Rebuilt for IMA sigs, glibc 2.34, aarch64 flags

Related: rhbz#1991688
Signed-off-by: Mohan Boddu <mboddu@redhat.com>

.gitignore

@@ -5,3 +5,7 @@ zziplib-0.13.49.tar.bz2
 /v0.13.67.tar.gz
 /v0.13.68.tar.gz
 /v0.13.69.tar.gz
+/v0.13.71.tar.gz
+/v0.13.71-pruned.tar.gz
+/match.py
+/options.py

CVE-2018-16548.part1.patch

@@ -1,71 +0,0 @@
-From 9411bde3e4a70a81ff3ffd256b71927b2d90dcbb Mon Sep 17 00:00:00 2001
-From: jmoellers <josef.moellers@suse.com>
-Date: Fri, 7 Sep 2018 11:32:04 +0200
-Subject: [PATCH] Avoid memory leak from __zzip_parse_root_directory().
-
----
- test/test.zip | Bin 1361 -> 1361 bytes
- zzip/zip.c    |  36 ++++++++++++++++++++++++++++++++++--
- 2 files changed, 34 insertions(+), 2 deletions(-)
-
-diff --git a/zzip/zip.c b/zzip/zip.c
-index 88b833b..a685280 100644
---- a/zzip/zip.c
-+++ b/zzip/zip.c
-@@ -475,9 +475,15 @@ __zzip_parse_root_directory(int fd,
-         } else
-         {
-             if (io->fd.seeks(fd, zz_rootseek + zz_offset, SEEK_SET) < 0)
-+	    {
-+	    	free(hdr0);
-                 return ZZIP_DIR_SEEK;
-+	    }
-             if (io->fd.read(fd, &dirent, sizeof(dirent)) < __sizeof(dirent))
-+	    {
-+	    	free(hdr0);
-                 return ZZIP_DIR_READ;
-+	    }
-             d = &dirent;
-         }
- 
-@@ -577,12 +583,38 @@ __zzip_parse_root_directory(int fd,
- 
-         if (hdr_return)
-             *hdr_return = hdr0;
-+	else
-+	{
-+	    /* If it is not assigned to *hdr_return, it will never be free()'d */
-+	    free(hdr0);
-+	    /* Make sure we don't free it again in case of error */
-+	    hdr0 = NULL;
-+	}
-     }                           /* else zero (sane) entries */
- #  ifndef ZZIP_ALLOW_MODULO_ENTRIES
--    return (entries != zz_entries ? ZZIP_CORRUPTED : 0);
-+    if (entries != zz_entries)
-+    {
-+	/* If it was assigned to *hdr_return, undo assignment */
-+	if (p_reclen && hdr_return)
-+	    *hdr_return = NULL;
-+	/* Free it, if it was not already free()'d */
-+	if (hdr0 != NULL)
-+	    free(hdr0);
-+	return ZZIP_CORRUPTED;
-+    }
- #  else
--    return ((entries & (unsigned)0xFFFF) != zz_entries ? ZZIP_CORRUPTED : 0);
-+    if (((entries & (unsigned)0xFFFF) != zz_entries)
-+    {
-+	/* If it was assigned to *hdr_return, undo assignment */
-+	if (p_reclen && hdr_return)
-+	    *hdr_return = NULL;
-+	/* Free it, if it was not already free()'d */
-+	if (hdr0 != NULL)
-+	    free(hdr0);
-+	return ZZIP_CORRUPTED;
-+    }
- #  endif
-+    return 0;
- }
- 
- /* ------------------------- high-level interface ------------------------- */

CVE-2018-16548.part2.patch

@@ -1,50 +0,0 @@
-From d2e5d5c53212e54a97ad64b793a4389193fec687 Mon Sep 17 00:00:00 2001
-From: jmoellers <josef.moellers@suse.com>
-Date: Fri, 7 Sep 2018 11:49:28 +0200
-Subject: [PATCH] Avoid memory leak from __zzip_parse_root_directory().
-
----
- zzip/zip.c | 25 ++-----------------------
- 1 file changed, 2 insertions(+), 23 deletions(-)
-
-diff --git a/zzip/zip.c b/zzip/zip.c
-index a685280..51a1a4d 100644
---- a/zzip/zip.c
-+++ b/zzip/zip.c
-@@ -587,34 +587,13 @@ __zzip_parse_root_directory(int fd,
- 	{
- 	    /* If it is not assigned to *hdr_return, it will never be free()'d */
- 	    free(hdr0);
--	    /* Make sure we don't free it again in case of error */
--	    hdr0 = NULL;
- 	}
-     }                           /* else zero (sane) entries */
- #  ifndef ZZIP_ALLOW_MODULO_ENTRIES
--    if (entries != zz_entries)
--    {
--	/* If it was assigned to *hdr_return, undo assignment */
--	if (p_reclen && hdr_return)
--	    *hdr_return = NULL;
--	/* Free it, if it was not already free()'d */
--	if (hdr0 != NULL)
--	    free(hdr0);
--	return ZZIP_CORRUPTED;
--    }
-+    return (entries != zz_entries) ? ZZIP_CORRUPTED : 0;
- #  else
--    if (((entries & (unsigned)0xFFFF) != zz_entries)
--    {
--	/* If it was assigned to *hdr_return, undo assignment */
--	if (p_reclen && hdr_return)
--	    *hdr_return = NULL;
--	/* Free it, if it was not already free()'d */
--	if (hdr0 != NULL)
--	    free(hdr0);
--	return ZZIP_CORRUPTED;
--    }
-+    return ((entries & (unsigned)0xFFFF) != zz_entries) ? ZZIP_CORRUPTED : 0;
- #  endif
--    return 0;
- }
- 
- /* ------------------------- high-level interface ------------------------- */

CVE-2018-16548.part3.patch

@@ -1,22 +0,0 @@
-From 0e1dadb05c1473b9df2d7b8f298dab801778ef99 Mon Sep 17 00:00:00 2001
-From: jmoellers <josef.moellers@suse.com>
-Date: Fri, 7 Sep 2018 13:55:35 +0200
-Subject: [PATCH] One more free() to avoid memory leak.
-
----
- zzip/zip.c | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/zzip/zip.c b/zzip/zip.c
-index 51a1a4d..bc6c080 100644
---- a/zzip/zip.c
-+++ b/zzip/zip.c
-@@ -589,6 +589,8 @@ __zzip_parse_root_directory(int fd,
- 	    free(hdr0);
- 	}
-     }                           /* else zero (sane) entries */
-+    else
-+        free(hdr0);
- #  ifndef ZZIP_ALLOW_MODULO_ENTRIES
-     return (entries != zz_entries) ? ZZIP_CORRUPTED : 0;
- #  else

CVE-2018-17828.part2.patch

@@ -1,55 +0,0 @@
-diff --git a/bins/unzip-mem.c b/bins/unzip-mem.c
-index c45cb72..ff564a5 100644
---- a/bins/unzip-mem.c
-+++ b/bins/unzip-mem.c
-@@ -88,10 +88,49 @@ static void zzip_mem_entry_pipe(ZZIP_MEM_DISK* disk,
-     }
- }
- 
-+static inline void
-+remove_dotdotslash(char *path)
-+{
-+    /* Note: removing "../" from the path ALWAYS shortens the path, never adds to it! */
-+    char *dotdotslash;
-+    int warned = 0;
-+
-+    dotdotslash = path;
-+    while ((dotdotslash = strstr(dotdotslash, "../")) != NULL)
-+    {
-+        /*
-+         * Remove only if at the beginning of the pathname ("../path/name")
-+         * or when preceded by a slash ("path/../name"),
-+         * otherwise not ("path../name..")!
-+         */
-+        if (dotdotslash == path || dotdotslash[-1] == '/')
-+        {
-+            char *src, *dst;
-+            if (!warned)
-+            {
-+                /* Note: the first time through the pathname is still intact */
-+                fprintf(stderr, "Removing \"../\" path component(s) in %s\n", path);
-+                warned = 1;
-+            }
-+            /* We cannot use strcpy(), as there "The strings may not overlap" */
-+            for (src = dotdotslash+3, dst=dotdotslash; (*dst = *src) != '\0'; src++, dst++)
-+                ;
-+        }
-+        else
-+            dotdotslash +=3;	/* skip this instance to prevent infinite loop */
-+    }
-+}
-+
- static void zzip_mem_entry_make(ZZIP_MEM_DISK* disk, 
- 				ZZIP_MEM_ENTRY* entry)
- {
--    FILE* file = fopen (entry->zz_name, "wb");
-+    char name_stripped[PATH_MAX];
-+    FILE* file;
-+
-+    strncpy(name_stripped, entry->zz_name, PATH_MAX);
-+    remove_dotdotslash(name_stripped);
-+    
-+    file = fopen (name_stripped, "wb");
-     if (file) { zzip_mem_entry_pipe (disk, entry, file); fclose (file); }
-     perror (entry->zz_name);
-     if (status < EXIT_WARNINGS) status = EXIT_WARNINGS;

CVE-2018-17828.patch

@@ -1,341 +0,0 @@
-From 81dfa6b3e08f6934885ba5c98939587d6850d08e Mon Sep 17 00:00:00 2001
-From: Josef Moellers <jmoellers@suse.de>
-Date: Thu, 4 Oct 2018 14:21:48 +0200
-Subject: [PATCH] Fix issue #62: Remove any "../" components from pathnames of
- extracted files. [CVE-2018-17828]
-
----
- bins/unzzipcat-big.c | 57 +++++++++++++++++++++++++++++++++++++++++++-
- bins/unzzipcat-mem.c | 57 +++++++++++++++++++++++++++++++++++++++++++-
- bins/unzzipcat-mix.c | 57 +++++++++++++++++++++++++++++++++++++++++++-
- bins/unzzipcat-zip.c | 57 +++++++++++++++++++++++++++++++++++++++++++-
- 4 files changed, 224 insertions(+), 4 deletions(-)
-
-diff --git a/bins/unzzipcat-big.c b/bins/unzzipcat-big.c
-index 982d262..88c4d65 100644
---- a/bins/unzzipcat-big.c
-+++ b/bins/unzzipcat-big.c
-@@ -53,6 +53,48 @@ static void unzzip_cat_file(FILE* disk, char* name, FILE* out)
-     }
- }
- 
-+/*
-+ * NAME: remove_dotdotslash
-+ * PURPOSE: To remove any "../" components from the given pathname
-+ * ARGUMENTS: path: path name with maybe "../" components
-+ * RETURNS: Nothing, "path" is modified in-place
-+ * NOTE: removing "../" from the path ALWAYS shortens the path, never adds to it!
-+ *	Also, "path" is not used after creating it.
-+ *	So modifying "path" in-place is safe to do.
-+ */
-+static inline void
-+remove_dotdotslash(char *path)
-+{
-+    /* Note: removing "../" from the path ALWAYS shortens the path, never adds to it! */
-+    char *dotdotslash;
-+    int warned = 0;
-+
-+    dotdotslash = path;
-+    while ((dotdotslash = strstr(dotdotslash, "../")) != NULL)
-+    {
-+        /*
-+         * Remove only if at the beginning of the pathname ("../path/name")
-+         * or when preceded by a slash ("path/../name"),
-+         * otherwise not ("path../name..")!
-+         */
-+        if (dotdotslash == path || dotdotslash[-1] == '/')
-+        {
-+            char *src, *dst;
-+            if (!warned)
-+            {
-+                /* Note: the first time through the pathname is still intact */
-+                fprintf(stderr, "Removing \"../\" path component(s) in %s\n", path);
-+                warned = 1;
-+            }
-+            /* We cannot use strcpy(), as there "The strings may not overlap" */
-+            for (src = dotdotslash+3, dst=dotdotslash; (*dst = *src) != '\0'; src++, dst++)
-+                ;
-+        }
-+        else
-+            dotdotslash +=3;	/* skip this instance to prevent infinite loop */
-+    }
-+}
-+
- static void makedirs(const char* name)
- {
-       char* p = strrchr(name, '/');
-@@ -70,6 +112,16 @@ static void makedirs(const char* name)
- 
- static FILE* create_fopen(char* name, char* mode, int subdirs)
- {
-+   char *name_stripped;
-+   FILE *fp;
-+   int mustfree = 0;
-+
-+   if ((name_stripped = strdup(name)) != NULL)
-+   {
-+       remove_dotdotslash(name_stripped);
-+       name = name_stripped;
-+       mustfree = 1;
-+   }
-    if (subdirs)
-    {
-       char* p = strrchr(name, '/');
-@@ -79,7 +131,10 @@ static FILE* create_fopen(char* name, char* mode, int subdirs)
-           free (dir_name);
-       }
-    }
--   return fopen(name, mode);      
-+   fp = fopen(name, mode);
-+   if (mustfree)
-+       free(name_stripped);
-+    return fp;
- }
- 
- 
-diff --git a/bins/unzzipcat-mem.c b/bins/unzzipcat-mem.c
-index 9bc966b..793bde8 100644
---- a/bins/unzzipcat-mem.c
-+++ b/bins/unzzipcat-mem.c
-@@ -58,6 +58,48 @@ static void unzzip_mem_disk_cat_file(ZZIP_MEM_DISK* disk, char* name, FILE* out)
-     }
- }
- 
-+/*
-+ * NAME: remove_dotdotslash
-+ * PURPOSE: To remove any "../" components from the given pathname
-+ * ARGUMENTS: path: path name with maybe "../" components
-+ * RETURNS: Nothing, "path" is modified in-place
-+ * NOTE: removing "../" from the path ALWAYS shortens the path, never adds to it!
-+ *	Also, "path" is not used after creating it.
-+ *	So modifying "path" in-place is safe to do.
-+ */
-+static inline void
-+remove_dotdotslash(char *path)
-+{
-+    /* Note: removing "../" from the path ALWAYS shortens the path, never adds to it! */
-+    char *dotdotslash;
-+    int warned = 0;
-+
-+    dotdotslash = path;
-+    while ((dotdotslash = strstr(dotdotslash, "../")) != NULL)
-+    {
-+        /*
-+         * Remove only if at the beginning of the pathname ("../path/name")
-+         * or when preceded by a slash ("path/../name"),
-+         * otherwise not ("path../name..")!
-+         */
-+        if (dotdotslash == path || dotdotslash[-1] == '/')
-+        {
-+            char *src, *dst;
-+            if (!warned)
-+            {
-+                /* Note: the first time through the pathname is still intact */
-+                fprintf(stderr, "Removing \"../\" path component(s) in %s\n", path);
-+                warned = 1;
-+            }
-+            /* We cannot use strcpy(), as there "The strings may not overlap" */
-+            for (src = dotdotslash+3, dst=dotdotslash; (*dst = *src) != '\0'; src++, dst++)
-+                ;
-+        }
-+        else
-+            dotdotslash +=3;	/* skip this instance to prevent infinite loop */
-+    }
-+}
-+
- static void makedirs(const char* name)
- {
-       char* p = strrchr(name, '/');
-@@ -75,6 +117,16 @@ static void makedirs(const char* name)
- 
- static FILE* create_fopen(char* name, char* mode, int subdirs)
- {
-+   char *name_stripped;
-+   FILE *fp;
-+   int mustfree = 0;
-+
-+   if ((name_stripped = strdup(name)) != NULL)
-+   {
-+       remove_dotdotslash(name_stripped);
-+       name = name_stripped;
-+       mustfree = 1;
-+   }
-    if (subdirs)
-    {
-       char* p = strrchr(name, '/');
-@@ -84,7 +136,10 @@ static FILE* create_fopen(char* name, char* mode, int subdirs)
-           free (dir_name);
-       }
-    }
--   return fopen(name, mode);      
-+   fp = fopen(name, mode);
-+   if (mustfree)
-+       free(name_stripped);
-+    return fp;
- }
- 
- static int unzzip_cat (int argc, char ** argv, int extract)
-diff --git a/bins/unzzipcat-mix.c b/bins/unzzipcat-mix.c
-index 91c2f00..73b6ed6 100644
---- a/bins/unzzipcat-mix.c
-+++ b/bins/unzzipcat-mix.c
-@@ -69,6 +69,48 @@ static void unzzip_cat_file(ZZIP_DIR* disk, char* name, FILE* out)
-     }
- }
- 
-+/*
-+ * NAME: remove_dotdotslash
-+ * PURPOSE: To remove any "../" components from the given pathname
-+ * ARGUMENTS: path: path name with maybe "../" components
-+ * RETURNS: Nothing, "path" is modified in-place
-+ * NOTE: removing "../" from the path ALWAYS shortens the path, never adds to it!
-+ *	Also, "path" is not used after creating it.
-+ *	So modifying "path" in-place is safe to do.
-+ */
-+static inline void
-+remove_dotdotslash(char *path)
-+{
-+    /* Note: removing "../" from the path ALWAYS shortens the path, never adds to it! */
-+    char *dotdotslash;
-+    int warned = 0;
-+
-+    dotdotslash = path;
-+    while ((dotdotslash = strstr(dotdotslash, "../")) != NULL)
-+    {
-+        /*
-+         * Remove only if at the beginning of the pathname ("../path/name")
-+         * or when preceded by a slash ("path/../name"),
-+         * otherwise not ("path../name..")!
-+         */
-+        if (dotdotslash == path || dotdotslash[-1] == '/')
-+        {
-+            char *src, *dst;
-+            if (!warned)
-+            {
-+                /* Note: the first time through the pathname is still intact */
-+                fprintf(stderr, "Removing \"../\" path component(s) in %s\n", path);
-+                warned = 1;
-+            }
-+            /* We cannot use strcpy(), as there "The strings may not overlap" */
-+            for (src = dotdotslash+3, dst=dotdotslash; (*dst = *src) != '\0'; src++, dst++)
-+                ;
-+        }
-+        else
-+            dotdotslash +=3;	/* skip this instance to prevent infinite loop */
-+    }
-+}
-+
- static void makedirs(const char* name)
- {
-       char* p = strrchr(name, '/');
-@@ -86,6 +128,16 @@ static void makedirs(const char* name)
- 
- static FILE* create_fopen(char* name, char* mode, int subdirs)
- {
-+   char *name_stripped;
-+   FILE *fp;
-+   int mustfree = 0;
-+
-+   if ((name_stripped = strdup(name)) != NULL)
-+   {
-+       remove_dotdotslash(name_stripped);
-+       name = name_stripped;
-+       mustfree = 1;
-+   }
-    if (subdirs)
-    {
-       char* p = strrchr(name, '/');
-@@ -95,7 +147,10 @@ static FILE* create_fopen(char* name, char* mode, int subdirs)
-           free (dir_name);
-       }
-    }
--   return fopen(name, mode);      
-+   fp = fopen(name, mode);
-+   if (mustfree)
-+       free(name_stripped);
-+    return fp;
- }
- 
- static int unzzip_cat (int argc, char ** argv, int extract)
-diff --git a/bins/unzzipcat-zip.c b/bins/unzzipcat-zip.c
-index 2810f85..7f7f3fa 100644
---- a/bins/unzzipcat-zip.c
-+++ b/bins/unzzipcat-zip.c
-@@ -69,6 +69,48 @@ static void unzzip_cat_file(ZZIP_DIR* disk, char* name, FILE* out)
-     }
- }
- 
-+/*
-+ * NAME: remove_dotdotslash
-+ * PURPOSE: To remove any "../" components from the given pathname
-+ * ARGUMENTS: path: path name with maybe "../" components
-+ * RETURNS: Nothing, "path" is modified in-place
-+ * NOTE: removing "../" from the path ALWAYS shortens the path, never adds to it!
-+ *	Also, "path" is not used after creating it.
-+ *	So modifying "path" in-place is safe to do.
-+ */
-+static inline void
-+remove_dotdotslash(char *path)
-+{
-+    /* Note: removing "../" from the path ALWAYS shortens the path, never adds to it! */
-+    char *dotdotslash;
-+    int warned = 0;
-+
-+    dotdotslash = path;
-+    while ((dotdotslash = strstr(dotdotslash, "../")) != NULL)
-+    {
-+        /*
-+         * Remove only if at the beginning of the pathname ("../path/name")
-+         * or when preceded by a slash ("path/../name"),
-+         * otherwise not ("path../name..")!
-+         */
-+        if (dotdotslash == path || dotdotslash[-1] == '/')
-+        {
-+            char *src, *dst;
-+            if (!warned)
-+            {
-+                /* Note: the first time through the pathname is still intact */
-+                fprintf(stderr, "Removing \"../\" path component(s) in %s\n", path);
-+                warned = 1;
-+            }
-+            /* We cannot use strcpy(), as there "The strings may not overlap" */
-+            for (src = dotdotslash+3, dst=dotdotslash; (*dst = *src) != '\0'; src++, dst++)
-+                ;
-+        }
-+        else
-+            dotdotslash +=3;	/* skip this instance to prevent infinite loop */
-+    }
-+}
-+
- static void makedirs(const char* name)
- {
-       char* p = strrchr(name, '/');
-@@ -86,6 +128,16 @@ static void makedirs(const char* name)
- 
- static FILE* create_fopen(char* name, char* mode, int subdirs)
- {
-+   char *name_stripped;
-+   FILE *fp;
-+   int mustfree = 0;
-+
-+   if ((name_stripped = strdup(name)) != NULL)
-+   {
-+       remove_dotdotslash(name_stripped);
-+       name = name_stripped;
-+       mustfree = 1;
-+   }
-    if (subdirs)
-    {
-       char* p = strrchr(name, '/');
-@@ -95,7 +147,10 @@ static FILE* create_fopen(char* name, char* mode, int subdirs)
-           free (dir_name);
-       }
-    }
--   return fopen(name, mode);
-+   fp = fopen(name, mode);
-+   if (mustfree)
-+       free(name_stripped);
-+    return fp;
- }
- 
- static int unzzip_cat (int argc, char ** argv, int extract)

CVE-2020-18442.patch

@@ -0,0 +1,218 @@
+From ac9ae39ef419e9f0f83da1e583314d8c7cda34a6 Mon Sep 17 00:00:00 2001
+From: Guido Draheim <guidod@gmx.de>
+Date: Mon, 4 Jan 2021 21:48:45 +0100
+Subject: [PATCH 1/7] #68 ssize_t return value of zzip_file_read is a signed
+ value being possibly -1
+
+---
+ bins/unzzipcat-zip.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/bins/unzzipcat-zip.c b/bins/unzzipcat-zip.c
+index dd78c2b..385aeaf 100644
+--- a/bins/unzzipcat-zip.c
++++ b/bins/unzzipcat-zip.c
+@@ -34,7 +34,7 @@ static void unzzip_cat_file(ZZIP_DIR* disk, char* name, FILE* out)
+     if (file) 
+     {
+ 	char buffer[1024]; int len;
+-	while ((len = zzip_file_read (file, buffer, 1024))) 
++	while (0 < (len = zzip_file_read (file, buffer, 1024))) 
+ 	{
+ 	    fwrite (buffer, 1, len, out);
+ 	}
+-- 
+2.32.0
+
+
+From 7e786544084548da7fcfcd9090d3c4e7f5777f7e Mon Sep 17 00:00:00 2001
+From: Guido Draheim <guidod@gmx.de>
+Date: Mon, 4 Jan 2021 21:50:26 +0100
+Subject: [PATCH 2/7] #68 return value of zzip_mem_disk_fread is signed
+
+---
+ bins/unzip-mem.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/bins/unzip-mem.c b/bins/unzip-mem.c
+index cc009f8..50eb5a6 100644
+--- a/bins/unzip-mem.c
++++ b/bins/unzip-mem.c
+@@ -81,7 +81,7 @@ static void zzip_mem_entry_pipe(ZZIP_MEM_DISK* disk,
+     if (file) 
+     {
+ 	char buffer[1024]; int len;
+-	while ((len = zzip_mem_disk_fread (buffer, 1024, 1, file)))
++	while (0 < (len = zzip_mem_disk_fread (buffer, 1024, 1, file)))
+ 	    fwrite (buffer, len, 1, out);
+ 	
+ 	zzip_mem_disk_fclose (file);
+@@ -115,7 +115,7 @@ static void zzip_mem_entry_test(ZZIP_MEM_DISK* disk,
+     {
+ 	unsigned long crc = crc32 (0L, NULL, 0);
+ 	unsigned char buffer[1024]; int len; 
+-	while ((len = zzip_mem_disk_fread (buffer, 1024, 1, file))) {
++	while (0 < (len = zzip_mem_disk_fread (buffer, 1024, 1, file))) {
+ 	    crc = crc32 (crc, buffer, len);
+ 	}
+ 	
+-- 
+2.32.0
+
+
+From d453977f59ca59c61bf59dec28dd724498828f2a Mon Sep 17 00:00:00 2001
+From: Guido Draheim <guidod@gmx.de>
+Date: Mon, 4 Jan 2021 21:51:12 +0100
+Subject: [PATCH 3/7] #68 return value of zzip_entry_fread is signed
+
+---
+ bins/unzzipcat-big.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/bins/unzzipcat-big.c b/bins/unzzipcat-big.c
+index 111ef47..ecebe11 100644
+--- a/bins/unzzipcat-big.c
++++ b/bins/unzzipcat-big.c
+@@ -26,7 +26,7 @@ static void unzzip_big_entry_fprint(ZZIP_ENTRY* entry, FILE* out)
+     if (file) 
+     {
+ 	char buffer[1024]; int len;
+-	while ((len = zzip_entry_fread (buffer, 1024, 1, file)))
++	while (0 < (len = zzip_entry_fread (buffer, 1024, 1, file)))
+ 	{
+ 	    DBG2("entry read %i", len);
+ 	    fwrite (buffer, len, 1, out);
+@@ -45,7 +45,7 @@ static void unzzip_cat_file(FILE* disk, char* name, FILE* out)
+     if (file) 
+     {
+ 	char buffer[1024]; int len;
+-	while ((len = zzip_entry_fread (buffer, 1024, 1, file)))
++	while (0 < (len = zzip_entry_fread (buffer, 1024, 1, file)))
+ 	    fwrite (buffer, len, 1, out);
+ 	
+ 	zzip_entry_fclose (file);
+-- 
+2.32.0
+
+
+From 0a9db9ded9d15fbdb63bf5cf451920d0a368c00e Mon Sep 17 00:00:00 2001
+From: Guido Draheim <guidod@gmx.de>
+Date: Mon, 4 Jan 2021 21:51:56 +0100
+Subject: [PATCH 4/7] #68 return value of zzip_mem_disk_fread is signed
+
+---
+ bins/unzzipcat-mem.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/bins/unzzipcat-mem.c b/bins/unzzipcat-mem.c
+index 6bd79b7..1b5bc22 100644
+--- a/bins/unzzipcat-mem.c
++++ b/bins/unzzipcat-mem.c
+@@ -35,7 +35,7 @@ static void unzzip_mem_entry_fprint(ZZIP_MEM_DISK* disk,
+     if (file) 
+     {
+ 	char buffer[1024]; int len;
+-	while ((len = zzip_mem_disk_fread (buffer, 1024, 1, file)))
++	while (0 < (len = zzip_mem_disk_fread (buffer, 1024, 1, file)))
+ 	    fwrite (buffer, len, 1, out);
+ 	
+ 	zzip_mem_disk_fclose (file);
+@@ -48,7 +48,7 @@ static void unzzip_mem_disk_cat_file(ZZIP_MEM_DISK* disk, char* name, FILE* out)
+     if (file) 
+     {
+ 	char buffer[1025]; int len;
+-	while ((len = zzip_mem_disk_fread (buffer, 1, 1024, file))) 
++	while (0 < (len = zzip_mem_disk_fread (buffer, 1, 1024, file))) 
+ 	{
+ 	    fwrite (buffer, 1, len, out);
+ 	}
+-- 
+2.32.0
+
+
+From a34a96fbda1e58fbec5c79f4c0b5063e031ce11d Mon Sep 17 00:00:00 2001
+From: Guido Draheim <guidod@gmx.de>
+Date: Mon, 4 Jan 2021 21:52:47 +0100
+Subject: [PATCH 5/7] #68 return value of zzip_fread is signed
+
+---
+ bins/unzzipcat-mix.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/bins/unzzipcat-mix.c b/bins/unzzipcat-mix.c
+index e18987d..8f3d0b8 100644
+--- a/bins/unzzipcat-mix.c
++++ b/bins/unzzipcat-mix.c
+@@ -34,7 +34,7 @@ static void unzzip_cat_file(ZZIP_DIR* disk, char* name, FILE* out)
+     if (file) 
+     {
+ 	char buffer[1024]; int len;
+-	while ((len = zzip_fread (buffer, 1, 1024, file))) 
++	while (0 < (len = zzip_fread (buffer, 1, 1024, file))) 
+ 	{
+ 	    fwrite (buffer, 1, len, out);
+ 	}
+-- 
+2.32.0
+
+
+From fa1f78abe1b08544061204019016809664f2618c Mon Sep 17 00:00:00 2001
+From: Guido Draheim <guidod@gmx.de>
+Date: Mon, 4 Jan 2021 21:53:50 +0100
+Subject: [PATCH 6/7] #68 return value of zzip_entry_fread is signed
+
+---
+ bins/unzzipshow.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/bins/unzzipshow.c b/bins/unzzipshow.c
+index 9d8c2ed..5672d3b 100644
+--- a/bins/unzzipshow.c
++++ b/bins/unzzipshow.c
+@@ -22,7 +22,7 @@ static void zzip_entry_fprint(ZZIP_ENTRY* entry, FILE* out)
+     if (file) 
+     {
+ 	char buffer[1024]; int len;
+-	while ((len = zzip_entry_fread (buffer, 1024, 1, file)))
++	while (0 < (len = zzip_entry_fread (buffer, 1024, 1, file)))
+ 	    fwrite (buffer, len, 1, out);
+ 
+ 	zzip_entry_fclose (file);
+@@ -35,7 +35,7 @@ static void zzip_cat_file(FILE* disk, char* name, FILE* out)
+     if (file) 
+     {
+ 	char buffer[1024]; int len;
+-	while ((len = zzip_entry_fread (buffer, 1024, 1, file)))
++	while (0 < (len = zzip_entry_fread (buffer, 1024, 1, file)))
+ 	    fwrite (buffer, len, 1, out);
+ 	
+ 	zzip_entry_fclose (file);
+-- 
+2.32.0
+
+
+From f7a6fa9f0c29aecb4c2299568ed2e6094c34aca7 Mon Sep 17 00:00:00 2001
+From: Guido Draheim <guidod@gmx.de>
+Date: Mon, 4 Jan 2021 21:55:08 +0100
+Subject: [PATCH 7/7] #68 return value of posix read(2) is signed
+
+---
+ bins/zzipmake-zip.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/bins/zzipmake-zip.c b/bins/zzipmake-zip.c
+index 8e09c31..b37877c 100644
+--- a/bins/zzipmake-zip.c
++++ b/bins/zzipmake-zip.c
+@@ -57,7 +57,7 @@ int rezzip_make (int argc, char ** argv)
+ 		continue;
+ 	    }
+ 
+-	    while ((n = read (input, buf, 16)))
++	    while (0 < (n = read (input, buf, 16)))
+ 	    {
+ 		zzip_write (output, buf, n);
+ 	    }
+-- 
+2.32.0
+

gating.yaml

@@ -0,0 +1,6 @@
+--- !Policy
+product_versions:
+  - rhel-9
+decision_context: osci_compose_gate
+rules:
+  - !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional}

multilib-32.patch

@@ -0,0 +1,29 @@
+--- ./a/zzip/_config.h	2021-07-21 14:18:09.000000000 +0200
++++ ./b/zzip/_config.h	2021-07-21 14:46:24.037432969 +0200
+@@ -138,9 +138,12 @@
+ 
+ /* whether the system defaults to 32bit off_t but can do 64bit when requested
+    */
++#if __WORDSIZE == 32
+ #ifndef ZZIP_LARGEFILE_SENSITIVE 
+ #define ZZIP_LARGEFILE_SENSITIVE  1 
+ #endif
++#endif
++/* #undef LARGEFILE_SENSITIVE */
+ 
+ /* Define to the sub-directory where libtool stores uninstalled libraries. */
+ #ifndef ZZIP_LT_OBJDIR 
+@@ -227,9 +230,13 @@
+ #endif
+ 
+ /* Number of bits in a file offset, on hosts where this is settable. */
++#if __WORDSIZE == 32
+ #ifndef ZZIP__FILE_OFFSET_BITS 
+ #define ZZIP__FILE_OFFSET_BITS  64 
+ #endif
++#endif
++/* #undef _FILE_OFFSET_BITS */
++
+ 
+ /* Define for large files, on AIX-style hosts. */
+ /* #undef _LARGE_FILES */

multilib-64.patch

@@ -0,0 +1,29 @@
+--- ./a/zzip/_config.h	2021-07-21 14:18:14.000000000 +0200
++++ ./b/zzip/_config.h	2021-07-21 14:46:24.037432969 +0200
+@@ -138,6 +138,11 @@
+ 
+ /* whether the system defaults to 32bit off_t but can do 64bit when requested
+    */
++#if __WORDSIZE == 32
++#ifndef ZZIP_LARGEFILE_SENSITIVE 
++#define ZZIP_LARGEFILE_SENSITIVE  1 
++#endif
++#endif
+ /* #undef LARGEFILE_SENSITIVE */
+ 
+ /* Define to the sub-directory where libtool stores uninstalled libraries. */
+@@ -225,8 +230,14 @@
+ #endif
+ 
+ /* Number of bits in a file offset, on hosts where this is settable. */
++#if __WORDSIZE == 32
++#ifndef ZZIP__FILE_OFFSET_BITS 
++#define ZZIP__FILE_OFFSET_BITS  64 
++#endif
++#endif
+ /* #undef _FILE_OFFSET_BITS */
+ 
++
+ /* Define for large files, on AIX-style hosts. */
+ /* #undef _LARGE_FILES */
+ 

sources

@@ -1 +1,3 @@
-SHA512 (v0.13.69.tar.gz) = ade026289737f43ca92a8746818d87dd7618d473dbce159546ce9071c9e4cbe164a6b1c9efff16efb7aa0327b2ec6b34f3256c6bda19cd6e325703fffc810ef0
+SHA512 (v0.13.71-pruned.tar.gz) = a121e2d6bd545350623571055559575bad8ef620ae66cd1bf8112c089b06cd5a293799edc68171dfb64798328f1208b1fdeb6d0a208b3e682e03a578ae092570
+SHA512 (match.py) = cd76328f468dd96d2d453bfc9ae66b6d560f9caa59b08a467ff71b862123bc50191d71d3af2fed837bab780cd3d6403b2053871249b01227ef072b4e3fe938d3
+SHA512 (options.py) = 47a581611a6dfca92013ae8029bdb48ab0c711ca5e2981a0fabc6fa9e59739b9bfbe8df2d1ac5b15e20e238e15516588c0dd13f7375d6706e22456e54084e610

tests/gating/all.sh

@@ -0,0 +1,55 @@
+#!/bin/bash
+# Copyright (C) 2019  Jakub Martisko <jamartis at redhat dot com>
+
+# All rights reserved.
+
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+
+#     * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+#     * Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following disclaimer
+# in the documentation and/or other materials provided with the
+# distribution.
+
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+passed=0
+subtests=(build)
+total=${#subtests[@]}
+skipped=0
+
+for subtest in ${subtests[@]}
+do
+  #tests to be skipped
+  if [ $subtest == "foo" ]
+  then
+     ((skipped++))
+     continue
+  fi
+	pushd $subtest >/dev/null
+	./test.sh
+	result=$?
+	echo "Test $subtest result: $result"
+	if [ "$result" == "0" ]
+       	then
+		((passed++))
+	fi
+	popd >/dev/null
+done
+
+echo "Passed $passed/$total tests"
+echo "Skipped $skipped/$total tests"
+[[ $total == $((passed + skipped)) ]] || exit 1

tests/gating/build/__debug.h

@@ -0,0 +1,96 @@
+#ifndef __ZZIP_INTERNAL_DEBUG_H
+#define __ZZIP_INTERNAL_DEBUG_H
+
+#include <zzip/conf.h>
+#include "__hints.h"
+
+/* perhaps want to show on syslog(3) ?? */
+
+#ifdef DEBUG
+#include <stdio.h>
+#define MSG1(X1) ZZIP_FOR1 { \
+        fprintf(stderr,"\n%s:%i:"X1"\n", ZZIP_FUNC,__LINE__ \
+	    ); } ZZIP_END1
+#define MSG2(X1,X2) ZZIP_FOR1 { \
+        fprintf(stderr,"\n%s:%i:"X1"\n", ZZIP_FUNC,__LINE__ \
+		,X2);} ZZIP_END1
+#define MSG3(X1,X2,X3) ZZIP_FOR1 { \
+        fprintf(stderr,"\n%s:%i:"X1"\n", ZZIP_FUNC,__LINE__ \
+		 ,X2,X3); } ZZIP_END1
+#define MSG4(X1,X2,X3,X4)   ZZIP_FOR1 { \
+        fprintf(stderr,"\n%s:%i:"X1"\n", ZZIP_FUNC,__LINE__ \
+		 ,X2,X3,X4); } ZZIP_END1
+#define MSG5(X1,X2,X3,X4,X5)   ZZIP_FOR1 { \
+        fprintf(stderr,"\n%s:%i:"X1"\n", ZZIP_FUNC,__LINE__ \
+		 ,X2,X3,X4,X5); } ZZIP_END1
+#define MSG6(X1,X2,X3,X4,X5,X6)   ZZIP_FOR1 { \
+        fprintf(stderr,"\n%s:%i:"X1"\n", ZZIP_FUNC,__LINE__ \
+		 ,X2,X3,X4,X5,X6); } ZZIP_END1
+
+#else
+#define MSG1(X1) {}
+#define MSG2(X1,X2) {}
+#define MSG3(X1,X2,X3) {}
+#define MSG4(X1,X2,X3,X4) {}
+#define MSG5(X1,X2,X3,X4,X5) {}
+#define MSG6(X1,X2,X3,X4,X5,X6) {}
+#endif
+
+#define DBG1(X1)                     MSG1("DEBUG: " X1) 
+#define DBG2(X1,X2)                  MSG2("DEBUG: " X1,X2) 
+#define DBG3(X1,X2,X3)               MSG3("DEBUG: " X1,X2,X3) 
+#define DBG4(X1,X2,X3,X4)            MSG4("DEBUG: " X1,X2,X3,X4) 
+#define DBG5(X1,X2,X3,X4,X5)         MSG5("DEBUG: " X1,X2,X3,X4,X5) 
+#define DBG6(X1,X2,X3,X4,X5,X6)      MSG6("DEBUG: " X1,X2,X3,X4,X5,X6) 
+
+#define HINT1(X1)                     MSG1("HINT: " X1) 
+#define HINT2(X1,X2)                  MSG2("HINT: " X1,X2) 
+#define HINT3(X1,X2,X3)               MSG3("HINT: " X1,X2,X3) 
+#define HINT4(X1,X2,X3,X4)            MSG4("HINT: " X1,X2,X3,X4) 
+#define HINT5(X1,X2,X3,X4,X5)         MSG5("HINT: " X1,X2,X3,X4,X5) 
+#define HINT6(X1,X2,X3,X4,X5,X6)      MSG6("HINT: " X1,X2,X3,X4,X5,X6) 
+
+#define NOTE1(X1)                     MSG1("NOTE: " X1) 
+#define NOTE2(X1,X2)                  MSG2("NOTE: " X1,X2) 
+#define NOTE3(X1,X2,X3)               MSG3("NOTE: " X1,X2,X3) 
+#define NOTE4(X1,X2,X3,X4)            MSG4("NOTE: " X1,X2,X3,X4) 
+#define NOTE5(X1,X2,X3,X4,X5)         MSG5("NOTE: " X1,X2,X3,X4,X5) 
+#define NOTE6(X1,X2,X3,X4,X5,X6)      MSG6("NOTE: " X1,X2,X3,X4,X5,X6) 
+
+#define WARN1(X1)                     MSG1("WARN: " X1) 
+#define WARN2(X1,X2)                  MSG2("WARN: " X1,X2) 
+#define WARN3(X1,X2,X3)               MSG3("WARN: " X1,X2,X3) 
+#define WARN4(X1,X2,X3,X4)            MSG4("WARN: " X1,X2,X3,X4) 
+#define WARN5(X1,X2,X3,X4,X5)         MSG5("WARN: " X1,X2,X3,X4,X5) 
+#define WARN6(X1,X2,X3,X4,X5,X6)      MSG6("WARN: " X1,X2,X3,X4,X5,X6) 
+
+#define FAIL1(X1)                     MSG1("FAIL: " X1) 
+#define FAIL2(X1,X2)                  MSG2("FAIL: " X1,X2) 
+#define FAIL3(X1,X2,X3)               MSG3("FAIL: " X1,X2,X3) 
+#define FAIL4(X1,X2,X3,X4)            MSG4("FAIL: " X1,X2,X3,X4) 
+#define FAIL5(X1,X2,X3,X4,X5)         MSG5("FAIL: " X1,X2,X3,X4,X5) 
+#define FAIL6(X1,X2,X3,X4,X5,X6)      MSG6("FAIL: " X1,X2,X3,X4,X5,X6) 
+
+
+
+#ifdef DEBUG
+_zzip_inline static void zzip_debug_xbuf (unsigned char* p, int l)
+    /* ZZIP_GNUC_UNUSED */
+{
+#   define q(a) ((a&0x7F)<32?32:(a&0x7F))
+    while (l > 0)
+    {
+        fprintf (stderr, 
+		 "%02x %02x %02x %02x  "
+		 "%02x %02x %02x %02x  "
+		 "%c%c%c%c %c%c%c%c\n",
+		 p[0], p[1], p[2], p[3], p[4], p[5], p[6], p[7],
+		 q(p[0]), q(p[1]), q(p[2]), q(p[3]), 
+		 q(p[4]), q(p[5]), q(p[6]), q(p[7]));
+        p += 8; l -= 8;
+    }
+#   undef q
+}
+#endif
+
+#endif

tests/gating/build/__fnmatch.h

@@ -0,0 +1,32 @@
+#ifndef __ZZIP_INTERNAL_FNMATCH_H
+#define __ZZIP_INTERNAL_FNMATCH_H
+/** included by fseeko.c, mmapped.c, memdisk.c */
+
+#include <zzip/conf.h>
+#include <stdio.h>
+#include <string.h>
+
+#ifdef ZZIP_HAVE_FNMATCH_H
+#include <fnmatch.h>
+#endif
+
+#ifdef ZZIP_HAVE_FNMATCH_H
+#define _zzip_fnmatch fnmatch
+# ifdef FNM_CASEFOLD
+# define _zzip_FNM_CASEFOLD FNM_CASEFOLD
+# else
+# define _zzip_FNM_CASEFOLD 0
+# endif
+#else
+# define _zzip_FNM_CASEFOLD 0
+/* if your system does not have fnmatch, we fall back to strcmp: */
+static int _zzip_fnmatch(char* pattern, char* string, int flags)
+{ 
+#   ifdef DBG2
+    DBG1("<zzip:mmapped:strcmp>");
+#   endif
+    return strcmp (pattern, string); 
+}
+#endif
+
+#endif

tests/gating/build/__hints.h

@@ -0,0 +1,195 @@
+#ifndef __ZZIP_INTERNAL_HINTS_H
+#define __ZZIP_INTERNAL_HINTS_H
+#include <zzip/conf.h>
+
+#ifndef ZZIP_GNUC_ATLEAST
+# if defined __GNUC__ && defined __GNUC_MINOR__
+# define ZZIP_GNUC_ATLEAST(_M_,_N_) \
+        ((__GNUC__ << 10) + __GNUC_MINOR__ >= ((_M_) << 10) + (_N_))
+# elif defined __GNUC__
+# define ZZIP_GNUC_ATLEAST(_M_,_N_) \
+        ((__GNUC__ << 10) >= ((_M_) << 10))
+# else
+# define ZZIP_GNUC_ATLEAST(_M_, _N_) 0
+# endif
+#endif
+
+#ifndef ZZIP_GNUC_EXTENSION
+# if ZZIP_GNUC_ATLEAST(2,8)
+# define ZZIP_GNUC_EXTENSION __extension__
+# else
+# define ZZIP_GNUC_EXTENSION
+# endif
+#endif
+
+/* func has no side effects, return value depends only on params and globals */
+#ifndef ZZIP_GNUC_PURE
+# if ZZIP_GNUC_ATLEAST(2,8)
+# define ZZIP_GNUC_PURE __attribute__((__pure__))
+# else
+# define ZZIP_GNUC_PURE
+# endif
+#endif
+
+/* func has no side effects, return value depends only on params */
+#ifndef ZZIP_GNUC_CONST
+# if ZZIP_GNUC_ATLEAST(2,4)
+# define ZZIP_GNUC_CONST __attribute__((__const__))
+# else
+# define ZZIP_GNUC_CONST
+# endif
+#endif
+
+/* typename / variable / function possibly unused */
+#ifndef ZZIP_GNUC_UNUSED
+# if ZZIP_GNUC_ATLEAST(2,4)
+# define ZZIP_GNUC_UNUSED __attribute__((__unused__))
+# else
+# define ZZIP_GNUC_UNUSED
+# endif
+#endif
+
+/* obvious. btw, a noreturn-func should return void */
+#ifndef ZZIP_GNUC_NORETURN
+# if ZZIP_GNUC_ATLEAST(2,5)
+# define ZZIP_GNUC_NORETURN __attribute__((__noreturn__))
+# else
+# define ZZIP_GNUC_NORETURN
+# endif
+#endif
+
+/* omit function from profiling with -finstrument-functions */
+#ifndef ZZIP_GNUC_NO_INSTRUMENT
+# if ZZIP_GNUC_ATLEAST(2,4)
+# define ZZIP_GNUC_NO_INSTRUMENT __attribute__((__no_instrument_function__))
+# else
+# define ZZIP_GNUC_NO_INSTRUMENT
+# endif
+#endif
+
+/* all pointer args must not be null, and allow optimiztons based on the fact*/
+#ifndef ZZIP_GNUC_NONNULL
+# if ZZIP_GNUC_ATLEAST(3,1)
+# define ZZIP_GNUC_NONNULL __attribute__((nonnull))
+# else
+# define ZZIP_GNUC_NONNULL
+# endif
+#endif
+
+/* the function can not throw - the libc function are usually nothrow */
+#ifndef ZZIP_GNUC_NOTHROW
+# if ZZIP_GNUC_ATLEAST(3,2)
+# define ZZIP_GNUC_NOTHROW __attribute__((nothrow))
+# else
+# define ZZIP_GNUC_NOTHROW
+# endif
+#endif
+
+/* typename / function / variable is obsolete but still listed in headers */
+#ifndef ZZIP_GNUC_DEPRECATED
+# if ZZIP_GNUC_ATLEAST(3,1)
+# define ZZIP_GNUC_DEPRECATED __attribute__((deprecated))
+# else
+# define ZZIP_GNUC_DEPRECATED
+# endif
+#endif
+
+/* resolve references to this function during pre-linking the library */
+#ifndef ZZIP_GNUC_LIB_PROTECTED
+# if ZZIP_GNUC_ATLEAST(3,1)
+# define ZZIP_GNUC_LIB_PROTECTED __attribute__((visiblity("protected")))
+# else
+# define ZZIP_GNUC_LIB_PROTECTED
+# endif
+#endif
+
+/* func shall only be usable within the same lib (so, no entry in lib symtab)*/
+#ifndef ZZIP_GNUC_LIB_PRIVATE
+# if ZZIP_GNUC_ATLEAST(3,1)
+# define ZZIP_GNUC_LIB_PRIVATE __attribute__((visiblity("hidden")))
+# else
+# define ZZIP_GNUC_LIB_PRIVATE
+# endif
+#endif
+
+/* ... and not even passed as a function pointer reference to outside the lib*/
+#ifndef ZZIP_GNUC_LIB_INTERNAL
+# if ZZIP_GNUC_ATLEAST(3,1)
+# define ZZIP_GNUC_LIB_INTERNAL __attribute__((visiblity("internal")))
+# else
+# define ZZIP_GNUC_LIB_INTERNAL
+# endif
+#endif
+
+
+#ifndef ZZIP_GNUC_FORMAT
+# if ZZIP_GNUC_ATLEAST(2,4)
+# define ZZIP_GNUC_FORMAT(_X_) __attribute__((__format_arg__(_X_)))
+# else
+# define ZZIP_GNUC_FORMAT(_X_)
+# endif
+#endif
+
+#ifndef ZZIP_GNUC_SCANF
+# if ZZIP_GNUC_ATLEAST(2,4)
+# define ZZIP_GNUC_SCANF(_S_,_X_) __attribute__((__scanf__(_S_,_X_)))
+# else
+# define ZZIP_GNUC_SCANF(_S_,_X_)
+# endif
+#endif
+
+#ifndef ZZIP_GNUC_PRINTF
+# if ZZIP_GNUC_ATLEAST(2,4)
+# define ZZIP_GNUC_PRINTF(_S_,_X_) __attribute__((__printf__(_S_,_X_)))
+# else
+# define ZZIP_GNUC_PRINTF(_S_,_X_)
+# endif
+#endif
+
+#ifdef __GNUC__
+#define ZZIP_GNUC_PACKED __attribute__((packed))
+#else
+#define ZZIP_GNUC_PACKED
+#endif
+
+#ifndef ZZIP_FUNCTION
+# if ZZIP_GNUC_ATLEAST(2,6)
+# define ZZIP_FUNC             __FUNCTION__
+# define ZZIP_FUNCTION         __FUNCTION__
+# elif  defined __STDC_VERSION__ && __STDC_VERSION__ >= 199901L
+# define ZZIP_FUNC             __func__
+# define ZZIP_FUNCTION         ""
+# else
+# define ZZIP_FUNC             0
+# define ZZIP_FUNCTION         ""
+# endif
+#endif
+
+#ifndef ZZIP_STRING
+#define ZZIP_STRING(_X_)   ZZIP_STRING_(_X_)
+#define ZZIP_STRING_(_Y_)  #_Y_
+#endif
+
+#ifndef ZZIP_DIM
+#define ZZIP_DIM(_A_)  (sizeof(_A_) / sizeof ((_A_)[0]))
+#endif
+
+#if !(defined ZZIP_FOR1 && defined ZZIP_END1)
+# if defined sun || defined __sun__
+# define ZZIP_FOR1  if (1)
+# define ZZIP_END1  else (void)0
+# else
+# define ZZIP_FOR1  do
+# define ZZIP_END1  while (0)
+# endif
+#endif
+
+#ifndef ZZIP_BRANCH_OVER
+# if ZZIP_GNUC_ATLEAST(2,96)
+# define ZZIP_BRANCH_OVER(_X_) __builtin_expect((_X_),0)
+# else
+# define ZZIP_BRANCH_OVER(_X_) (_X_)
+# endif
+#endif
+
+#endif

tests/gating/build/__mkdir.h

@@ -0,0 +1,12 @@
+#ifndef __ZZIP_INTERNAL_MKDIR_H
+#define __ZZIP_INTERNAL_MKDIR_H
+
+#include <zzip/conf.h>
+
+#  ifdef ZZIP_HAVE_DIRECT_H
+#  define _zzip_mkdir(a,b) mkdir(a)
+#  else
+#  define _zzip_mkdir      mkdir
+#  endif
+
+#endif

tests/gating/build/__string.h

@@ -0,0 +1,67 @@
+#ifndef __ZZIP_INTERNAL_STRING_H
+#define __ZZIP_INTERNAL_STRING_H
+
+#ifdef __linux__
+#define _GNU_SOURCE _glibc_developers_are_idiots_to_call_strndup_gnu_specific_
+#endif
+
+#include <zzip/conf.h>
+
+#if   defined ZZIP_HAVE_STRING_H
+#include <string.h>
+#elif defined ZZIP_HAVE_STRINGS_H
+#include <strings.h>
+#endif
+
+
+#if defined ZZIP_HAVE_STRNDUP || defined strndup
+#define _zzip_strndup strndup
+#else
+
+/* if your system does not have strndup: */
+zzip__new__ static char *
+_zzip_strndup(char const *p, size_t maxlen)
+{
+    if (p == NULL)
+    {
+       return p;
+    } else 
+    {
+        size_t len = strnlen(p, maxlen);
+        char* r = malloc(len + 1);
+        if (r == NULL)
+            return NULL; /* errno = ENOMEM */
+        r[len] = '\0';
+        return memcpy(r, p, len);
+    }
+}
+#endif
+
+#if defined ZZIP_HAVE_STRCASECMP || defined strcasecmp
+#define _zzip_strcasecmp strcasecmp
+#else
+
+/* if your system does not have strcasecmp: */
+static int
+_zzip_strcasecmp(char *__zzip_restrict a, char *_zzip_restrict b)
+{
+    if (! a)
+        return (b) ? 1 : 0;
+    if (! b)
+        return -1;
+    while (1)
+    {
+        int v = tolower(*a) - tolower(*b);
+        if (v)
+            return v;
+        if (! *a)
+            return 1;
+        if (! *b)
+            return -1;
+        a++;
+        b++;
+    }
+}
+#endif
+
+#endif

tests/gating/build/test.sh

@@ -0,0 +1,5 @@
+#!/bin/bash
+
+(gcc unzzip.c  unzzipcat-zip.c unzzipdir-mix.c -lzzip -o foo && ./foo) || exit 1
+rm ./foo
+exit 0

tests/gating/build/unzzip-states.h

@@ -0,0 +1,24 @@
+#ifndef UNZZIP_STATES_H
+#define UNZZIP_STATES_H
+
+/* DIAGNOSTICS according to the unzip(1) manpage */
+
+#define EXIT_OK 0
+#define EXIT_WARNINGS 1
+#define EXIT_ERRORS 2
+#define EXIT_FILEFORMAT 3
+#define EXIT_ENOMEM 4
+#define EXIT_ENOTTY_FOR_PASSWORD 5
+#define EXIT_ENOMEM_ZIP_TO_DISK 6
+#define EXIT_ENOMEM_ZIP_TO_MEM 7
+#define EXIT_ZIP_NOT_FOUND 9
+#define EXIT_INVALID_OPTION 10
+#define EXIT_FILE_NOT_FOUND 11
+#define EXIT_DISKFULL 50
+#define EXIT_EARLY_END_OF_FILE 51
+#define EXIT_SIGTERM 80
+#define EXIT_UNSUPPORTED_COMPRESSION 81
+#define EXIT_WRONG_PASSWORD 82
+
+#endif
+

tests/gating/build/unzzip.c

@@ -0,0 +1,81 @@
+/*
+ *	Copyright (c) 2003 Guido Draheim <guidod@gmx.de>
+ *      Use freely under the restrictions of the ZLIB license.
+ *
+ *      This file is used as an example to clarify zzip api usage.
+ */
+
+#include <zzip/zzip.h>
+#include <stdio.h>
+#include <string.h>
+#include "unzzipcat-zip.h"
+#include "unzzipdir-zip.h"
+#include "unzzip-states.h"
+
+static const char usage[] = 
+{
+    "unzzip <dir>.. \n"
+    "  - unzzip the files contained in a zip archive.\n"
+    "  -p            print content of files to pipe\n"
+    "  -l            list names in archive (short format)\n"
+};
+
+static int unzzip_version(void)
+{
+    printf (__FILE__" version "ZZIP_PACKAGE" "ZZIP_VERSION"\n");
+    return 0;
+}
+
+static int unzzip_help(void)
+{
+    printf (usage);
+    return 0;
+}
+
+int 
+main (int argc, char ** argv)
+{
+    int argn;
+    int exitcode = 0;
+    zzip_error_t error;
+
+    if (argc <= 1 || ! strcmp (argv[1], "--help"))
+    {
+        return unzzip_help();
+    }
+    if (! strcmp (argv[1], "--version"))
+    {
+        return unzzip_version();
+    }
+    if (! strcmp (argv[1], "-l") || ! strcmp(argv[1], "--list"))
+    {
+        argc -= 1; argv += 1;
+        return unzzip_show_list(argc, argv);
+    }
+    if (! strcmp (argv[1], "-v") || ! strcmp(argv[1], "--versions"))
+    {
+        if (argc == 2)
+            return unzzip_version(); /* compatible with info-zip */
+        argc -= 1; argv += 1;
+        return unzzip_long_list(argc, argv);
+    }
+    if (! strcmp (argv[1], "-p") || ! strcmp(argv[1], "--pipe"))
+    {
+        argc -= 1; argv += 1;
+        return unzzip_print(argc, argv);
+    }
+
+    if (! strcmp (argv[1], "-"))
+    {
+        fprintf(stderr, "unknown option %s", argv[1]);
+        return EXIT_INVALID_OPTION;
+    }
+ 
+    return unzzip_extract(argc, argv);
+} 
+
+/* 
+ * Local variables:
+ * c-file-style: "stroustrup"
+ * End:
+ */

tests/gating/build/unzzipcat-zip.c

@@ -0,0 +1,235 @@
+/*
+ *	Copyright (c) 2003 Guido Draheim <guidod@gmx.de>
+ *      Use freely under the restrictions of the ZLIB license.
+ *
+ *      This file is used as an example to clarify zzip api usage.
+ */
+
+#include <zzip/lib.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/stat.h>
+#include "__mkdir.h"
+#include "__string.h"
+#include "__fnmatch.h"
+#include "__debug.h"
+#include "unzzipcat-zip.h"
+#include "unzzip-states.h"
+
+#ifdef ZZIP_HAVE_UNISTD_H
+#include <unistd.h>
+#endif
+#ifdef ZZIP_HAVE_IO_H
+#include <io.h>
+#endif
+
+static int exitcode(int e)
+{
+    switch (e)
+    {
+        case ZZIP_NO_ERROR:
+            return EXIT_OK;
+        case ZZIP_OUTOFMEM: /* out of memory */
+            return EXIT_ENOMEM;
+        case ZZIP_DIR_OPEN: /* failed to open zipfile, see errno for details */
+            return EXIT_ZIP_NOT_FOUND;
+        case ZZIP_DIR_STAT: /* failed to fstat zipfile, see errno for details */
+        case ZZIP_DIR_SEEK: /* failed to lseek zipfile, see errno for details */
+        case ZZIP_DIR_READ: /* failed to read zipfile, see errno for details */
+        case ZZIP_DIR_TOO_SHORT:
+        case ZZIP_DIR_EDH_MISSING:
+            return EXIT_FILEFORMAT;
+        case ZZIP_DIRSIZE:
+            return EXIT_EARLY_END_OF_FILE;
+        case ZZIP_ENOENT:
+            return EXIT_FILE_NOT_FOUND;
+        case ZZIP_UNSUPP_COMPR:
+            return EXIT_UNSUPPORTED_COMPRESSION;
+        case ZZIP_CORRUPTED:
+        case ZZIP_UNDEF:
+        case ZZIP_DIR_LARGEFILE:
+            return EXIT_FILEFORMAT;
+    }
+    return EXIT_ERRORS;
+}
+
+static void unzzip_cat_file(ZZIP_DIR* disk, char* name, FILE* out)
+{
+    ZZIP_FILE* file = zzip_file_open (disk, name, 0);
+    if (file) 
+    {
+	char buffer[1024]; int len;
+	while ((len = zzip_file_read (file, buffer, 1024))) 
+	{
+	    fwrite (buffer, 1, len, out);
+	}
+	
+	zzip_file_close (file);
+    }
+}
+
+/*
+ * NAME: remove_dotdotslash
+ * PURPOSE: To remove any "../" components from the given pathname
+ * ARGUMENTS: path: path name with maybe "../" components
+ * RETURNS: Nothing, "path" is modified in-place
+ * NOTE: removing "../" from the path ALWAYS shortens the path, never adds to it!
+ *	Also, "path" is not used after creating it.
+ *	So modifying "path" in-place is safe to do.
+ */
+static inline void
+remove_dotdotslash(char *path)
+{
+    /* Note: removing "../" from the path ALWAYS shortens the path, never adds to it! */
+    char *dotdotslash;
+    int warned = 0;
+
+    dotdotslash = path;
+    while ((dotdotslash = strstr(dotdotslash, "../")) != NULL)
+    {
+        /*
+         * Remove only if at the beginning of the pathname ("../path/name")
+         * or when preceded by a slash ("path/../name"),
+         * otherwise not ("path../name..")!
+         */
+        if (dotdotslash == path || dotdotslash[-1] == '/')
+        {
+            char *src, *dst;
+            if (!warned)
+            {
+                /* Note: the first time through the pathname is still intact */
+                fprintf(stderr, "Removing \"../\" path component(s) in %s\n", path);
+                warned = 1;
+            }
+            /* We cannot use strcpy(), as there "The strings may not overlap" */
+            for (src = dotdotslash+3, dst=dotdotslash; (*dst = *src) != '\0'; src++, dst++)
+                ;
+        }
+        else
+            dotdotslash +=3;	/* skip this instance to prevent infinite loop */
+    }
+}
+
+static void makedirs(const char* name)
+{
+      char* p = strrchr(name, '/');
+      if (p) {
+          char* dir_name = _zzip_strndup(name, p-name);
+          makedirs(dir_name);
+          free (dir_name);
+      } 
+      if (_zzip_mkdir(name, 0775) == -1 && errno != EEXIST)
+      {
+          DBG3("while mkdir %s : %s", name, strerror(errno));
+      }
+      errno = 0;
+}
+
+static FILE* create_fopen(char* name, char* mode, int subdirs)
+{
+   char *name_stripped;
+   FILE *fp;
+   int mustfree = 0;
+
+   if ((name_stripped = strdup(name)) != NULL)
+   {
+       remove_dotdotslash(name_stripped);
+       name = name_stripped;
+       mustfree = 1;
+   }
+   if (subdirs)
+   {
+      char* p = strrchr(name, '/');
+      if (p) {
+          char* dir_name = _zzip_strndup(name, p-name);
+          makedirs(dir_name); 
+          free (dir_name);
+      }
+   }
+   fp = fopen(name, mode);
+   if (mustfree)
+       free(name_stripped);
+    return fp;
+}
+
+static int unzzip_cat (int argc, char ** argv, int extract)
+{
+    int done = 0;
+    int argn;
+    ZZIP_DIR* disk;
+    zzip_error_t error;
+    
+    if (argc == 1)
+    {
+        printf (__FILE__" version "ZZIP_PACKAGE" "ZZIP_VERSION"\n");
+        return EXIT_OK; /* better provide an archive argument */
+    }
+    
+    disk = zzip_dir_open (argv[1], &error);
+    if (! disk) {
+	fprintf(stderr, "%s: %s\n", argv[1], zzip_strerror(error));
+	return exitcode(error);
+    }
+
+    if (argc == 2)
+    {  /* list all */
+	ZZIP_DIRENT entry;
+	while(zzip_dir_read(disk, &entry))
+	{
+	    char* name = entry.d_name;
+	    FILE* out = stdout;
+	    if (extract) out = create_fopen(name, "w", 1);
+	    if (! out) {
+		DBG3("fopen' %s : %s", name, strerror(errno));
+	        if (errno != EISDIR) done = EXIT_ERRORS;
+	        continue;
+	    }
+	    unzzip_cat_file (disk, name, out);
+	    if (extract) fclose(out);
+	}
+    }
+    else
+    {   /* list only the matching entries - in order of zip directory */
+	ZZIP_DIRENT entry;
+	while(zzip_dir_read(disk, &entry))
+	{
+	    char* name = entry.d_name;
+	    for (argn=1; argn < argc; argn++)
+	    {
+		if (! _zzip_fnmatch (argv[argn], name, 
+		    FNM_NOESCAPE|FNM_PATHNAME|FNM_PERIOD))
+	        {
+	            FILE* out = stdout;
+	            if (extract) out = create_fopen(name, "w", 1);
+		    if (! out) {
+			DBG3("fopen. %s : %s", name, strerror(errno));
+		        if (errno != EISDIR) done = EXIT_ERRORS;
+		        continue;
+		    }
+	            unzzip_cat_file (disk, name, out);
+	            if (extract) fclose(out);
+		    break; /* match loop */
+	        }
+	    }
+	}
+    }
+    zzip_dir_close(disk);
+    return done;
+} 
+
+int unzzip_print (int argc, char ** argv)
+{
+    return unzzip_cat(argc, argv, 0);
+}
+
+int unzzip_extract (int argc, char ** argv)
+{
+    return unzzip_cat(argc, argv, 1);
+}
+
+/* 
+ * Local variables:
+ * c-file-style: "stroustrup"
+ * End:
+ */

tests/gating/build/unzzipcat-zip.h

@@ -0,0 +1,10 @@
+/*
+ *	Copyright (c) 2003 Guido Draheim <guidod@gmx.de>
+ *      Use freely under the restrictions of the ZLIB license.
+ *
+ *      This file is used as an example to clarify zzip api usage.
+ */
+
+extern int unzzip_print(int argc, char** argv);
+extern int unzzip_extract(int argc, char** argv);
+

tests/gating/build/unzzipdir-mix.c

@@ -0,0 +1,150 @@
+/*
+ *	Copyright (c) 2003 Guido Draheim <guidod@gmx.de>
+ *      Use freely under the restrictions of the ZLIB license.
+ *
+ *      This file is used as an example to clarify zzip api usage.
+ */
+
+#include <zzip/lib.h>
+#include "__debug.h"
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "unzzipdir-zip.h"
+#include "unzzip-states.h"
+
+#ifdef ZZIP_HAVE_UNISTD_H
+#include <unistd.h>
+#endif
+#ifdef ZZIP_HAVE_IO_H
+#include <io.h>
+#endif
+
+#ifdef ZZIP_HAVE_FNMATCH_H
+#include <fnmatch.h>
+#else
+#define fnmatch(x,y,z) strcmp(x,y)
+#endif
+
+static const char* comprlevel[] = {
+    "stored",   "shrunk",   "redu:1",   "redu:2",   "redu:3",   "redu:4",
+    "impl:N",   "toknze",   "defl:N",   "defl:B",   "impl:B" };
+
+static int exitcode(int e)
+{
+    switch (e)
+    {
+        case ZZIP_NO_ERROR:
+            return EXIT_OK;
+        case ZZIP_OUTOFMEM: /* out of memory */
+            return EXIT_ENOMEM;
+        case ZZIP_DIR_OPEN: /* failed to open zipfile, see errno for details */
+            return EXIT_ZIP_NOT_FOUND;
+        case ZZIP_DIR_STAT: /* failed to fstat zipfile, see errno for details */
+        case ZZIP_DIR_SEEK: /* failed to lseek zipfile, see errno for details */
+        case ZZIP_DIR_READ: /* failed to read zipfile, see errno for details */
+        case ZZIP_DIR_TOO_SHORT:
+        case ZZIP_DIR_EDH_MISSING:
+            return EXIT_FILEFORMAT;
+        case ZZIP_DIRSIZE:
+            return EXIT_EARLY_END_OF_FILE;
+        case ZZIP_ENOENT:
+            return EXIT_FILE_NOT_FOUND;
+        case ZZIP_UNSUPP_COMPR:
+            return EXIT_UNSUPPORTED_COMPRESSION;
+        case ZZIP_CORRUPTED:
+        case ZZIP_UNDEF:
+        case ZZIP_DIR_LARGEFILE:
+            return EXIT_FILEFORMAT;
+    }
+    return EXIT_ERRORS;
+}
+
+static int 
+unzzip_list (int argc, char ** argv, int verbose)
+{
+    int argn;
+    ZZIP_DIR* disk;
+
+    if (argc == 1)
+    {
+        printf (__FILE__" version "ZZIP_PACKAGE" "ZZIP_VERSION"\n");
+        return EXIT_OK; /* better provide an archive argument */
+    }
+    
+    disk = zzip_opendir (argv[1]);
+    if (! disk) {
+        DBG3("opendir failed [%i] %s", errno, strerror(errno));    
+	perror(argv[1]);
+	return exitcode(errno);
+    }
+
+    if (argc == 2)
+    {  /* list all */
+	ZZIP_DIRENT* entry = 0;
+	while((entry = zzip_readdir(disk)))
+	{
+	    char* name = entry->d_name;
+	    long long usize = entry->st_size;
+	    if (!verbose)
+	    {
+        	printf ("%22lli %s\n", usize, name);
+	    } else
+	    {
+		long long csize = entry->d_csize;
+		unsigned compr = entry->d_compr;
+		const char* defl = (compr < sizeof(comprlevel)) ? comprlevel[compr] : "(redu)";
+        	printf ("%lli/%lli %s %s\n", usize, csize, defl, name);
+	    }
+	}
+	DBG2("readdir done %s", strerror(errno));
+    }
+    else
+    {   /* list only the matching entries - in order of zip directory */
+	ZZIP_DIRENT* entry = 0;
+	while((entry = zzip_readdir(disk)))
+	{
+	    char* name = entry->d_name;
+	    for (argn=1; argn < argc; argn++)
+	    {
+		if (! fnmatch (argv[argn], name, 
+			       FNM_NOESCAPE|FNM_PATHNAME|FNM_PERIOD))
+		{
+		    long long usize = entry->st_size;
+		    if (!verbose)
+		    {
+	        	printf ("%22lli %s\n", usize, name);
+		    } else
+		    {
+			long long csize = entry->d_csize;
+			unsigned compr = entry->d_compr;
+			const char* defl = (compr < sizeof(comprlevel)) ? comprlevel[compr] : "(redu)";
+			printf ("%lli/%lli %s %s\n", usize, csize, defl, name);
+		    }
+		    break; /* match loop */
+		}
+	    }
+	}
+	DBG2("readdir done %s", strerror(errno));
+    }
+    zzip_closedir(disk);
+    return 0;
+} 
+
+int 
+unzzip_long_list (int argc, char ** argv)
+{
+    return unzzip_list(argc, argv, 1);
+}
+
+int 
+unzzip_show_list (int argc, char ** argv)
+{
+    return unzzip_list(argc, argv, 0);
+}
+
+/* 
+ * Local variables:
+ * c-file-style: "stroustrup"
+ * End:
+ */

tests/gating/build/unzzipdir-zip.h

@@ -0,0 +1,10 @@
+/*
+ *	Copyright (c) 2003 Guido Draheim <guidod@gmx.de>
+ *      Use freely under the restrictions of the ZLIB license.
+ *
+ *      This file is used as an example to clarify zzip api usage.
+ */
+
+extern int unzzip_show_list(int argc, char** argv);
+extern int unzzip_long_list(int argc, char** argv);
+

tests/tests.yml

@@ -0,0 +1,21 @@
+---
+- hosts: localhost
+  vars:
+  - artifacts: ./artifacts
+  remote_user: root
+  roles:
+  - role: standard-test-basic
+    tags:
+     - atomic
+     - classic
+     - container
+    tests:
+     - simple:
+        dir: gating
+        run: ./all.sh
+    required_packages:
+     - zziplib
+     - zziplib-devel
+     - zziplib-utils
+     - coreutils
+     - gcc

zziplib-0.13.69-multilib.patch

@@ -1,31 +0,0 @@
-diff -up ./_builddir/zzip/_config.h.orig ./_builddir/zzip/_config.h
---- ./_builddir/zzip/_config.h.orig	2018-07-23 09:11:59.971840954 +0300
-+++ ./_builddir/zzip/_config.h	2018-07-23 09:12:07.438731527 +0300
-@@ -139,6 +139,11 @@
- /* whether the system defaults to 32bit off_t but can do 64bit when requested
-    */
- /* #undef LARGEFILE_SENSITIVE */
-+#if __WORDSIZE == 32
-+#ifndef ZZIP_LARGEFILE_SENSITIVE 
-+#define ZZIP_LARGEFILE_SENSITIVE  1 
-+#endif
-+#endif
- 
- /* Define to the sub-directory where libtool stores uninstalled libraries. */
- #ifndef ZZIP_LT_OBJDIR 
-@@ -197,6 +202,15 @@
- /* The number of bytes in type short */
- /* #undef SIZEOF_SHORT */
- 
-+/* The number of bytes in type long */
-+#ifndef ZZIP_SIZEOF_LONG 
-+#if __WORDSIZE == 32
-+#define ZZIP_SIZEOF_LONG  4
-+#elif __WORDSIZE == 64
-+#define ZZIP_SIZEOF_LONG  8 
-+#endif
-+#endif
-+
- /* Define to 1 if you have the ANSI C header files. */
- #ifndef ZZIP_STDC_HEADERS 
- #define ZZIP_STDC_HEADERS  1 

zziplib.spec

@@ -1,22 +1,28 @@
 Summary: Lightweight library to easily extract data from zip files
 Name: zziplib
-Version: 0.13.69
+Version: 0.13.71
 Release: 9%{?dist}
 License: LGPLv2+ or MPLv1.1
 URL: http://zziplib.sourceforge.net/
-Source: https://github.com/gdraheim/zziplib/archive/v%{version}.tar.gz
-Patch0: zziplib-0.13.69-multilib.patch
+#Source: https://github.com/gdraheim/zziplib/archive/v%{version}.tar.gz
 
-Patch1: CVE-2018-17828.patch
-Patch2: CVE-2018-17828.part2.patch
-Patch3: CVE-2018-16548.part1.patch
-Patch4: CVE-2018-16548.part2.patch
-Patch5: CVE-2018-16548.part3.patch
+#Using the pruned version of the upstream archive. The archive does not contain the Source1 and Source2 files. Their github version is used instead (the original ones had licensing issues)
+#rhbz#1982241
+Source0: v%{version}-pruned.tar.gz
+#https://raw.githubusercontent.com/gdraheim/zziplib/465450c86c930026664329876e5350d21a7527db/docs/zzipdoc/match.py
+Source1: match.py
+#https://raw.githubusercontent.com/gdraheim/zziplib/465450c86c930026664329876e5350d21a7527db/docs/zzipdoc/options.py
+Source2: options.py
 
+Patch1: CVE-2020-18442.patch 
+Patch100: multilib-32.patch
+Patch101: multilib-64.patch
+
+BuildRequires: make
 BuildRequires:  gcc
 BuildRequires: perl-interpreter
-BuildRequires: python2
-BuildRequires: python2-rpm-macros
+BuildRequires: python3
+BuildRequires: python3-rpm-macros
 BuildRequires: zip
 BuildRequires: xmlto
 BuildRequires: zlib-devel
@@ -64,34 +70,32 @@ zziplib library.
 
 %prep
 %setup -q
+cp %{SOURCE1} docs/zzipdoc/
+cp %{SOURCE2} docs/zzipdoc/
 
 %patch1 -p1
-%patch2 -p1
-%patch3 -p1
-%patch4 -p1
-%patch5 -p1
 
-# Force py2 for the build
-find . -name '*.py' | xargs sed -i 's@#! /usr/bin/python@#! %__python2@g;s@#! /usr/bin/env python@#! %__python2@g'
 
 %build
 export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing"
-export PYTHON=%__python2
 %configure \
     --disable-static \
     --enable-sdl \
-    --enable-frame-pointer \
-    --enable-builddir=_builddir
+    --enable-frame-pointer 
 # Remove rpath on 64bit archs
-sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' */libtool
-sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' */libtool
+sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool
+sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool
 # Only patch generated _config.h on non-i686 and armv7hl
 # These platforms have a correct _config.h already
-%ifnarch i686 armv7hl
-cd _builddir
-%apply_patch %{PATCH0} -p2
-cd ..
+
+pushd %{_builddir}/zziplib-%{version}
+%ifarch i686 armv7hl
+ patch -p2 < %{PATCH100}
 %endif
+%ifnarch i686 armv7hl
+ patch -p2 < %{PATCH101}
+%endif
+popd
 
 %make_build
 
@@ -118,6 +122,45 @@ cd ..
 %{_mandir}/man3/*
 
 %changelog
+* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 0.13.71-9
+- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
+  Related: rhbz#1991688
+
+* Tue Jul 27 2021 Jakub Martisko <jamartis@redhat.com> - 0.13.71-8
+- Add gating tests
+Resolves: rhbz#1986332
+
+* Fri Jul 23 2021 Jakub Martisko <jamartis@redhat.com> - 0.13.71-7
+- Remove the doc/zzipdoc/{options,match}.py scritps from the original tar
+- Replace them with a current github version
+- The original version of the files contains autogenerated header with incompatible license
+- This build thus uses modified tar archive
+Resolves: rhbz#1982241
+
+* Thu Jul 22 2021 Jakub Martisko <jamartis@redhat.com> - 0.13.71-6
+- Fix CVE-2020-18442
+Resolves: CVE-2020-18442
+Resolves: 1977964
+
+* Thu Jul 22 2021 Jakub Martisko <jamartis@redhat.com> - 0.13.71-5
+- Refresh the multilib patch
+Resolves: rhbz#1915747
+
+* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 0.13.71-4
+- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
+
+* Mon Feb 01 2021 Jakub Martisko <jamartis@redhat.com> - 0.13.71-3
+- Use python3 (versioned) as buildrequires
+
+* Thu Jan 28 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.13.71-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
+
+* Thu Jan 21 2021 Jakub Martisko <jamartis@redhat.com> - 0.13.71-1
+- Rebase to 0.13.71
+- Drop the CVE patches, they are now part of the upstream package
+- Build no longer requires python2
+- Resolves: 1807565
+
 * Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.13.69-9
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild