git: 60338b806930 - stable/13 - libarchive: merge vendor bugfixes
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 29 Mar 2022 11:22:38 UTC
The branch stable/13 has been updated by mm: URL: https://cgit.FreeBSD.org/src/commit/?id=60338b80693000ed0f9812b90ca54d35fd077cd0 commit 60338b80693000ed0f9812b90ca54d35fd077cd0 Author: Martin Matuska <mm@FreeBSD.org> AuthorDate: 2022-03-26 10:04:36 +0000 Commit: Martin Matuska <mm@FreeBSD.org> CommitDate: 2022-03-29 11:09:04 +0000 libarchive: merge vendor bugfixes Bugfixes: IS #1672 and OSS-Fuzz #38766: (zip reader) fix possible out-of-bounds read in zipx_lzma_alone_init() PR #1676: (mtree reader) remove the unused variable "detected_bytes" PR #1674: (doc) fix use of At mdoc(7) macro in cpio.5 (cherry picked from commit 0c9c2eb394b4a5694bc5ea11b326f334c735c813) --- contrib/libarchive/libarchive/archive_read_disk_posix.c | 7 ++++++- contrib/libarchive/libarchive/archive_read_support_format_mtree.c | 5 +---- contrib/libarchive/libarchive/archive_read_support_format_zip.c | 2 +- contrib/libarchive/libarchive/cpio.5 | 2 +- lib/libarchive/config_freebsd.h | 1 + 5 files changed, 10 insertions(+), 7 deletions(-) diff --git a/contrib/libarchive/libarchive/archive_read_disk_posix.c b/contrib/libarchive/libarchive/archive_read_disk_posix.c index d0e1f35c8291..2b39e672b49c 100644 --- a/contrib/libarchive/libarchive/archive_read_disk_posix.c +++ b/contrib/libarchive/libarchive/archive_read_disk_posix.c @@ -109,6 +109,11 @@ __FBSDID("$FreeBSD$"); #define O_CLOEXEC 0 #endif +#if defined(__hpux) && !defined(HAVE_DIRFD) +#define dirfd(x) ((x)->__dd_fd) +#define HAVE_DIRFD +#endif + /*- * This is a new directory-walking system that addresses a number * of problems I've had with fts(3). In particular, it has no @@ -2428,7 +2433,7 @@ tree_dir_next_posix(struct tree *t) #else /* HAVE_FDOPENDIR */ if (tree_enter_working_dir(t) == 0) { t->d = opendir("."); -#if HAVE_DIRFD || defined(dirfd) +#ifdef HAVE_DIRFD __archive_ensure_cloexec_flag(dirfd(t->d)); #endif } diff --git a/contrib/libarchive/libarchive/archive_read_support_format_mtree.c b/contrib/libarchive/libarchive/archive_read_support_format_mtree.c index bfcec220285d..96eb133ed361 100644 --- a/contrib/libarchive/libarchive/archive_read_support_format_mtree.c +++ b/contrib/libarchive/libarchive/archive_read_support_format_mtree.c @@ -692,7 +692,7 @@ detect_form(struct archive_read *a, int *is_form_d) { const char *p; ssize_t avail, ravail; - ssize_t detected_bytes = 0, len, nl; + ssize_t len, nl; int entry_cnt = 0, multiline = 0; int form_D = 0;/* The archive is generated by `NetBSD mtree -D' * (In this source we call it `form D') . */ @@ -728,8 +728,6 @@ detect_form(struct archive_read *a, int *is_form_d) * character of previous line was '\' character. */ if (bid_keyword_list(p, len, 0, 0) <= 0) break; - if (multiline == 1) - detected_bytes += len; if (p[len-nl-1] != '\\') { if (multiline == 1 && ++entry_cnt >= MAX_BID_ENTRY) @@ -745,7 +743,6 @@ detect_form(struct archive_read *a, int *is_form_d) keywords = bid_entry(p, len, nl, &last_is_path); if (keywords >= 0) { - detected_bytes += len; if (form_D == 0) { if (last_is_path) form_D = 1; diff --git a/contrib/libarchive/libarchive/archive_read_support_format_zip.c b/contrib/libarchive/libarchive/archive_read_support_format_zip.c index 3456c100c6f5..75df44ba93aa 100644 --- a/contrib/libarchive/libarchive/archive_read_support_format_zip.c +++ b/contrib/libarchive/libarchive/archive_read_support_format_zip.c @@ -1667,7 +1667,7 @@ zipx_lzma_alone_init(struct archive_read *a, struct zip *zip) */ /* Read magic1,magic2,lzma_params from the ZIPX stream. */ - if((p = __archive_read_ahead(a, 9, NULL)) == NULL) { + if(zip->entry_bytes_remaining < 9 || (p = __archive_read_ahead(a, 9, NULL)) == NULL) { archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, "Truncated lzma data"); return (ARCHIVE_FATAL); diff --git a/contrib/libarchive/libarchive/cpio.5 b/contrib/libarchive/libarchive/cpio.5 index 837a45692e3b..c71018b1996e 100644 --- a/contrib/libarchive/libarchive/cpio.5 +++ b/contrib/libarchive/libarchive/cpio.5 @@ -354,7 +354,7 @@ while working in AT&T's Unix Support Group. It appeared in 1977 as part of PWB/UNIX 1.0, the .Dq Programmer's Work Bench derived from -.At 6th Edition UNIX +.At v6 that was used internally at AT&T. Both the new binary and old character formats were in use by 1980, according to the System III source released diff --git a/lib/libarchive/config_freebsd.h b/lib/libarchive/config_freebsd.h index 0e8ac64eba47..20230ca26adf 100644 --- a/lib/libarchive/config_freebsd.h +++ b/lib/libarchive/config_freebsd.h @@ -98,6 +98,7 @@ #define HAVE_DECL_UINT64_MAX 1 #define HAVE_DECL_UINTMAX_MAX 1 #define HAVE_DIRENT_H 1 +#define HAVE_DIRFD 1 #define HAVE_DLFCN_H 1 #define HAVE_D_MD_ORDER 1 #define HAVE_EFTYPE 1