update to 3.5.1

2021-01-29 15:52:41 +08:00 · 2021-01-29 15:52:41 +08:00 · d32d39fe99
commit d32d39fe99
parent ecf66d073e
5 changed files with 5 additions and 132 deletions
--- a/libarchive-3.4.3-avoid-stack-overflow.patch
+++ b/libarchive-3.4.3-avoid-stack-overflow.patch
@ -1,65 +0,0 @@
 From 4e575be32d0d128fa046ca74353d1ac880436948 Mon Sep 17 00:00:00 2001
 From: lutianxiong <lutianxiong@huawei.com>
 Date: Thu, 20 Aug 2020 19:09:03 +0800
 Subject: [PATCH] Add a loop checker in read_data_compressed to avoid stack
 overflow.
 Signed-off-by: lutianxiong <lutianxiong@huawei.com>
 ---
 libarchive/archive_read_support_format_rar.c | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)
 diff --git a/libarchive/archive_read_support_format_rar.c b/libarchive/archive_read_support_format_rar.c
 index 98efbb1a6..283a96044 100644
 --- a/libarchive/archive_read_support_format_rar.c
 +++ b/libarchive/archive_read_support_format_rar.c
@@ -151,6 +151,9 @@
 #undef minimum
 #define minimum(a, b)	((a)<(b)?(a):(b))
 +/* Stack overflow check */
 +#define MAX_COMPRESS_DEPTH 1024
 +
 /* Fields common to all headers */
 struct rar_header
 {
@@ -340,7 +343,7 @@ static int read_symlink_stored(struct archive_read *, struct archive_entry *,
 static int read_data_stored(struct archive_read *, const void **, size_t *,
                             int64_t *);
 static int read_data_compressed(struct archive_read *, const void **, size_t *,
 -                          int64_t *);
 +                          int64_t *, size_t);
 static int rar_br_preparation(struct archive_read *, struct rar_br *);
 static int parse_codes(struct archive_read *);
 static void free_codes(struct archive_read *);
@@ -1026,7 +1029,7 @@ archive_read_format_rar_read_data(struct archive_read *a, const void **buff,
   case COMPRESS_METHOD_NORMAL:
   case COMPRESS_METHOD_GOOD:
   case COMPRESS_METHOD_BEST:
 -    ret = read_data_compressed(a, buff, size, offset);
 +    ret = read_data_compressed(a, buff, size, offset, 0);
     if (ret != ARCHIVE_OK && ret != ARCHIVE_WARN) {
       __archive_ppmd7_functions.Ppmd7_Free(&rar->ppmd7_context);
       rar->start_new_table = 1;
@@ -1883,8 +1886,11 @@ read_data_stored(struct archive_read *a, const void **buff, size_t *size,
 static int
 read_data_compressed(struct archive_read *a, const void **buff, size_t *size,
 -               int64_t *offset)
 +               int64_t *offset, size_t looper)
 {
 +  if (looper++ > MAX_COMPRESS_DEPTH)
 +    return (ARCHIVE_FATAL);
 +
   struct rar *rar;
   int64_t start, end, actualend;
   size_t bs;
@@ -1982,7 +1988,7 @@ read_data_compressed(struct archive_read *a, const void **buff, size_t *size,
         {
           case 0:
             rar->start_new_table = 1;
 -            return read_data_compressed(a, buff, size, offset);
 +            return read_data_compressed(a, buff, size, offset, looper);
           case 2:
             rar->ppmd_eod = 1;/* End Of ppmd Data. */
--- a/libarchive-3.4.3-lchmod-support-check.patch
+++ b/libarchive-3.4.3-lchmod-support-check.patch
@ -1,63 +0,0 @@
 From 291d0c218e256750228b731a693e6b96e7ed5449 Mon Sep 17 00:00:00 2001
 From: Martin Matuska <martin@matuska.org>
 Date: Fri, 22 May 2020 13:03:55 +0200
 Subject: [PATCH] test_write_disk_secure: properly check if lchmod() is
 ---
 libarchive/test/test_write_disk_secure.c | 34 +++++++++++++++++++++---
 1 file changed, 30 insertions(+), 4 deletions(-)
 diff --git a/libarchive/test/test_write_disk_secure.c b/libarchive/test/test_write_disk_secure.c
 index 7cd66c4..44b9ea0 100644
 --- a/libarchive/test/test_write_disk_secure.c
 +++ b/libarchive/test/test_write_disk_secure.c
@@ -40,6 +40,10 @@ DEFINE_TEST(test_write_disk_secure)
 	struct archive *a;
 	struct archive_entry *ae;
 	struct stat st;
 +#if defined(HAVE_LCHMOD) && defined(HAVE_SYMLINK) && \
 +    defined(S_IRUSR) && defined(S_IWUSR) && defined(S_IXUSR)
 +	int working_lchmod;
 +#endif
 	/* Start with a known umask. */
 	assertUmask(UMASK);
@@ -251,10 +255,32 @@ DEFINE_TEST(test_write_disk_secure)
 	assert(0 == lstat("link_to_dir", &st));
 	failure("link_to_dir: st.st_mode=%o", st.st_mode);
 	assert(S_ISLNK(st.st_mode));
 -#if HAVE_LCHMOD
 -	/* Systems that lack lchmod() can't set symlink perms, so skip this. */
 -	failure("link_to_dir: st.st_mode=%o", st.st_mode);
 -	assert((st.st_mode & 07777) == 0755);
 +#if defined(HAVE_SYMLINK) && defined(HAVE_LCHMOD) && \
 +    defined(S_IRUSR) && defined(S_IWUSR) && defined(S_IXUSR)
 +	/* Verify if we are able to lchmod() */
 +	if (symlink("dir", "testlink_to_dir") == 0) {
 +		if (lchmod("testlink_to_dir",
 +		    S_IRUSR | S_IWUSR | S_IXUSR) != 0) {
 +			switch (errno) {
 +				case ENOTSUP:
 +				case ENOSYS:
 +#if ENOTSUP != EOPNOTSUPP
 +				case EOPNOTSUPP:
 +#endif
 +					working_lchmod = 0;
 +					break;
 +				default:
 +					working_lchmod = 1;
 +			}
 +		} else
 +			working_lchmod = 1;
 +	} else
 +		working_lchmod = 0;
 +
 +	if (working_lchmod) {
 +		failure("link_to_dir: st.st_mode=%o", st.st_mode);
 +		assert((st.st_mode & 07777) == 0755);
 +	}
 #endif
 	assert(0 == lstat("dir/filea", &st));
 -- 
 2.24.1
--- a/libarchive-3.4.3.tar.gz
+++ b/libarchive-3.4.3.tar.gz
--- a/libarchive-3.5.1.tar.gz
+++ b/libarchive-3.5.1.tar.gz
--- a/libarchive.spec
+++ b/libarchive.spec
@ -1,8 +1,8 @@
 %bcond_with check
 Name:           libarchive
-Version:        3.4.3
+Version:        3.5.1
-Release:        2
+Release:        1
 Summary:        Multi-format archive and compression library
 License:        BSD
@ -17,8 +17,6 @@ Provides:       bsdtar bsdcpio bsdcat
 Obsoletes:      bsdtar bsdcpio bsdcat
 Patch6001:      libarchive-uninitialized-value.patch
 Patch6002:      libarchive-3.4.3-lchmod-support-check.patch
 Patch6003:      libarchive-3.4.3-avoid-stack-overflow.patch 
 %description
 %{name} is an open-source BSD-licensed C programming library that 
@ -149,6 +147,9 @@ run_testsuite
 %{_mandir}/man5/*
 %changelog
 * Fri Jan 29 2021 zhanzhimin <zhanzhimin@huawei.com> - 3.5.1-1
 - Upgrade to version 3.5.1
 * Fri Aug 21 2020 yanan <yanan@huawei.com> - 3.4.3-2
 - Type:bugfix
 - ID:NA