rpms/libarchive
5
0
Fork 0
Code Issues Pull Requests Releases Activity

rebase: update to new v3.2.0 version

Browse Source 
Resolves: rhbz#1330345
Version: 3.2.0-1
This commit is contained in:
Pavel Raiskup 2016-05-03 08:28:45 +02:00
parent efd48f11f9
commit 9e3ae29124
6 changed files with 27 additions and 581 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

219
libarchive-3.1.2-acl.patch
View File

@ -1,219 +0,0 @@
diff -ruN libarchive-3.1.2/libarchive/archive_read_disk_entry_from_file.c libarchive-3.1.2.fixed/libarchive/archive_read_disk_entry_from_file.c
--- libarchive-3.1.2/libarchive/archive_read_disk_entry_from_file.c 2013-02-08 01:52:07.000000000 +0100
+++ libarchive-3.1.2.fixed/libarchive/archive_read_disk_entry_from_file.c 2013-08-08 10:47:41.000000000 +0200
@@ -399,7 +399,7 @@
#endif
-#if defined(HAVE_POSIX_ACL) && defined(ACL_TYPE_NFS4)
+#ifdef HAVE_POSIX_ACL
static int translate_acl(struct archive_read_disk *a,
struct archive_entry *entry, acl_t acl, int archive_entry_acl_type);
@@ -419,6 +419,7 @@
archive_entry_acl_clear(entry);
+#ifdef ACL_TYPE_NFS4
/* Try NFS4 ACL first. */
if (*fd >= 0)
acl = acl_get_fd(*fd);
@@ -447,6 +448,7 @@
acl_free(acl);
return (ARCHIVE_OK);
}
+#endif
/* Retrieve access ACL from file. */
if (*fd >= 0)
@@ -492,6 +494,7 @@
{ARCHIVE_ENTRY_ACL_EXECUTE, ACL_EXECUTE},
{ARCHIVE_ENTRY_ACL_WRITE, ACL_WRITE},
{ARCHIVE_ENTRY_ACL_READ, ACL_READ},
+#ifdef ACL_TYPE_NFS4
{ARCHIVE_ENTRY_ACL_READ_DATA, ACL_READ_DATA},
{ARCHIVE_ENTRY_ACL_LIST_DIRECTORY, ACL_LIST_DIRECTORY},
{ARCHIVE_ENTRY_ACL_WRITE_DATA, ACL_WRITE_DATA},
@@ -508,8 +511,10 @@
{ARCHIVE_ENTRY_ACL_WRITE_ACL, ACL_WRITE_ACL},
{ARCHIVE_ENTRY_ACL_WRITE_OWNER, ACL_WRITE_OWNER},
{ARCHIVE_ENTRY_ACL_SYNCHRONIZE, ACL_SYNCHRONIZE}
+#endif
};
+#ifdef ACL_TYPE_NFS4
static struct {
int archive_inherit;
int platform_inherit;
@@ -519,21 +524,25 @@
{ARCHIVE_ENTRY_ACL_ENTRY_NO_PROPAGATE_INHERIT, ACL_ENTRY_NO_PROPAGATE_INHERIT},
{ARCHIVE_ENTRY_ACL_ENTRY_INHERIT_ONLY, ACL_ENTRY_INHERIT_ONLY}
};
-
+#endif
static int
translate_acl(struct archive_read_disk *a,
struct archive_entry *entry, acl_t acl, int default_entry_acl_type)
{
acl_tag_t acl_tag;
+#ifdef ACL_TYPE_NFS4
acl_entry_type_t acl_type;
acl_flagset_t acl_flagset;
+ int brand, r;
+#endif
acl_entry_t acl_entry;
acl_permset_t acl_permset;
- int brand, i, r, entry_acl_type;
+ int i, entry_acl_type;
int s, ae_id, ae_tag, ae_perm;
const char *ae_name;
+#ifdef ACL_TYPE_NFS4
// FreeBSD "brands" ACLs as POSIX.1e or NFSv4
// Make sure the "brand" on this ACL is consistent
// with the default_entry_acl_type bits provided.
@@ -560,6 +569,7 @@
return ARCHIVE_FAILED;
break;
}
+#endif
s = acl_get_entry(acl, ACL_FIRST_ENTRY, &acl_entry);
@@ -592,9 +602,11 @@
case ACL_OTHER:
ae_tag = ARCHIVE_ENTRY_ACL_OTHER;
break;
+#ifdef ACL_TYPE_NFS4
case ACL_EVERYONE:
ae_tag = ARCHIVE_ENTRY_ACL_EVERYONE;
break;
+#endif
default:
/* Skip types that libarchive can't support. */
s = acl_get_entry(acl, ACL_NEXT_ENTRY, &acl_entry);
@@ -605,6 +617,7 @@
// XXX acl_get_entry_type_np on FreeBSD returns EINVAL for
// non-NFSv4 ACLs
entry_acl_type = default_entry_acl_type;
+#ifdef ACL_TYPE_NFS4
r = acl_get_entry_type_np(acl_entry, &acl_type);
if (r == 0) {
switch (acl_type) {
@@ -634,9 +647,10 @@
ae_perm |= acl_inherit_map[i].archive_inherit;
}
+#endif
acl_get_permset(acl_entry, &acl_permset);
- for (i = 0; i < (int)(sizeof(acl_perm_map) / sizeof(acl_perm_map[0])); ++i) {
+ for (i = 0; i < (int)(sizeof(acl_perm_map) / sizeof(acl_perm_map[0])); ++i) {
/*
* acl_get_perm() is spelled differently on different
* platforms; see above.
diff -ruN libarchive-3.1.2/libarchive/archive_write_disk_acl.c libarchive-3.1.2.fixed/libarchive/archive_write_disk_acl.c
--- libarchive-3.1.2/libarchive/archive_write_disk_acl.c 2013-01-14 02:43:45.000000000 +0100
+++ libarchive-3.1.2.fixed/libarchive/archive_write_disk_acl.c 2013-08-08 10:31:35.000000000 +0200
@@ -43,7 +43,7 @@
#include "archive_acl_private.h"
#include "archive_write_disk_private.h"
-#if !defined(HAVE_POSIX_ACL) || !defined(ACL_TYPE_NFS4)
+#ifndef HAVE_POSIX_ACL
/* Default empty function body to satisfy mainline code. */
int
archive_write_disk_set_acls(struct archive *a, int fd, const char *name,
@@ -79,10 +79,12 @@
ret = set_acl(a, fd, name, abstract_acl, ACL_TYPE_DEFAULT,
ARCHIVE_ENTRY_ACL_TYPE_DEFAULT, "default");
return (ret);
+#ifdef ACL_TYPE_NFS4
} else if (archive_acl_count(abstract_acl, ARCHIVE_ENTRY_ACL_TYPE_NFS4) > 0) {
ret = set_acl(a, fd, name, abstract_acl, ACL_TYPE_NFS4,
ARCHIVE_ENTRY_ACL_TYPE_NFS4, "nfs4");
return (ret);
+#endif
} else
return ARCHIVE_OK;
}
@@ -94,6 +96,7 @@
{ARCHIVE_ENTRY_ACL_EXECUTE, ACL_EXECUTE},
{ARCHIVE_ENTRY_ACL_WRITE, ACL_WRITE},
{ARCHIVE_ENTRY_ACL_READ, ACL_READ},
+#ifdef ACL_TYPE_NFS4
{ARCHIVE_ENTRY_ACL_READ_DATA, ACL_READ_DATA},
{ARCHIVE_ENTRY_ACL_LIST_DIRECTORY, ACL_LIST_DIRECTORY},
{ARCHIVE_ENTRY_ACL_WRITE_DATA, ACL_WRITE_DATA},
@@ -110,8 +113,10 @@
{ARCHIVE_ENTRY_ACL_WRITE_ACL, ACL_WRITE_ACL},
{ARCHIVE_ENTRY_ACL_WRITE_OWNER, ACL_WRITE_OWNER},
{ARCHIVE_ENTRY_ACL_SYNCHRONIZE, ACL_SYNCHRONIZE}
+#endif
};
+#ifdef ACL_TYPE_NFS4
static struct {
int archive_inherit;
int platform_inherit;
@@ -121,6 +126,7 @@
{ARCHIVE_ENTRY_ACL_ENTRY_NO_PROPAGATE_INHERIT, ACL_ENTRY_NO_PROPAGATE_INHERIT},
{ARCHIVE_ENTRY_ACL_ENTRY_INHERIT_ONLY, ACL_ENTRY_INHERIT_ONLY}
};
+#endif
static int
set_acl(struct archive *a, int fd, const char *name,
@@ -130,7 +136,9 @@
acl_t acl;
acl_entry_t acl_entry;
acl_permset_t acl_permset;
+#ifdef ACL_TYPE_NFS4
acl_flagset_t acl_flagset;
+#endif
int ret;
int ae_type, ae_permset, ae_tag, ae_id;
uid_t ae_uid;
@@ -171,14 +179,17 @@
case ARCHIVE_ENTRY_ACL_OTHER:
acl_set_tag_type(acl_entry, ACL_OTHER);
break;
+#ifdef ACL_TYPE_NFS4
case ARCHIVE_ENTRY_ACL_EVERYONE:
acl_set_tag_type(acl_entry, ACL_EVERYONE);
break;
+#endif
default:
/* XXX */
break;
}
+#ifdef ACL_TYPE_NFS4
switch (ae_type) {
case ARCHIVE_ENTRY_ACL_TYPE_ALLOW:
acl_set_entry_type_np(acl_entry, ACL_ENTRY_TYPE_ALLOW);
@@ -200,6 +211,7 @@
// XXX error handling here.
break;
}
+#endif
acl_get_permset(acl_entry, &acl_permset);
acl_clear_perms(acl_permset);
@@ -210,6 +222,7 @@
acl_perm_map[i].platform_perm);
}
+#ifdef ACL_TYPE_NFS4
acl_get_flagset_np(acl_entry, &acl_flagset);
acl_clear_flags_np(acl_flagset);
for (i = 0; i < (int)(sizeof(acl_inherit_map) / sizeof(acl_inherit_map[0])); ++i) {
@@ -217,6 +230,7 @@
acl_add_flag_np(acl_flagset,
acl_inherit_map[i].platform_inherit);
}
+#endif
}
/* Try restoring the ACL through 'fd' if we can. */

29
libarchive-3.1.2-mtree-fix.patch
View File

@ -1,29 +0,0 @@
From e65bf287f0133426b26611fe3e80b51267987106 Mon Sep 17 00:00:00 2001
From: Dave Reisner <dreisner@archlinux.org>
Date: Thu, 21 Feb 2013 19:01:06 -0500
Subject: [PATCH] mtree: fix line filename length calculation. Fixes #301.
Signed-off-by: Andres Mejia <amejia004@gmail.com>
---
libarchive/archive_write_set_format_mtree.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/libarchive/archive_write_set_format_mtree.c b/libarchive/archive_write_set_format_mtree.c
index 9c0613c..f37f723 100644
--- a/libarchive/archive_write_set_format_mtree.c
+++ b/libarchive/archive_write_set_format_mtree.c
@@ -1855,9 +1855,9 @@ mtree_entry_setup_filenames(struct archive_write *a, struct mtree_entry *file,
return (ret);
}
- /* Make a basename from dirname and slash */
+ /* Make a basename from file->parentdir.s and slash */
*slash = '\0';
- file->parentdir.length = slash - dirname;
+ file->parentdir.length = slash - file->parentdir.s;
archive_strcpy(&(file->basename), slash + 1);
return (ret);
}
--
2.5.0

119
libarchive-3.1.2-security-rhbz-1216891.patch
View File

@ -1,119 +0,0 @@
From df29aeb7db98d227aea966b18261e5c1d97d223a Mon Sep 17 00:00:00 2001
From: Pavel Raiskup <praiskup@redhat.com>
Date: Wed, 29 Apr 2015 10:23:01 +0200
Subject: [PATCH] Upstream 3865cf2bc e6c9668f 24f5de65 --- From: Tim Kientzle
<kientzle@acm.org> Date: Fri, 30 Jan 2015 23:54:19 -0800 Subject: [PATCH]
Issue 394: Segfault when reading malformed old-style cpio archives
Root cause here was an implicit cast that resulted in
reading very large file sizes as negative numbers.
---
From: Tim Kientzle <kientzle@acm.org>
Date: Fri, 30 Jan 2015 23:57:03 -0800
Subject: [PATCH] Add a check to archive_read_filter_consume to
reject any attempts to move the file pointer by a negative
amount.
Note: Either this or commit 3865cf2 provides a fix for
Issue 394.
---
From: Tim Kientzle <kientzle@acm.org>
Date: Fri, 6 Feb 2015 22:07:16 -0800
Subject: [PATCH] Set a proper error message if we hit end-of-file
when trying to read a cpio header.
Suggested by Issue #395, although the actual problem there
seems to have been the same as Issue #394.
---
libarchive/archive_read.c | 2 ++
libarchive/archive_read_support_format_cpio.c | 22 ++++++++++++++--------
2 files changed, 16 insertions(+), 8 deletions(-)
diff --git a/libarchive/archive_read.c b/libarchive/archive_read.c
index 048c316..7f3edc1 100644
--- a/libarchive/archive_read.c
+++ b/libarchive/archive_read.c
@@ -1394,6 +1394,8 @@ __archive_read_filter_consume(struct archive_read_filter * filter,
{
int64_t skipped;
+ if (request < 0)
+ return ARCHIVE_FATAL;
if (request == 0)
return 0;
diff --git a/libarchive/archive_read_support_format_cpio.c b/libarchive/archive_read_support_format_cpio.c
index 819f4a4..1dabc47 100644
--- a/libarchive/archive_read_support_format_cpio.c
+++ b/libarchive/archive_read_support_format_cpio.c
@@ -198,7 +198,7 @@ static int archive_read_format_cpio_read_data(struct archive_read *,
static int archive_read_format_cpio_read_header(struct archive_read *,
struct archive_entry *);
static int archive_read_format_cpio_skip(struct archive_read *);
-static int be4(const unsigned char *);
+static int64_t be4(const unsigned char *);
static int find_odc_header(struct archive_read *);
static int find_newc_header(struct archive_read *);
static int header_bin_be(struct archive_read *, struct cpio *,
@@ -213,7 +213,7 @@ static int header_afiol(struct archive_read *, struct cpio *,
struct archive_entry *, size_t *, size_t *);
static int is_octal(const char *, size_t);
static int is_hex(const char *, size_t);
-static int le4(const unsigned char *);
+static int64_t le4(const unsigned char *);
static int record_hardlink(struct archive_read *a,
struct cpio *cpio, struct archive_entry *entry);
@@ -864,8 +864,11 @@ header_bin_le(struct archive_read *a, struct cpio *cpio,
/* Read fixed-size portion of header. */
h = __archive_read_ahead(a, bin_header_size, NULL);
- if (h == NULL)
+ if (h == NULL) {
+ archive_set_error(&a->archive, 0,
+ "End of file trying to read next cpio header");
return (ARCHIVE_FATAL);
+ }
/* Parse out binary fields. */
header = (const unsigned char *)h;
@@ -900,8 +903,11 @@ header_bin_be(struct archive_read *a, struct cpio *cpio,
/* Read fixed-size portion of header. */
h = __archive_read_ahead(a, bin_header_size, NULL);
- if (h == NULL)
+ if (h == NULL) {
+ archive_set_error(&a->archive, 0,
+ "End of file trying to read next cpio header");
return (ARCHIVE_FATAL);
+ }
/* Parse out binary fields. */
header = (const unsigned char *)h;
@@ -944,17 +950,17 @@ archive_read_format_cpio_cleanup(struct archive_read *a)
return (ARCHIVE_OK);
}
-static int
+static int64_t
le4(const unsigned char *p)
{
- return ((p[0]<<16) + (p[1]<<24) + (p[2]<<0) + (p[3]<<8));
+ return ((p[0] << 16) + (((int64_t)p[1]) << 24) + (p[2] << 0) + (p[3] << 8));
}
-static int
+static int64_t
be4(const unsigned char *p)
{
- return ((p[0]<<24) + (p[1]<<16) + (p[2]<<8) + (p[3]));
+ return ((((int64_t)p[0]) << 24) + (p[1] << 16) + (p[2] << 8) + (p[3]));
}
/*
--
2.1.0

150
libarchive-3.1.2-testsuite.patch
View File

@ -1,150 +0,0 @@
diff --git a/cpio/test/test_extract_cpio_lzo.c b/cpio/test/test_extract_cpio_lzo.c
index f351ba7..99476af 100644
--- a/cpio/test/test_extract_cpio_lzo.c
+++ b/cpio/test/test_extract_cpio_lzo.c
@@ -27,7 +27,7 @@ __FBSDID("$FreeBSD$");
DEFINE_TEST(test_extract_cpio_lzo)
{
- const char *reffile = "test_extract.cpio.lrz";
+ const char *reffile = "test_extract.cpio.lzo";
int f;
extract_reference_file(reffile);
diff --git a/libarchive/test/test_write_filter_lzop.c b/libarchive/test/test_write_filter_lzop.c
index 9e840bd..a32932c 100644
--- a/libarchive/test/test_write_filter_lzop.c
+++ b/libarchive/test/test_write_filter_lzop.c
@@ -39,7 +39,7 @@ DEFINE_TEST(test_write_filter_lzop)
size_t buffsize, datasize;
char path[16];
size_t used1, used2;
- int i, r, use_prog = 0;
+ int i, r, use_prog = 0, filecount;
assert((a = archive_write_new()) != NULL);
r = archive_write_add_filter_lzop(a);
@@ -58,9 +58,10 @@ DEFINE_TEST(test_write_filter_lzop)
datasize = 10000;
assert(NULL != (data = (char *)calloc(1, datasize)));
+ filecount = 10;
/*
- * Write a 100 files and read them all back.
+ * Write a filecount files and read them all back.
*/
assert((a = archive_write_new()) != NULL);
assertEqualIntA(a, ARCHIVE_OK, archive_write_set_format_ustar(a));
@@ -77,7 +78,7 @@ DEFINE_TEST(test_write_filter_lzop)
assert((ae = archive_entry_new()) != NULL);
archive_entry_set_filetype(ae, AE_IFREG);
archive_entry_set_size(ae, datasize);
- for (i = 0; i < 100; i++) {
+ for (i = 0; i < filecount; i++) {
sprintf(path, "file%03d", i);
archive_entry_copy_pathname(ae, path);
assertEqualIntA(a, ARCHIVE_OK, archive_write_header(a, ae));
@@ -97,7 +98,7 @@ DEFINE_TEST(test_write_filter_lzop)
} else {
assertEqualIntA(a, ARCHIVE_OK,
archive_read_open_memory(a, buff, used1));
- for (i = 0; i < 100; i++) {
+ for (i = 0; i < filecount; i++) {
sprintf(path, "file%03d", i);
if (!assertEqualInt(ARCHIVE_OK,
archive_read_next_header(a, &ae)))
@@ -133,7 +134,7 @@ DEFINE_TEST(test_write_filter_lzop)
archive_write_set_options(a, "lzop:compression-level=9"));
assertEqualIntA(a, ARCHIVE_OK,
archive_write_open_memory(a, buff, buffsize, &used2));
- for (i = 0; i < 100; i++) {
+ for (i = 0; i < filecount; i++) {
sprintf(path, "file%03d", i);
assert((ae = archive_entry_new()) != NULL);
archive_entry_copy_pathname(ae, path);
@@ -161,7 +162,7 @@ DEFINE_TEST(test_write_filter_lzop)
archive_read_support_filter_all(a));
assertEqualIntA(a, ARCHIVE_OK,
archive_read_open_memory(a, buff, used2));
- for (i = 0; i < 100; i++) {
+ for (i = 0; i < filecount; i++) {
sprintf(path, "file%03d", i);
if (!assertEqualInt(ARCHIVE_OK,
archive_read_next_header(a, &ae)))
@@ -186,7 +187,7 @@ DEFINE_TEST(test_write_filter_lzop)
archive_write_set_filter_option(a, NULL, "compression-level", "1"));
assertEqualIntA(a, ARCHIVE_OK,
archive_write_open_memory(a, buff, buffsize, &used2));
- for (i = 0; i < 100; i++) {
+ for (i = 0; i < filecount; i++) {
sprintf(path, "file%03d", i);
assert((ae = archive_entry_new()) != NULL);
archive_entry_copy_pathname(ae, path);
@@ -216,7 +217,7 @@ DEFINE_TEST(test_write_filter_lzop)
} else {
assertEqualIntA(a, ARCHIVE_OK,
archive_read_open_memory(a, buff, used2));
- for (i = 0; i < 100; i++) {
+ for (i = 0; i < filecount; i++) {
sprintf(path, "file%03d", i);
if (!assertEqualInt(ARCHIVE_OK,
archive_read_next_header(a, &ae)))
diff --git a/tar/test/test_option_b.c b/tar/test/test_option_b.c
index be2ae65..7164d4c 100644
--- a/tar/test/test_option_b.c
+++ b/tar/test/test_option_b.c
@@ -25,8 +25,14 @@
#include "test.h"
__FBSDID("$FreeBSD$");
+static char *ustar_opt = " --format=ustar";
+
DEFINE_TEST(test_option_b)
{
+ char *testprog_ustar = malloc(strlen(testprog) + strlen(ustar_opt) + 2);
+ strcpy(testprog_ustar, testprog);
+ strcat(testprog_ustar, ustar_opt);
+
assertMakeFile("file1", 0644, "file1");
if (systemf("cat file1 > test_cat.out 2> test_cat.err") != 0) {
skipping("Platform doesn't have cat");
@@ -36,7 +42,7 @@ DEFINE_TEST(test_option_b)
/*
* Bsdtar does not pad if the output is going directly to a disk file.
*/
- assertEqualInt(0, systemf("%s -cf archive1.tar file1 >test1.out 2>test1.err", testprog));
+ assertEqualInt(0, systemf("%s -cf archive1.tar file1 >test1.out 2>test1.err", testprog_ustar));
failure("bsdtar does not pad archives written directly to regular files");
assertFileSize("archive1.tar", 2048);
assertEmptyFile("test1.out");
@@ -46,24 +52,24 @@ DEFINE_TEST(test_option_b)
* Bsdtar does pad to the block size if the output is going to a socket.
*/
/* Default is -b 20 */
- assertEqualInt(0, systemf("%s -cf - file1 2>test2.err | cat >archive2.tar ", testprog));
+ assertEqualInt(0, systemf("%s -cf - file1 2>test2.err | cat >archive2.tar ", testprog_ustar));
failure("bsdtar does pad archives written to pipes");
assertFileSize("archive2.tar", 10240);
assertEmptyFile("test2.err");
- assertEqualInt(0, systemf("%s -cf - -b 20 file1 2>test3.err | cat >archive3.tar ", testprog));
+ assertEqualInt(0, systemf("%s -cf - -b 20 file1 2>test3.err | cat >archive3.tar ", testprog_ustar));
assertFileSize("archive3.tar", 10240);
assertEmptyFile("test3.err");
- assertEqualInt(0, systemf("%s -cf - -b 10 file1 2>test4.err | cat >archive4.tar ", testprog));
+ assertEqualInt(0, systemf("%s -cf - -b 10 file1 2>test4.err | cat >archive4.tar ", testprog_ustar));
assertFileSize("archive4.tar", 5120);
assertEmptyFile("test4.err");
- assertEqualInt(0, systemf("%s -cf - -b 1 file1 2>test5.err | cat >archive5.tar ", testprog));
+ assertEqualInt(0, systemf("%s -cf - -b 1 file1 2>test5.err | cat >archive5.tar ", testprog_ustar));
assertFileSize("archive5.tar", 2048);
assertEmptyFile("test5.err");
- assertEqualInt(0, systemf("%s -cf - -b 8192 file1 2>test6.err | cat >archive6.tar ", testprog));
+ assertEqualInt(0, systemf("%s -cf - -b 8192 file1 2>test6.err | cat >archive6.tar ", testprog_ustar));
assertFileSize("archive6.tar", 4194304);
assertEmptyFile("test6.err");

32
libarchive-3.1.3-CVE-2013-0211_read_buffer_overflow.patch
View File

@ -1,32 +0,0 @@
From 22531545514043e04633e1c015c7540b9de9dbe4 Mon Sep 17 00:00:00 2001
From: Tim Kientzle <kientzle@acm.org>
Date: Fri, 22 Mar 2013 23:48:41 -0700
Subject: [PATCH] Limit write requests to at most INT_MAX. This prevents a
certain common programming error (passing -1 to write) from leading to other
problems deeper in the library.
---
libarchive/archive_write.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/libarchive/archive_write.c b/libarchive/archive_write.c
index eede5e0..be85621 100644
--- a/libarchive/archive_write.c
+++ b/libarchive/archive_write.c
@@ -673,8 +673,13 @@ static ssize_t
_archive_write_data(struct archive *_a, const void *buff, size_t s)
{
struct archive_write *a = (struct archive_write *)_a;
+ const size_t max_write = INT_MAX;
+
archive_check_magic(&a->archive, ARCHIVE_WRITE_MAGIC,
ARCHIVE_STATE_DATA, "archive_write_data");
+ /* In particular, this catches attempts to pass negative values. */
+ if (s > max_write)
+ s = max_write;
archive_clear_error(&a->archive);
return ((a->format_write_data)(a, buff, s));
}
--
1.8.1

59
libarchive.spec
View File

@ -1,13 +1,12 @@
Name: libarchive
Version: 3.1.2
Release: 16%{?dist}
Version: 3.2.0
Release: 1%{?dist}
Summary: A library for handling streaming archive formats
License: BSD
URL: http://www.libarchive.org/
Source0: http://www.libarchive.org/downloads/%{name}-%{version}.tar.gz
BuildRequires: bison
BuildRequires: sharutils
BuildRequires: zlib-devel
@ -19,26 +18,8 @@ BuildRequires: libacl-devel
BuildRequires: libattr-devel
BuildRequires: openssl-devel
BuildRequires: libxml2-devel
BuildRequires: automake autoconf libtool
# CVE-2013-0211 libarchive: read buffer overflow on 64-bit systems
# https://bugzilla.redhat.com/show_bug.cgi?id=927105
Patch0: libarchive-3.1.3-CVE-2013-0211_read_buffer_overflow.patch
# upstream ~> 26629c191a & b539b2e597 & 9caa49246
Patch1: libarchive-3.1.2-testsuite.patch
# fix not working saving/restoring acl
# ~> downstream
Patch2: libarchive-3.1.2-acl.patch
# ~> upstream patches: 3865cf2b e6c9668f 24f5de65
Patch3: libarchive-3.1.2-security-rhbz-1216891.patch
# upstream: e65bf287
Patch4: libarchive-3.1.2-mtree-fix.patch
%description
Libarchive is a programming library that can create and read several different
streaming archive formats, including most popular tar variants, several cpio
@ -73,19 +54,27 @@ The bsdcpio package contains standalone bsdcpio utility split off regular
libarchive packages.
%package -n bsdcat
Summary: Expand files to standard output
Requires: %{name}%{?_isa} = %{version}-%{release}
%description -n bsdcat
The bsdcat program typically takes a filename as an argument or reads standard
input when used in a pipe. In both cases decompressed data it written to
standard output.
%prep
%autosetup -p1
%build
build/autogen.sh
%configure --disable-static --disable-rpath
# remove rpaths
sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool
sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool
test -z "$V" && verbose_make="V=1"
make %{?_smp_mflags} $verbose_make
make %{?_smp_mflags}
%install
@ -96,23 +85,17 @@ find $RPM_BUILD_ROOT -name '*.la' -exec rm -f {} ';'
%check
run_testsuite()
{
LD_LIBRARY_PATH=`pwd`/.libs make check -j1
res=$?
echo $res
if [ $res -ne 0 ]; then
LD_LIBRARY_PATH=`pwd`/.libs make %{?_smp_mflags} check -j1 || {
# error happened - try to extract in koji as much info as possible
cat test-suite.log
echo "========================="
err=`cat test-suite.log | grep "Details for failing tests" | cut -d: -f2`
for i in $err; do
find $i -printf "%p\n ~> a: %a\n ~> c: %c\n ~> t: %t\n ~> %s B\n"
echo "-------------------------"
cat $i/*.log
done
return 1
else
return 0
fi
}
}
# On a ppc/ppc64 is some race condition causing 'make check' fail on ppc
@ -161,8 +144,20 @@ run_testsuite
%{_bindir}/bsdcpio
%{_mandir}/*/bsdcpio*
%files -n bsdcat
%{!?_licensedir:%global license %%doc}
%license COPYING
%doc README NEWS
%{_bindir}/bsdcat
%{_mandir}/*/bsdcat*
%changelog
* Tue May 03 2016 Pavel Raiskup <praiskup@redhat.com> - 3.2.0-1
- new upstream release 3.2.0 (rhbz#1330345), per release notes:
https://groups.google.com/d/msg/libarchive-discuss/qIzW7doKzxA/MVbUkjlNAAAJ
* Mon Mar 07 2016 Björn Esser <fedora@besser82.io> - 3.1.2-16
- removed %%defattr, BuildRoot and other ancient bits
- added arch'ed bits to all Requires