From nobody Fri Apr 08 07:40:12 2022 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id DD4271AA0263; Fri, 8 Apr 2022 07:40:14 +0000 (UTC) (envelope-from bapt@FreeBSD.org) Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4KZVXG5vz2z3lJR; Fri, 8 Apr 2022 07:40:14 +0000 (UTC) (envelope-from bapt@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1649403614; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=jFFKp+ZGyWIiftCZcxajMNsBLiYMhYkrCLpWKiRpmjk=; b=vNWzOZM/1BadTmy8F5l+JR4xKFxFL5zwVMQgcMrX8wvwJII5KZt/fhssJIgWQNI8Fq0wBN pDq5pBIwwRUfjRKTD/8UaHMP32J8zJIJkIxZc+7uMqWha/itYN0k+PHLjvJtawwJTtmqOh 03THsc+l19lOYnHANx5qpBVUyl25/UZUoxjhO0GoGNfo4wYbsYwMBiaGuX6FEnFP7FaJjT 1H3f0xv0/BdZPsLKeLMdZOpetQjWqrVRu8DZ3u6tmPBY+I0oHj+YH6CCCx4xqCHQKGvxnX 4k0ZlfKPjIxE4pdu6tkEMy6YgQOuc33s9yMQgoRUpwOJxRyTy3sgOw1kOt6vZw== Received: from aniel.nours.eu (nours.eu [IPv6:2001:41d0:8:3a4d::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) (Authenticated sender: bapt) by smtp.freebsd.org (Postfix) with ESMTPSA id 9280B27825; Fri, 8 Apr 2022 07:40:14 +0000 (UTC) (envelope-from bapt@FreeBSD.org) Received: by aniel.nours.eu (Postfix, from userid 1001) id 2704F77891; Fri, 8 Apr 2022 09:40:12 +0200 (CEST) Date: Fri, 8 Apr 2022 09:40:12 +0200 From: Baptiste Daroussin To: Kyle Evans Cc: Martin Matuska , src-committers , "" , dev-commits-src-main@freebsd.org Subject: Re: git: 833a452e9f08 - main - libarchive: import changes from upstream Message-ID: <20220408074012.cfanxlrhlj2w2e2g@aniel.nours.eu> References: <202202092352.219Nqprv043107@gitrepo.freebsd.org> List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-main@freebsd.org X-BeenThere: dev-commits-src-main@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1649403614; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=jFFKp+ZGyWIiftCZcxajMNsBLiYMhYkrCLpWKiRpmjk=; b=jvPQYBzWx6AXTtAwEw/UVNLsP7IEp32sbCPqmbhPOMRXo98/vsxbYcxvL6clCUjwi0JT+q cNx2JZjxp/oZRtQlj+cv+L1p8KYc4U74mJ59mbVO9QAWA4JEORBBzeB2XZcG9taFK6VIxB xrB+9BHU5MzlNTPbG+3QoBECRaZnfx1bDkHRxHgYqPNddMmWuoc2K7vystLDp1K2rBbm8F nWPREI7dCT9TlHHlxj1p1fGk8eMi3egmO7CVXBcUxR1ioZTihtZBSWqJIOUuDehKVu2Z3W DqqinjHANIAeUjSzbx9tilCNtWBN7ptlCvwpMkrWe7GOhvwGM/jbwCLEto5jSg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1649403614; a=rsa-sha256; cv=none; b=X7tduS799B5APTV1vm+58v3DbFIroLbuRsXjKeqkcyrFhMIHS4LfWKHgIMFDilUNtVpMj8 3uc6NZ/Xg9LXA5eBuW7rTQ3qdmO0F58YWneC3KXP8FTE2bqOOqmqf1l7y0MZA/sdgge8wW BVQt32eOEv2jyOzqtnJzGrzwX1Snbb4TNLxwbtE93TWQlQLXNtEvku/PS8QyJbUq+zzoNo paB54EtXomBuKNB1MI4RQALvoxhyiluUzbMUes5bnxl5YcmBowDSGdXL97YUSWecelfdEL 4PEkA9ekVR+NPWiJ6U0DmFwKlOinR+WNVSkqMuSbQsT+6i1nZaWVWbydbnd+Ww== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N On Thu, Apr 07, 2022 at 10:13:30PM -0500, Kyle Evans wrote: > On Wed, Feb 9, 2022 at 5:52 PM Martin Matuska wrote: > > > > The branch main has been updated by mm: > > > > URL: https://cgit.FreeBSD.org/src/commit/?id=833a452e9f082a7982a31c21f0da437dbbe0a39d > > > > Merge: 17a56f3fabdf 84631082f67b > > Author: Martin Matuska > > AuthorDate: 2022-02-09 23:35:42 +0000 > > Commit: Martin Matuska > > CommitDate: 2022-02-09 23:35:42 +0000 > > > > libarchive: import changes from upstream > > > > Libarchive 3.6.0 > > > > New features: > > PR #1614: tar: new option "--no-read-sparse" > > PR #1503: RAR reader: filter support > > PR #1585: RAR5 reader: self-extracting archive support > > > > New features (not used in FreeBSD base): > > PR #1567: tar: threads support for zstd (#1567) > > PR #1518: ZIP reader: zstd decompression support > > > > Security Fixes: > > PR #1491, #1492, #1493, CVE-2021-36976: > > fix invalid memory access and out of bounds read in RAR5 reader > > PR #1566, #1618, CVE-2021-31566: > > extended fix for following symlinks when processing the fixup list > > > > Other notable bugfixes and improvements: > > PR #1620: tar: respect "--ignore-zeros" in c, r and u modes > > PR #1625: reduced size of application binaries > > > > MFC after: 2 weeks > > Relnotes: yes > > > > Hi, > > This commit makes pkg angry when trying to use zstd support -- I > tracked it down to libarchive wanting to shell out now, because this > conditional changed: > > https://cgit.freebsd.org/src/tree/contrib/libarchive/libarchive/archive_write_add_filter_zstd.c#n112 > > We should probably make pkg accept ARCHIVE_WARN since shelling out > isn't so bad, but I have this diff to fix base libarchive: > > https://people.freebsd.org/~kevans/libarchive.diff > > I didn't quite check if there were any other surprises like this, > though. Is this sufficient and OK to commit? > > Thanks, > > Kyle Evans > It is not the first time, an update of libarchive breaks many things in particular pkg, we have asked many time if a request for exp-run could be made before any sync with upstream, but years are passing and libarchive continues to be updated without prior exp-run. This is painful. Making pkg accept ARCHIVE_WARN is not acceptable, in some places we are extracting inside a capsicum sandbox which will prevent any shelling out. Best regards, Bapt