fBbin\fR'. +.TP +`bin' +The obsolete binary format. +.TP +`odc' +The old (\s-1POSIX\s0.1) portable format. +.TP +`newc' +The new (\s-1SVR4\s0) portable format, which supports file systems +having more than 65536 i\-nodes. +.TP +`crc' +The new (\s-1SVR4\s0) portable format with a checksum (Sum32) added. +.TP +`tar' +The old tar format. +.TP +`ustar' +The \s-1POSIX\s0.1 tar format. Also recognizes \s-1GNU\s0 tar archives, +which are similar but not identical. +.TP +`hpbin' +The obsolete binary format used by \s-1HPUX\s0's cpio (which stores +device files differently). +.TP +`hpodc' +The portable format used by \s-1HPUX\s0's cpio (which stores device +files differently). +.TP +\fB\-\-quiet\fR +Do not print the number of blocks copied +.TP +\fB\-R\fR, \fB\-\-owner\fR=\fI\,[USER][\/\fR:.][GROUP] +Set the ownership of all files created to the +specified USER and/or GROUP. +Either the user, the group, or both, must be present. If the group is omitted +but the \&\*(lq:\*(rq or \*(lq.\*(rq separator is given, use the given user's +login group. Only the super-user can change files' ownership in copy\-in mode. +.TP +\fB\-v\fR, \fB\-\-verbose\fR +List the files processed, or with `\fB\-t\fR', give an `\fBls \-l\fR' style +table of contents listing. In a verbose table of contents of a +ustar archive, user and group names in the archive that do not +exist on the local system are replaced by the names that +correspond locally to the numeric \s-1UID\s0 and \s-1GID\s0 stored in the +archive. +.TP +\fB\-V\fR, \fB\-\-dot\fR +Print a "." for each file processed +.TP +\fB\-W\fR, \fB\-\-warning\fR=\fI\,FLAG\/\fR +Control warning display. Currently FLAG is one of +\&'none', 'truncate', 'all'. Multiple options +accumulate. +.SS "Operation modifiers valid in copy-in and copy-out modes:" +.TP +\fB\-F\fR, \fB\-\-file\fR=\fI\,[[USER\/\fR@]HOST:]FILE\-NAME +Use this FILE\-NAME instead of standard input or +output. Optional USER and HOST specify the user +and host names in case of a remote archive +.TP +\fB\-M\fR, \fB\-\-message\fR=\fI\,STRING\/\fR +Print \s-1STRING\s0 when the end of a volume of the backup media (such +as a tape or a floppy disk) is reached, to prompt the user to +insert a new volume. If \s-1STRING\s0 contains the string \*(lq%d\*(rq, it is +replaced by the current volume number (starting at 1). +.TP +\fB\-\-rsh\-command\fR=\fI\,COMMAND\/\fR +Use COMMAND instead of rsh +(typically /usr/bin/ssh) +.SS "Operation modifiers valid only in copy-in mode:" +.TP +\fB\-b\fR, \fB\-\-swap\fR +Swap both halfwords of words and bytes of +halfwords in the data. Equivalent to \fB\-sS\fR +Use this option to convert 32\-bit integers between big-endian and little-endian +machines. +.TP +\fB\-f\fR, \fB\-\-nonmatching\fR +Only copy files that do not match any of the given +patterns +.TP +\fB\-I\fR [[USER@]HOST:]FILE\-NAME +Archive filename to use instead of standard input. +Optional USER and HOST specify the user and host +names in case of a remote archive +.TP +\fB\-n\fR, \fB\-\-numeric\-uid\-gid\fR +In the verbose table of contents listing, show +numeric UID and GID +.TP +\fB\-r\fR, \fB\-\-rename\fR +Interactively rename files +.TP +\fB\-s\fR, \fB\-\-swap\-bytes\fR +Swap the bytes of each halfword in the files +.TP +\fB\-S\fR, \fB\-\-swap\-halfwords\fR +Swap the halfwords of each word (4 bytes) in the +files +.TP +\fB\-\-to\-stdout\fR +Extract files to standard output +.TP +\fB\-E\fR, \fB\-\-pattern\-file\fR=\fI\,FILE\/\fR +Read additional patterns specifying filenames to +extract or list from FILE +.TP +\fB\-\-only\-verify\-crc\fR +When reading a CRC format archive, only verify the +checksum of each file in the archive, don't +actually extract the files +.SS "Operation modifiers valid only in copy-out mode:" +.TP +\fB\-A\fR, \fB\-\-append\fR +Append to an existing archive. +The archive must be a disk file specified with the \-O or \-F (\-file) option. +.TP +\fB\-\-device\-independent\fR, \fB\-\-reproducible\fR +Create device\-independent (reproducible) archives +.TP +\fB\-\-ignore\-devno\fR +Don't store device numbers +.TP +\fB\-O\fR [[USER@]HOST:]FILE\-NAME +Archive filename to use instead of standard +output. Optional USER and HOST specify the user +and host names in case of a remote archive +.TP +\fB\-\-renumber\-inodes\fR +Renumber inodes +.SS "Operation modifiers valid only in copy-pass mode:" +.TP +\fB\-l\fR, \fB\-\-link\fR +Link files instead of copying them, when +possible +.SS "Operation modifiers valid in copy-in and copy-out modes:" +.TP +\fB\-\-absolute\-filenames\fR +Do not strip file system prefix components from +the file names +.TP +\fB\-\-no\-absolute\-filenames\fR +Create all files relative to the current +directory +.SS "Operation modifiers valid in copy-out and copy-pass modes:" +.TP +\fB\-0\fR, \fB\-\-null\fR +Filenames in the list are delimited by null +characters instead of newlines, so that files whose names contain newlines can +be archived. \s-1GNU\s0 find is one way to produce a list of null-terminated +filenames. +.TP +\fB\-a\fR, \fB\-\-reset\-access\-time\fR +Reset the access times of files after reading them, so that it +does not look like they have just been read. +.TP +\fB\-L\fR, \fB\-\-dereference\fR +Dereference symbolic links (copy the files +that they point to instead of copying the links). +.SS "Operation modifiers valid in copy-in and copy-pass modes:" +.TP +\fB\-d\fR, \fB\-\-make\-directories\fR +Create leading directories where needed +.TP +\fB\-m\fR, \fB\-\-preserve\-modification\-time\fR +Retain previous file modification times when +creating files +.TP +\fB\-\-no\-preserve\-owner\fR +Do not change the ownership of the files; leave them owned by the +user extracting them. This is the default for non-root users, so +that users on System V don't inadvertently give away files. This +option can be used in copy-in mode and copy-pass mode +.TP +\fB\-\-sparse\fR +Write files with large blocks of zeros as sparse +files +.TP +\fB\-u\fR, \fB\-\-unconditional\fR +Replace all files unconditionally +.TP +\-?, \fB\-\-help\fR +give this help list +.TP +\fB\-\-usage\fR +give a short usage message +.TP +\fB\-\-version\fR +print program version +.PP +Mandatory or optional arguments to long options are also mandatory or optional +for any corresponding short options. + +.PP +.SH EXAMPLES +When creating an archive, cpio takes the list of files to be +processed from the standard input, and then sends the archive to the +standard output, or to the device defined by the `\fB\-F\fR' option. +Usually find or ls is used to provide this list to +the standard input. In the following example you can see the +possibilities for archiving the contents of a single directory. +.PP +.B % ls | cpio \-ov > directory.cpio +.PP +The `\fB\-o\fR' option creates the archive, and the `\fB\-v\fR' option prints the +names of the files archived as they are added. Notice that the options +can be put together after a single `\fB\-\fR' or can be placed separately on +the command line. The `\fB>\fR' redirects the cpio output to the file +`\fBdirectory.cpio\fR'. +.PP +If you wanted to archive an entire directory tree, the find command +can provide the file list to cpio: +.PP +.B % find . \-print \-depth | cpio \-ov > tree.cpio +.PP +This will take all the files in the current directory, the +directories below and place them in the archive tree.cpio. Again the +`\fB\-o\fR' creates an archive, and the `\fB\-v\fR' option shows you the name of the +files as they are archived. see \*(lqCopy\-out mode\*(rq. Using the `\fB.\fR' in +the find statement will give you more flexibility when doing restores, +as it will save file names with a relative path vice a hard wired, +absolute path. The `\fB\-depth\fR' option forces `\fBfind\fR' to print of the +entries in a directory before printing the directory itself. This +limits the effects of restrictive directory permissions by printing the +directory entries in a directory before the directory name itself. +.PP +Extracting an archive requires a bit more thought because cpio will +not create directories by default. Another characteristic, is it will +not overwrite existing files unless you tell it to. +.PP +.B % cpio \-iv < directory.cpio +.PP +This will retrieve the files archived in the file directory.cpio and +place them in the present directory. The `\fB\-i\fR' option extracts the +archive and the `\fB\-v\fR' shows the file names as they are extracted. If +you are dealing with an archived directory tree, you need to use the +`\fB\-d\fR' option to create directories as necessary, something like: +.PP +.B % cpio \-idv < tree.cpio +.PP +This will take the contents of the archive tree.cpio and extract it +to the current directory. If you try to extract the files on top of +files of the same name that already exist (and have the same or later +modification time) cpio will not extract the file unless told to do so +by the \-u option. see \*(lqCopy\-in mode\*(rq. +.PP +In copy-pass mode, cpio copies files from one directory tree to +another, combining the copy-out and copy-in steps without actually +using an archive. It reads the list of files to copy from the standard +input; the directory into which it will copy them is given as a +non-option argument. see \*(lqCopy\-pass mode\*(rq. +.PP +.B % find . \-depth \-print0 | cpio \-\-null \-pvd new-dir +.PP +The example shows copying the files of the present directory, and +sub-directories to a new directory called new\-dir. Some new options are +the `\fB\-print0\fR' available with \s-1GNU\s0 find, combined with the `\fB\-\-null\fR' +option of cpio. These two options act together to send file names +between find and cpio, even if special characters are embedded in the +file names. Another is `\fB\-p\fR', which tells cpio to pass the files it +finds to the directory `\fBnew-dir\fR'. + + +.SH AUTHOR +Written by Phil Nelson, David MacKenzie, John Oleynick, +and Sergey Poznyakoff. +.SH "REPORTING BUGS" +Report bugs to . +Report bugs in this manual page via https://bugzilla.redhat.com. +.SH COPYRIGHT +Copyright \(co 2015 Free Software Foundation, Inc. +License GPLv3+: GNU GPL version 3 or later . +.br +This is free software: you are free to change and redistribute it. +There is NO WARRANTY, to the extent permitted by law. +.SH "SEE ALSO" +The full documentation for +.B cpio +is maintained as a Texinfo manual. If the +.B info +and +.B cpio +programs are properly installed at your site, the command +.IP +.B info cpio +.PP +should give you access to the complete manual. + +The online copy of the documentation is available at the following address: +.PP +http://www.gnu.org/software/cpio/manual diff --git a/cpio.spec b/cpio.spec new file mode 100644 index 0000000..ee1404e --- /dev/null +++ b/cpio.spec @@ -0,0 +1,547 @@ +Summary: A GNU archiving program +Name: cpio +Version: 2.12 +Release: 11%{?dist} +License: GPLv3+ +URL: http://www.gnu.org/software/cpio/ +Source: ftp://ftp.gnu.org/gnu/cpio/cpio-%{version}.tar.bz2 + +# help2man generated manual page distributed only in RHEL/Fedora +Source1: cpio.1 + +# We use SVR4 portable format as default. +Patch1: cpio-2.9-rh.patch + +# fix warn_if_file_changed() and set exit code to 1 when cpio fails to store +# file > 4GB (#183224) +# http://lists.gnu.org/archive/html/bug-cpio/2006-11/msg00000.html +Patch2: cpio-2.9-exitCode.patch + +# Support major/minor device numbers over 127 (bz#450109) +# http://lists.gnu.org/archive/html/bug-cpio/2008-07/msg00000.html +Patch3: cpio-2.9-dev_number.patch + +# Define default remote shell as /usr/bin/ssh (#452904) +Patch4: cpio-2.9.90-defaultremoteshell.patch + +# Fix segfault with nonexisting file with patternnames (#567022) +# http://savannah.gnu.org/bugs/index.php?28954 +# We have slightly different solution than upstream. +Patch5: cpio-2.10-patternnamesigsegv.patch + +# Fix bad file name splitting while creating ustar archive (#866467) +# (fix backported from tar's source) +Patch7: cpio-2.10-longnames-split.patch + +# Cpio does Sum32 checksum, not CRC (downstream) +Patch8: cpio-2.11-crc-fips-nit.patch + +# Extract: retain times for symlinks +# downstream patch (#1487673) +# https://www.mail-archive.com/bug-cpio@gnu.org/msg00605.html +Patch9: cpio-2.11-retain-symlink-times.patch + +# Fixed improper input validation when writing tar header fields +# upstream patch (#1766223) +# https://cement.retrofitta.se/tmp/cpio-tar.patch +Patch10: cpio-2.12-improper-input-validation.patch + +# Fixed integer overflow in ds_fgetstr() +# upstream patch (#1992511) +# https://git.savannah.gnu.org/cgit/cpio.git/commit/?id=dd96882877721703e19272fe25034560b794061b +# https://git.savannah.gnu.org/cgit/cpio.git/commit/?id=dfc801c44a93bed7b3951905b188823d6a0432c8 +# https://git.savannah.gnu.org/cgit/cpio.git/commit/?id=236684f6deb3178043fe72a8e2faca538fa2aae1 +# https://git.savannah.gnu.org/cgit/cpio.git/commit/?id=4d169305dcb34137dc41acc761d8703eae2c63bf +# https://git.savannah.gnu.org/cgit/cpio.git/commit/?id=86dacfe3e060ce95d5a2c0c5ec01f6437b0b6089 +# https://git.savannah.gnu.org/cgit/cpio.git/commit/?id=7dd8ba91d8b6a2640e6c01c3e3a4234828646f23 +# https://git.savannah.gnu.org/cgit/cpio.git/commit/?id=684b7ac5767e676cda78c161aeb7fe7b45a07529 +# https://git.savannah.gnu.org/cgit/cpio.git/commit/?id=b1c85839bf1381f749dd45bf6a5a38924e3315a0 +Patch11: cpio-2.13-CVE-2021-38185.patch + + +Provides: bundled(gnulib) +Provides: /bin/cpio +BuildRequires: gcc +BuildRequires: texinfo, autoconf, automake, gettext, gettext-devel, rmt + +%description +GNU cpio copies files into or out of a cpio or tar archive. Archives +are files which contain a collection of other files plus information +about them, such as their file name, owner, timestamps, and access +permissions. The archive can be another file on the disk, a magnetic +tape, or a pipe. GNU cpio supports the following archive formats: binary, +old ASCII, new ASCII, crc, HPUX binary, HPUX old ASCII, old tar and POSIX.1 +tar. By default, cpio creates binary format archives, so that they are +compatible with older cpio programs. When it is extracting files from +archives, cpio automatically recognizes which kind of archive it is reading +and can read archives created on machines with a different byte-order. + +Install cpio if you need a program to manage file archives. + + +%prep +%autosetup -p1 + + +%build +autoreconf -fi +export CFLAGS="$RPM_OPT_FLAGS -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -D_LARGEFILE64_SOURCE -pedantic -fno-strict-aliasing -Wall $CFLAGS" +%configure --with-rmt="%{_sysconfdir}/rmt" +make %{?_smp_mflags} +(cd po && make update-gmo) + + +%install +make DESTDIR=$RPM_BUILD_ROOT INSTALL="install -p" install + +rm -f $RPM_BUILD_ROOT%{_libexecdir}/rmt +rm -f $RPM_BUILD_ROOT%{_infodir}/dir +rm -f $RPM_BUILD_ROOT%{_mandir}/man1/*.1* +install -c -p -m 0644 %{SOURCE1} ${RPM_BUILD_ROOT}%{_mandir}/man1 + +%find_lang %{name} + +%check +rm -f ${RPM_BUILD_ROOT}/test/testsuite +make check || { + echo "### TESTSUITE.LOG ###" + cat tests/testsuite.log + exit 1 +} + + +%files -f %{name}.lang +%doc AUTHORS ChangeLog NEWS README THANKS TODO +%{!?_licensedir:%global license %%doc} +%license COPYING +%{_bindir}/* +%{_mandir}/man*/* +%{_infodir}/*.info* + +%changelog +* Mon Sep 20 2021 Ondrej Dubaj - 2.12-11 +- Fixed CVE-2021-38185 (#1992511) + +* Thu Jan 21 2021 Ondrej Dubaj - 2.12-10 +- Fixed improper input validation when writing tar header fields (#1766223) + +* Mon Jun 15 2020 Ondrej Dubaj - 2.12-9 +- Extract: retain times for symlinks (#1487673) + +* Tue Jul 17 2018 Pavel Raiskup - 2.12-8 +- cleanup, sync with rawhide + +* Wed Feb 07 2018 Fedora Release Engineering - 2.12-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Wed Aug 02 2017 Fedora Release Engineering - 2.12-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Wed Jul 26 2017 Fedora Release Engineering - 2.12-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Fri Feb 10 2017 Fedora Release Engineering - 2.12-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Wed Feb 03 2016 Fedora Release Engineering - 2.12-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Mon Sep 14 2015 Pavel Raiskup - 2.12-2 +- (re)generate manual page for new options + +* Mon Sep 14 2015 Pavel Raiskup - 2.12-1 +- rebase, per release notes + http://lists.gnu.org/archive/html/bug-cpio/2015-09/msg00004.html + +* Mon Jul 06 2015 Ondrej Vasik - 2.11-36 +- in 2015, file name in CVE-2014-9112 shows in a bit different timestamp + format (fix FTBFS, #1239416) + +* Wed Jun 17 2015 Fedora Release Engineering - 2.11-35 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Sat Feb 21 2015 Till Maas - 2.11-34 +- Rebuilt for Fedora 23 Change + https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code + +* Wed Dec 03 2014 Pavel Raiskup - 2.11-33 +- the stored archive in testsuite has little endian headers, expect also + 'reversed byte-order' warning on big-endian + +* Wed Dec 03 2014 Pavel Raiskup - 2.11-32 +- adjust the testsuite fix for CVE-2014-9112 (#1167573) +- put the testsuite.log to standard output if make check fails + +* Tue Dec 02 2014 Pavel Raiskup - 2.11-31 +- fix for CVE-2014-9112 (#1167573) + +* Sat Aug 16 2014 Fedora Release Engineering - 2.11-30 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Fri Jul 11 2014 Tom Callaway - 2.11-29 +- fix license handling + +* Sat Jun 07 2014 Fedora Release Engineering - 2.11-28 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Sat May 24 2014 Pavel Raiskup - 2.11-27 +- better fix for bad read() error checking (#996150) + +* Mon Apr 07 2014 Pavel Raiskup - 2.11-26 +- fix manual page to warn users about inode truncation (#952313) +- fix for RU translation (#1075510) + +* Tue Nov 12 2013 Pavel Raiskup - 2.11-25 +- fix build for ppc64le (#1029540) + +* Mon Sep 30 2013 Pavel Raiskup - 2.11-24 +- properly trim "crc" checksum to 32 bits (#1001965) +- remove unneeded patch for config.gues/config.sub (#951442) +- allow treat read() errors (#996150) + +* Sat Aug 03 2013 Fedora Release Engineering - 2.11-21 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Wed Mar 27 2013 Pavel Raiskup - 2.11-20 +- fix another bogus date in changelog +- update config.guess/config.sub for aarm64 build (#925189) +- run autoreconf instead of autoheader + +* Fri Mar 15 2013 Pavel Raiskup - 2.11-19 +- revert the fix for memory leak (at least for now) #921725 + +* Tue Mar 12 2013 Pavel Raiskup - 2.11-18 +- explicitly provide /bin/cpio for packages that are dependant on this file + +* Mon Mar 11 2013 Pavel Raiskup - 2.11-17 +- fix small memory leak in copyin.c (#919454) +- remove %%defattr and install 'cpio' to real %%{_bindir} +- CovScan: add %%{?_rawbuild} + +* Wed Feb 13 2013 Fedora Release Engineering - 2.11-16 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + +* Mon Nov 05 2012 Pavel Raiskup - 2.11-15 +- disable the temporary O_SYNC fix (glibc is fixed - #872366) + +* Fri Nov 02 2012 Pavel Raiskup - 2.11-14 +- fix bad changelog entries +- allow to build in Fedora Rawhide (temporarily because of #872336) (the value + is guessed from from /usr/include/asm-generic/fcntl.h) + +* Mon Oct 22 2012 Pavel Raiskup 2.11-13 +- move RH-only manual page cpio.1 from look-aside cache into dist-git repository + +* Thu Oct 18 2012 Pavel Raiskup 2.11-12 +- fix for bad file name splitting while creating ustar archive (#866467) + +* Wed Aug 29 2012 Ondrej Vasik 2.11-11 +- add missing options to manpage (#852765) + +* Wed Jul 18 2012 Fedora Release Engineering - 2.11-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Mon Jun 04 2012 Ondrej Vasik 2.11-9 +- fix build failure in rawhide build system (gets undefined) + +* Wed May 30 2012 Ondrej Vasik 2.11-8 +- drop unnecessary patches: cpio-2.9-dir_perm.patch and + cpio-2.9-sys_umask.patch - reported by M.Castellini + +* Tue May 15 2012 Ondrej Vasik 2.11-7 +- add virtual provides for bundled(gnulib) copylib (#821749) + +* Thu Jan 12 2012 Fedora Release Engineering - 2.11-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild + +* Fri Oct 14 2011 Ondrej Vasik 2.11-5 +- update manpage to reflect new option, polish the style (#746209) + +* Mon Mar 07 2011 Ondrej Vasik 2.11-4 +- fix several typos and manpage syntax(Ville Skyttä, #682470) + +* Tue Feb 08 2011 Fedora Release Engineering - 2.11-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + +* Mon May 31 2010 Ondrej Vasik 2.11-2 +- built with fno-strict-aliasing(#596153) + +* Thu Mar 11 2010 Ondrej Vasik 2.11-1 +- new upstream release 2.11 +- removed applied patches, run test suite + +* Wed Mar 10 2010 Ondrej Vasik 2.10-6 +- CVE-2010-0624 fix heap-based buffer overflow by expanding + a specially-crafted archive(#572150) +- comment patches + +* Thu Feb 25 2010 Ondrej Vasik 2.10-5 +- remove redundant setLocale patch +- fix segfault with nonexisting file with patternnames + (#567022) + +* Wed Jan 06 2010 Ondrej Vasik 2.10-4 +- do not fail with new POSIX 2008 utimens() glibc call + (#552320) + +* Thu Aug 06 2009 Ondrej Vasik 2.10-3 +- do process install-info only without --excludedocs(#515924) + +* Fri Jul 24 2009 Fedora Release Engineering - 2.10-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + +* Mon Jun 22 2009 Ondrej Vasik 2.10-1 +- new upstream release 2.10 + +* Mon Mar 9 2009 Ondrej Vasik 2.9.90-5 +- define default remote shell as /usr/bin/ssh(#452904) +- use /etc/rmt as default rmt command + +* Tue Feb 24 2009 Fedora Release Engineering - 2.9.90-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild + +* Wed Feb 11 2009 Ondrej Vasik 2.9.90-3 +- make -d honor system umask(#484997) + +* Fri Jul 18 2008 Kamil Dudka 2.9.90-2 +- Support major/minor device numbers over 127 (bz#450109) + +* Tue Jun 03 2008 Ondrej Vasik 2.9.90-1 +- new upstream alpha version 2.9.90 + removed applied patches + +* Mon Mar 03 2008 Radek Brich 2.9-7 +- fix -dir_perm patch to restore permissions correctly even + in passthrough mode -- revert affected code to cpio 2.8 state + (bz#430835) + +* Thu Feb 14 2008 Radek Brich 2.9-6 +- when extracting archive created with 'find -depth', + restore the permissions of directories properly (bz#430835) +- fix for GCC 4.3 + +* Thu Nov 01 2007 Radek Brich 2.9-5 +- upstream patch for CVE-2007-4476 (stack crashing in safer_name_suffix) + +* Tue Sep 04 2007 Radek Brich 2.9-4 +- Updated license tag + +* Wed Aug 29 2007 Fedora Release Engineering - 2.9-3 +- Rebuild for selinux ppc32 issue. + +* Thu Jul 19 2007 Radek Brich 2.9-1.1 +- fix spec, rebuild + +* Thu Jul 19 2007 Radek Brich 2.9-1 +- update to 2.9, GPLv3 + +* Tue Feb 20 2007 Peter Vrabec 2.6-27 +- fix typo in changelog + +* Thu Feb 08 2007 Ruben Kerkhof 2.6-26 +- Preserve timestamps when installing files + +* Thu Feb 08 2007 Peter Vrabec 2.6-25 +- set cpio bindir properly + +* Wed Feb 07 2007 Peter Vrabec 2.6-24 +- fix spec file to meet Fedora standards (#225656) + +* Mon Jan 22 2007 Peter Vrabec 2.6-23 +- fix non-failsafe install-info use in scriptlets (#223682) + +* Sun Dec 10 2006 Peter Vrabec 2.6-22 +- fix rpmlint issue in spec file + +* Tue Dec 05 2006 Peter Vrabec 2.6-21 +- fix setlocale (#200478) + +* Sat Nov 25 2006 Peter Vrabec 2.6-20 +- cpio man page provided by RedHat + +* Tue Jul 18 2006 Peter Vrabec 2.6-19 +- fix cpio --help output (#197597) + +* Wed Jul 12 2006 Jesse Keating - 2.6-18.1 +- rebuild + +* Sat Jun 10 2006 Peter Vrabec 2.6-18 +- autoconf was added to BuildRequires, because autoheader is + used in prep phase (#194737) + +* Tue Mar 28 2006 Peter Vrabec 2.6-17 +- rebuild + +* Sat Mar 25 2006 Peter Vrabec 2.6-15 +- fix (#186339) on ppc and s390 + +* Thu Mar 23 2006 Peter Vrabec 2.6-14 +- init struct file_hdr (#186339) + +* Wed Mar 15 2006 Peter Vrabec 2.6-13 +- merge toAsciiError.patch with writeOutHeaderBufferOverflow.patch +- merge largeFileGrew.patch with lfs.patch +- fix large file support, cpio is able to store files<8GB + in 'old ascii' format (-H odc option) +- adjust warnings.patch + +* Tue Mar 14 2006 Peter Vrabec 2.6-12 +- fix warn_if_file_changed() and set exit code to #1 when + cpio fails to store file > 4GB (#183224) + +* Fri Feb 10 2006 Jesse Keating - 2.6-11.2.1 +- bump again for double-long bug on ppc(64) + +* Tue Feb 07 2006 Jesse Keating - 2.6-11.2 +- rebuilt for new gcc4.1 snapshot and glibc changes + +* Fri Dec 09 2005 Jesse Keating +- rebuilt + +* Wed Nov 23 2005 Peter Vrabec 2.6-11 +- fix previous patch(writeOutHeaderBufferOverflow) + +* Wed Nov 23 2005 Peter Vrabec 2.6-10 +- write_out_header rewritten to fix buffer overflow(#172669) + +* Mon Oct 31 2005 Peter Vrabec 2.6-9 +- fix checksum error on 64-bit machines (#171649) + +* Fri Jul 01 2005 Peter Vrabec 2.6-8 +- fix large file support, archive >4GiB, archive members <4GiB (#160056) +- fix race condition holes, use mode 0700 for dir creation + +* Tue May 17 2005 Peter Vrabec 2.6-7 +- fix #156314 (CAN-2005-1229) cpio directory traversal issue +- fix some gcc warnings + +* Mon Apr 25 2005 Peter Vrabec 2.6-6 +- fix race condition (#155749) +- use find_lang macro + +* Thu Mar 17 2005 Peter Vrabec +- rebuild 2.6-5 + +* Mon Jan 24 2005 Peter Vrabec +- insecure file creation (#145721) + +* Mon Jan 17 2005 Peter Vrabec +- fix symlinks pack (#145225) + +* Fri Jan 14 2005 Peter Vrabec +- new fixed version of lfs patch (#144688) + +* Thu Jan 13 2005 Peter Vrabec +- upgrade to cpio-2.6 + +* Tue Nov 09 2004 Peter Vrabec +- fixed "cpio -oH ustar (or tar) saves bad mtime date after Jan 10 2004" (#114580) + +* Mon Nov 01 2004 Peter Vrabec +- support large files > 2GB (#105617) + +* Thu Oct 21 2004 Peter Vrabec +- fix dependencies in spec + +* Tue Jun 15 2004 Elliot Lee +- rebuilt + +* Fri Feb 13 2004 Elliot Lee +- rebuilt + +* Tue Sep 23 2003 Florian La Roche +- do not link against -lnsl + +* Wed Jun 04 2003 Elliot Lee +- rebuilt + +* Fri Feb 14 2003 Jeff Johnson 2.5-3 +- setlocale for i18n compliance (#79136). + +* Wed Jan 22 2003 Tim Powers +- rebuilt + +* Mon Nov 18 2002 Jeff Johnson 2.5-1 +- update 2.5, restack and consolidate patches. +- don't apply (but include for now) freebsd and #56346 patches. +- add url (#54598). + +* Thu Nov 7 2002 Jeff Johnson 2.4.2-30 +- rebuild from CVS. + +* Fri Jun 21 2002 Tim Powers +- automated rebuild + +* Thu May 23 2002 Tim Powers +- automated rebuild + +* Wed Jan 09 2002 Tim Powers +- automated rebuild + +* Thu Nov 22 2001 Bernhard Rosenkraenzer 2.4.2-25 +- Fix up extraction of multiply linked files when the first link is + excluded (Bug #56346) + +* Mon Oct 1 2001 Bernhard Rosenkraenzer 2.4.2-24 +- Merge and adapt patches from FreeBSD, this should fix FIFO handling + +* Tue Jun 26 2001 Bernhard Rosenkraenzer +- Add and adapt Debian patch (pl36), fixes #45285 and a couple of other issues + +* Sun Jun 24 2001 Elliot Lee +- Bump release + rebuild. + +* Tue Aug 8 2000 Jeff Johnson +- update man page with decription of -c behavior (#10581). + +* Wed Jul 12 2000 Prospector +- automatic rebuild + +* Thu Jun 29 2000 Preston Brown +- patch from HJ Lu for better error codes upon exit + +* Mon Jun 5 2000 Jeff Johnson +- FHS packaging. + +* Wed Feb 9 2000 Jeff Johnson +- missing defattr. + +* Mon Feb 7 2000 Bill Nottingham +- handle compressed manpages + +* Fri Dec 17 1999 Jeff Johnson +- revert the stdout patch (#3358), restoring original GNU cpio behavior + (#6376, #7538), the patch was dumb. + +* Tue Aug 31 1999 Jeff Johnson +- fix infinite loop unpacking empty files with hard links (#4208). +- stdout should contain progress information (#3358). + +* Sun Mar 21 1999 Crstian Gafton +- auto rebuild in the new build environment (release 12) + +* Sat Dec 5 1998 Jeff Johnson +- longlong dev wrong with "-o -H odc" headers (formerly "-oc"). + +* Thu Dec 03 1998 Cristian Gafton +- patch to compile on glibc 2.1, where strdup is a macro + +* Tue Jul 14 1998 Jeff Johnson +- Fiddle bindir/libexecdir to get RH install correct. +- Don't include /sbin/rmt -- use the rmt from dump package. +- Don't include /bin/mt -- use the mt from mt-st package. +- Add prereq's + +* Tue Jun 30 1998 Jeff Johnson +- fix '-c' to duplicate svr4 behavior (problem #438) +- install support programs & info pages + +* Mon Apr 27 1998 Prospector System +- translations modified for de, fr, tr + +* Fri Oct 17 1997 Donnie Barnes +- added BuildRoot +- removed "(used by RPM)" comment in Summary + +* Thu Jun 19 1997 Erik Troan +- built against glibc +- no longer statically linked as RPM doesn't use cpio for unpacking packages diff --git a/sources b/sources new file mode 100644 index 0000000..1b7e385 --- /dev/null +++ b/sources @@ -0,0 +1 @@ +SHA512 (cpio-2.12.tar.bz2) = 0cd4da5f2fbca179ab4e666a5f878414c086a5f98bce4c76273f21d9b2a6fe422d901b5d453826c5f81bbe363aa015047a1e99779ad1a451c8feca6205c63120