diff --git a/backport-0001-CVE-2021-28650.patch b/backport-0001-CVE-2021-28650.patch deleted file mode 100644 index 63093a4..0000000 --- a/backport-0001-CVE-2021-28650.patch +++ /dev/null @@ -1,72 +0,0 @@ -From 88e21e8aa2841216fa1d7fba617a8692912af51e Mon Sep 17 00:00:00 2001 -From: Ondrej Holy -Date: Thu, 25 Feb 2021 14:10:26 +0100 -Subject: [PATCH] extractor: Detect conflict also for directories - -Current logic doesn't detect conflics when extracting directory. This -is ok, but only for the case when the conflic is caused by directory. -Otherwise, the conflic should be detected and AutoarExtractor should -try to delete the file before creating new directory. -Conflict:NA -Reference:https://gitlab.gnome.org/GNOME/gnome-autoar/-/merge_requests/15/diffs?commit_id=88e21e8aa2841216fa1d7fba617a8692912af51e ---- - gnome-autoar/autoar-extractor.c | 27 ++++++++------------------- - 1 file changed, 8 insertions(+), 19 deletions(-) - -diff --git a/gnome-autoar/autoar-extractor.c b/gnome-autoar/autoar-extractor.c -index f1f49cf..376c864 100644 ---- a/gnome-autoar/autoar-extractor.c -+++ b/gnome-autoar/autoar-extractor.c -@@ -897,7 +897,6 @@ autoar_extractor_check_file_conflict (GFile *file, - mode_t extracted_filetype) - { - GFileType file_type; -- gboolean conflict = FALSE; - - file_type = g_file_query_file_type (file, - G_FILE_QUERY_INFO_NONE, -@@ -907,26 +906,13 @@ autoar_extractor_check_file_conflict (GFile *file, - return FALSE; - } - -- switch (extracted_filetype) { -- case AE_IFDIR: -- break; -- case AE_IFREG: -- case AE_IFLNK: --#if defined HAVE_MKFIFO || defined HAVE_MKNOD -- case AE_IFIFO: --#endif --#ifdef HAVE_MKNOD -- case AE_IFSOCK: -- case AE_IFBLK: -- case AE_IFCHR: --#endif -- conflict = TRUE; -- break; -- default: -- break; -+ /* It is not problem if the directory already exists */ -+ if (file_type == G_FILE_TYPE_DIRECTORY && -+ extracted_filetype == AE_IFDIR) { -+ return FALSE; - } - -- return conflict; -+ return TRUE; - } - - static void -@@ -1850,6 +1836,9 @@ autoar_extractor_step_extract (AutoarExtractor *self) { - case AUTOAR_CONFLICT_OVERWRITE: - break; - case AUTOAR_CONFLICT_CHANGE_DESTINATION: -+ /* FIXME: If the destination is changed for directory, it should be -+ * changed also for its children... -+ */ - g_assert_nonnull (new_extracted_filename); - g_clear_object (&extracted_filename); - extracted_filename = new_extracted_filename; --- -2.19.1 - diff --git a/backport-0002-CVE-2021-28650.patch b/backport-0002-CVE-2021-28650.patch deleted file mode 100644 index 80557aa..0000000 --- a/backport-0002-CVE-2021-28650.patch +++ /dev/null @@ -1,129 +0,0 @@ -From 8109c368c6cfdb593faaf698c2bf5da32bb1ace4 Mon Sep 17 00:00:00 2001 -From: Ondrej Holy -Date: Mon, 1 Mar 2021 17:16:27 +0100 -Subject: [PATCH] extractor: Do not allow symlink in parents - -Currently, it is still possible that some files are extracted outside of -the destination dir in case of malicious archives. The checks from commit -adb067e6 can be still bypassed in certain cases. See GNOME/file-roller#108 -for more details. After some investigation, I am convinced that it would be -best to simply disallow symlinks in parents. For example, `tar` fails to -extract such files with the `ENOTDIR` error. Let's do the same here. - -Fixes: https://gitlab.gnome.org/GNOME/gnome-autoar/-/issues/12 -Conflict:NA -Reference:https://gitlab.gnome.org/GNOME/gnome-autoar/-/merge_requests/15/diffs?commit_id=8109c368c6cfdb593faaf698c2bf5da32bb1ace4 ---- - gnome-autoar/autoar-extractor.c | 60 +++++++++++++++++++++++++-------- - 1 file changed, 46 insertions(+), 14 deletions(-) - -diff --git a/gnome-autoar/autoar-extractor.c b/gnome-autoar/autoar-extractor.c -index 376c864..d84a726 100644 ---- a/gnome-autoar/autoar-extractor.c -+++ b/gnome-autoar/autoar-extractor.c -@@ -892,27 +892,42 @@ autoar_extractor_do_sanitize_pathname (AutoarExtractor *self, - return extracted_filename; - } - --static gboolean --autoar_extractor_check_file_conflict (GFile *file, -+/* The function checks @file for conflicts with already existing files on the -+ * disk. It also recursively checks parents of @file to be sure it is directory. -+ * It doesn't follow symlinks, so symlinks in parents are also considered as -+ * conflicts even though they point to directory. It returns #GFile object for -+ * the file, which cause the conflict (so @file, or some of its parents). If -+ * there aren't any conflicts, NULL is returned. -+ */ -+static GFile * -+autoar_extractor_check_file_conflict (AutoarExtractor *self, -+ GFile *file, - mode_t extracted_filetype) - { - GFileType file_type; -+ g_autoptr (GFile) parent = NULL; - - file_type = g_file_query_file_type (file, - G_FILE_QUERY_INFO_NONE, - NULL); -- /* If there is no file with the given name, there will be no conflict */ -- if (file_type == G_FILE_TYPE_UNKNOWN) { -- return FALSE; -+ -+ /* It is a conflict if the file already exists with an exception for already -+ * existing directories. -+ */ -+ if (file_type != G_FILE_TYPE_UNKNOWN && -+ (file_type != G_FILE_TYPE_DIRECTORY || -+ extracted_filetype != AE_IFDIR)) { -+ return g_object_ref (file); - } - -- /* It is not problem if the directory already exists */ -- if (file_type == G_FILE_TYPE_DIRECTORY && -- extracted_filetype == AE_IFDIR) { -- return FALSE; -+ if ((self->new_prefix && g_file_equal (self->new_prefix, file)) || -+ (!self->new_prefix && g_file_equal (self->destination_dir, file))) { -+ return NULL; - } - -- return TRUE; -+ /* Check also parents for conflict to be sure it is directory. */ -+ parent = g_file_get_parent (file); -+ return autoar_extractor_check_file_conflict (self, parent, AE_IFDIR); - } - - static void -@@ -1804,7 +1819,7 @@ autoar_extractor_step_extract (AutoarExtractor *self) { - g_autoptr (GFile) extracted_filename = NULL; - g_autoptr (GFile) hardlink_filename = NULL; - AutoarConflictAction action; -- gboolean file_conflict; -+ g_autoptr (GFile) file_conflict = NULL; - - if (g_cancellable_is_cancelled (self->cancellable)) { - archive_read_free (a); -@@ -1822,12 +1837,27 @@ autoar_extractor_step_extract (AutoarExtractor *self) { - autoar_extractor_do_sanitize_pathname (self, hardlink); - } - -- /* Attempt to solve any name conflict before doing any operations */ -- file_conflict = autoar_extractor_check_file_conflict (extracted_filename, -+ file_conflict = autoar_extractor_check_file_conflict (self, -+ extracted_filename, - archive_entry_filetype (entry)); - while (file_conflict) { - GFile *new_extracted_filename = NULL; - -+ /* Do not try to solve any conflicts in parents for now. Especially -+ * symlinks in parents are dangerous as it can easily happen that files -+ * are written outside of the destination. The tar cmd fails to extract -+ * such archives with ENOTDIR. Let's do the same here. This is most -+ * probably malicious, or corrupted archive if the conflict was caused -+ * only by files from the archive... -+ */ -+ if (!g_file_equal (file_conflict, extracted_filename)) { -+ self->error = g_error_new (G_IO_ERROR, -+ G_IO_ERROR_NOT_DIRECTORY, -+ "The file is not a directory"); -+ archive_read_free (a); -+ return; -+ } -+ - action = autoar_extractor_signal_conflict (self, - extracted_filename, - &new_extracted_filename); -@@ -1855,7 +1885,9 @@ autoar_extractor_step_extract (AutoarExtractor *self) { - break; - } - -- file_conflict = autoar_extractor_check_file_conflict (extracted_filename, -+ g_clear_object (&file_conflict); -+ file_conflict = autoar_extractor_check_file_conflict (self, -+ extracted_filename, - archive_entry_filetype (entry)); - } - --- -2.19.1 - diff --git a/gnome-autoar-0.2.4.tar.xz b/gnome-autoar-0.2.4.tar.xz deleted file mode 100644 index ff8137c..0000000 Binary files a/gnome-autoar-0.2.4.tar.xz and /dev/null differ diff --git a/gnome-autoar-0.4.3.tar.xz b/gnome-autoar-0.4.3.tar.xz new file mode 100644 index 0000000..8ecd9b1 Binary files /dev/null and b/gnome-autoar-0.4.3.tar.xz differ diff --git a/gnome-autoar.spec b/gnome-autoar.spec index 4eaaa65..f483b1f 100644 --- a/gnome-autoar.spec +++ b/gnome-autoar.spec @@ -1,16 +1,14 @@ Name: gnome-autoar -Version: 0.2.4 -Release: 4 +Version: 0.4.3 +Release: 1 Summary: Creating and extracting archives License: LGPLv2+ -URL: https://git.gnome.org/browse/gnome-autoar -Source0: https://download.gnome.org/sources/gnome-autoar/0.2/gnome-autoar-%{version}.tar.xz - -Patch6000: backport-0001-CVE-2021-28650.patch -Patch6001: backport-0002-CVE-2021-28650.patch +URL: https://gitlab.gnome.org/GNOME/gnome-autoar +Source0: https://download.gnome.org/sources/%{name}/0.4/%{name}-%{version}.tar.xz BuildRequires: gcc vala pkgconfig(gio-2.0) pkgconfig(glib-2.0) pkgconfig(gobject-2.0) BuildRequires: pkgconfig(gobject-introspection-1.0) pkgconfig(gtk+-3.0) pkgconfig(libarchive) +BuildRequires: meson gtk-doc %description Automatic archives creating and extracting library. @@ -26,15 +24,18 @@ development header files, libraries for programs using the gnome-autoar library. %autosetup -n %{name}-%{version} -p1 %build -%configure --disable-static -%make_build +%meson -Dvapi=true \ + -Dgtk_doc=true \ + -Dtests=true + +%meson_build %install -%make_install +%meson_install %delete_la %check -make check +%meson_test %files %license COPYING @@ -49,8 +50,13 @@ make check %{_datadir}/gir-1.0/*.gir %{_datadir}/gtk-doc/ %{_datadir}/vala/vapi/*.vapi +%{_datadir}/vala/vapi/gnome-autoar-0.deps +%{_datadir}/vala/vapi/gnome-autoar-gtk-0.deps %changelog +* Mon Mar 28 2022 lin zhang - 0.4.3-1 +- Upgrade to 0.4.3 + * Thu Jul 20 2021 liuyumeng - 0.2.4-4 - delete gdb in buildrequires