pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/archivers/libarchive Update to 1.3.1



details:   https://anonhg.NetBSD.org/pkgsrc/rev/bda938eec773
branches:  trunk
changeset: 521365:bda938eec773
user:      adrianp <adrianp%pkgsrc.org@localhost>
date:      Fri Nov 10 00:29:44 2006 +0000

description:
Update to 1.3.1
Sep 05, 2006: libarchive 1.3.1 released
Sep 5, 2006: Bump version to 1.3 for new I/O wrappers.
Sep 4, 2006: New memory and FILE read/write wrappers.
Sep 4, 2006: libarchive test harness is now minimally functional;
    it's located a few minor bugs in error-handling logic

Fix a denial of service security issue via FreeBSD:
If the end of an archive is reached while attempting to "skip" past a
region of an archive, libarchive will enter an infinite loop wherein it
repeatedly attempts (and fails) to read further data.

diffstat:

 archivers/libarchive/Makefile         |   4 +-
 archivers/libarchive/distinfo         |   9 +++--
 archivers/libarchive/patches/patch-ac |  52 +++++++++++++++++++++++++++++++++++
 3 files changed, 59 insertions(+), 6 deletions(-)

diffs (84 lines):

diff -r 64929f355b71 -r bda938eec773 archivers/libarchive/Makefile
--- a/archivers/libarchive/Makefile     Fri Nov 10 00:26:00 2006 +0000
+++ b/archivers/libarchive/Makefile     Fri Nov 10 00:29:44 2006 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.14 2006/08/20 14:56:03 joerg Exp $
+# $NetBSD: Makefile,v 1.15 2006/11/10 00:29:44 adrianp Exp $
 #
 
-DISTNAME=      libarchive-1.2.57
+DISTNAME=      libarchive-1.3.1
 CATEGORIES=    archivers
 MASTER_SITES=  http://people.freebsd.org/~kientzle/libarchive/src/
 
diff -r 64929f355b71 -r bda938eec773 archivers/libarchive/distinfo
--- a/archivers/libarchive/distinfo     Fri Nov 10 00:26:00 2006 +0000
+++ b/archivers/libarchive/distinfo     Fri Nov 10 00:29:44 2006 +0000
@@ -1,6 +1,7 @@
-$NetBSD: distinfo,v 1.12 2006/08/20 14:56:03 joerg Exp $
+$NetBSD: distinfo,v 1.13 2006/11/10 00:29:44 adrianp Exp $
 
-SHA1 (libarchive-1.2.57.tar.gz) = 70bf5a0a6a8af4cefda412db5a2ba53724e9e3e8
-RMD160 (libarchive-1.2.57.tar.gz) = 238a44ec554aa4fc5ae795c1af3640d253f36445
-Size (libarchive-1.2.57.tar.gz) = 536128 bytes
+SHA1 (libarchive-1.3.1.tar.gz) = aed6eda15b012adbb88af0f0d76887920ffe7bbf
+RMD160 (libarchive-1.3.1.tar.gz) = e518f802d9a50afcfede6dd7cbb4f42b2cbe12a1
+Size (libarchive-1.3.1.tar.gz) = 901173 bytes
 SHA1 (patch-ab) = 5e92405b0898123d8240f332475d13abe85f8ad3
+SHA1 (patch-ac) = 5775e26d19ace2b94c870c0e8de8e6efbe4b5c63
diff -r 64929f355b71 -r bda938eec773 archivers/libarchive/patches/patch-ac
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/archivers/libarchive/patches/patch-ac     Fri Nov 10 00:29:44 2006 +0000
@@ -0,0 +1,52 @@
+$NetBSD: patch-ac,v 1.1 2006/11/10 00:29:44 adrianp Exp $
+
+--- libarchive/archive_read_support_compression_none.c.orig    2006-09-05 07:00:47.000000000 +0100
++++ libarchive/archive_read_support_compression_none.c
+@@ -257,7 +257,9 @@ archive_decompressor_none_read_consume(s
+ }
+ 
+ /*
+- * Skip at most request bytes. Skipped data is marked as consumed.
++ * Skip forward by exactly the requested bytes or else return
++ * ARCHIVE_FATAL.  Note that this differs from the contract for
++ * read_ahead, which does not gaurantee a minimum count.
+  */
+ static ssize_t
+ archive_decompressor_none_skip(struct archive *a, size_t request)
+@@ -287,9 +289,7 @@ archive_decompressor_none_skip(struct ar
+       if (request == 0)
+               return (total_bytes_skipped);
+       /*
+-       * If no client_skipper is provided, just read the old way. It is very
+-       * likely that after skipping, the request has not yet been fully
+-       * satisfied (and is still > 0). In that case, read as well.
++       * If a client_skipper was provided, try that first.
+        */
+       if (a->client_skipper != NULL) {
+               bytes_skipped = (a->client_skipper)(a, a->client_data,
+@@ -307,6 +307,12 @@ archive_decompressor_none_skip(struct ar
+               a->raw_position += bytes_skipped;
+               state->client_avail = state->client_total = 0;
+       }
++      /*
++       * Note that client_skipper will usually not satisfy the
++       * full request (due to low-level blocking concerns),
++       * so even if client_skipper is provided, we may still
++       * have to use ordinary reads to finish out the request.
++       */
+       while (request > 0) {
+               const void* dummy_buffer;
+               ssize_t bytes_read;
+@@ -314,6 +320,12 @@ archive_decompressor_none_skip(struct ar
+                   &dummy_buffer, request);
+               if (bytes_read < 0)
+                       return (bytes_read);
++              if (bytes_read == 0) {
++                      /* We hit EOF before we satisfied the skip request. */
++                      archive_set_error(a, ARCHIVE_ERRNO_MISC,
++                          "Truncated input file (need to skip %d bytes)", (int)request);
++                      return (ARCHIVE_FATAL);
++              }
+               assert(bytes_read >= 0); /* precondition for cast below */
+               min = minimum((size_t)bytes_read, request);
+               bytes_read = archive_decompressor_none_read_consume(a, min);



Home | Main Index | Thread Index | Old Index