Pullup ticket #3228 - requested by joerg

archivers/bzip2: security update

Revisions pulled up:
- archivers/bzip2/Makefile			1.50
- archivers/bzip2/PLIST				1.4
- archivers/bzip2/files/CHANGES			1.3
- archivers/bzip2/files/README			1.3
- archivers/bzip2/files/bzdiff			new file
- archivers/bzip2/files/bzdiff.1		new file
- archivers/bzip2/files/bzgrep			new file
- archivers/bzip2/files/bzgrep.1		new file
- archivers/bzip2/files/decompress.c		1.3
---
Module Name:	pkgsrc
Committed By:	joerg
Date:		Wed Sep 22 14:32:18 UTC 2010

Update of /cvsroot/pkgsrc/archivers/bzip2/files
In directory ivanova.netbsd.org:/tmp/cvs-serv13227

Log Message:
Import stripped down bzip2-1.0.6.
---
Module Name:	pkgsrc
Committed By:	joerg
Date:		Wed Sep 22 14:48:41 UTC 2010

Modified Files:
	pkgsrc/archivers/bzip2/files: CHANGES README decompress.c

Log Message:
Update to bzip2-1.0.6: Fix for CVE-2010-0405
---
Module Name:	pkgsrc
Committed By:	joerg
Date:		Wed Sep 22 14:53:22 UTC 2010

Modified Files:
	pkgsrc/archivers/bzip2: Makefile PLIST

Log Message:
Update to bzip2-1.0.6: Fix for CVE-2010-0405. Also install various
helper scripts.

10 files changed, 328 insertions, 13 deletions

diff --git a/archivers/bzip2/Makefile b/archivers/bzip2/Makefile
index 728c433cf3a..80152f2cd0b 100644
--- a/archivers/bzip2/Makefile
+++ b/archivers/bzip2/Makefile
@@ -1,10 +1,9 @@
-# $NetBSD: Makefile,v 1.49 2009/04/09 00:48:06 joerg Exp $
+# $NetBSD: Makefile,v 1.49.10.1 2010/09/22 18:04:23 tron Exp $
 #
 
-DISTNAME=	bzip2-1.0.5
-PKGREVISION=	1
+DISTNAME=	bzip2-1.0.6
 CATEGORIES=	archivers
-MASTER_SITES=	http://www.bzip.org/1.0.5/
+MASTER_SITES=	http://www.bzip.org/1.0.6/
 
 MAINTAINER=	joerg@NetBSD.org
 HOMEPAGE=	http://www.bzip.org/
@@ -42,5 +41,19 @@ do-install:
 	${LN} -s bzip2.1 ${DESTDIR}${PREFIX}/${PKGMANDIR}/man1/bzcat.1
 	${LN} -s bzip2.1 ${DESTDIR}${PREFIX}/${PKGMANDIR}/man1/bzip2recover.1
 	${INSTALL_DATA} ${WRKSRC}/bzlib.h ${DESTDIR}${PREFIX}/include
+	${INSTALL_SCRIPT} ${WRKSRC}/bzmore ${DESTDIR}${PREFIX}/bin/bzmore
+	${LN} -s bzmore ${DESTDIR}${PREFIX}/bin/bzless
+	${INSTALL_MAN} ${WRKSRC}/bzmore.1 ${DESTDIR}${PREFIX}/${PKGMANDIR}/man1
+	${LN} -s bzmore.1 ${DESTDIR}${PREFIX}/${PKGMANDIR}/man1/bzless.1
+	${INSTALL_SCRIPT} ${WRKSRC}/bzdiff ${DESTDIR}${PREFIX}/bin/bzdiff
+	${LN} -s bzdiff ${DESTDIR}${PREFIX}/bin/bzcmp
+	${INSTALL_MAN} ${WRKSRC}/bzdiff.1 ${DESTDIR}${PREFIX}/${PKGMANDIR}/man1
+	${LN} -s bzdiff.1 ${DESTDIR}${PREFIX}/${PKGMANDIR}/man1/bzcmp.1
+	${INSTALL_SCRIPT} ${WRKSRC}/bzgrep ${DESTDIR}${PREFIX}/bin/bzgrep
+	${LN} -s bzgrep ${DESTDIR}${PREFIX}/bin/bzegrep
+	${LN} -s bzgrep ${DESTDIR}${PREFIX}/bin/bzfgrep
+	${INSTALL_MAN} ${WRKSRC}/bzgrep.1 ${DESTDIR}${PREFIX}/${PKGMANDIR}/man1
+	${LN} -s bzgrep.1 ${DESTDIR}${PREFIX}/${PKGMANDIR}/man1/bzegrep.1
+	${LN} -s bzgrep.1 ${DESTDIR}${PREFIX}/${PKGMANDIR}/man1/bzfgrep.1
 
 .include "../../mk/bsd.pkg.mk"
diff --git a/archivers/bzip2/PLIST b/archivers/bzip2/PLIST
index 404427f9e63..c95897d5d71 100644
--- a/archivers/bzip2/PLIST
+++ b/archivers/bzip2/PLIST
@@ -1,11 +1,25 @@
-@comment $NetBSD: PLIST,v 1.3 2005/05/23 06:49:29 rillig Exp $
+@comment $NetBSD: PLIST,v 1.3.46.1 2010/09/22 18:04:23 tron Exp $
 bin/bunzip2
 bin/bzcat
+bin/bzcmp
+bin/bzdiff
+bin/bzegrep
+bin/bzfgrep
+bin/bzgrep
 bin/bzip2
 bin/bzip2recover
+bin/bzless
+bin/bzmore
 include/bzlib.h
 lib/libbz2.la
 man/man1/bunzip2.1
 man/man1/bzcat.1
+man/man1/bzcmp.1
+man/man1/bzdiff.1
+man/man1/bzegrep.1
+man/man1/bzfgrep.1
+man/man1/bzgrep.1
 man/man1/bzip2.1
 man/man1/bzip2recover.1
+man/man1/bzless.1
+man/man1/bzmore.1
diff --git a/archivers/bzip2/builtin.mk b/archivers/bzip2/builtin.mk
index 1f32dd384d9..27f02c2482b 100644
--- a/archivers/bzip2/builtin.mk
+++ b/archivers/bzip2/builtin.mk
@@ -1,9 +1,10 @@
-# $NetBSD: builtin.mk,v 1.7 2006/07/13 13:04:54 heinz Exp $
+# $NetBSD: builtin.mk,v 1.7.36.1 2010/09/22 18:04:23 tron Exp $
 
 BUILTIN_PKG:=	bzip2
 
 BUILTIN_FIND_FILES_VAR:=	H_BZIP2
-BUILTIN_FIND_FILES.H_BZIP2=	/usr/include/bzlib.h
+BUILTIN_FIND_FILES.H_BZIP2=	/usr/include/bzlib.h \
+				/boot/common/include/bzlib.h
 BUILTIN_FIND_GREP.H_BZIP2=	BZ2_
 
 .include "../../mk/buildlink3/bsd.builtin.mk"
diff --git a/archivers/bzip2/files/CHANGES b/archivers/bzip2/files/CHANGES
index 6e4f65e2e0a..81e97ca6fa2 100644
--- a/archivers/bzip2/files/CHANGES
+++ b/archivers/bzip2/files/CHANGES
@@ -2,8 +2,8 @@
  This file is part of bzip2/libbzip2, a program and library for
  lossless, block-sorting data compression.
 
- bzip2/libbzip2 version 1.0.5 of 10 December 2007
- Copyright (C) 1996-2007 Julian Seward <jseward@bzip.org>
+ bzip2/libbzip2 version 1.0.6 of 6 September 2010
+ Copyright (C) 1996-2010 Julian Seward <jseward@bzip.org>
 
  Please read the WARNING, DISCLAIMER and PATENTS sections in the 
  README file.
@@ -317,3 +317,11 @@ Fixes some minor bugs since the last version, 1.0.3.
 ~~~~~~~~~~~~~~~~~
 Security fix only.  Fixes CERT-FI 20469 as it applies to bzip2.
 
+
+1.0.6 (6 Sept 10)
+~~~~~~~~~~~~~~~~~
+
+* Security fix for CVE-2010-0405.  This was reported by Mikolaj
+  Izdebski.
+
+* Make the documentation build on Ubuntu 10.04
diff --git a/archivers/bzip2/files/README b/archivers/bzip2/files/README
index e17a84e049f..9fb0f636013 100644
--- a/archivers/bzip2/files/README
+++ b/archivers/bzip2/files/README
@@ -6,8 +6,8 @@ This version is fully compatible with the previous public releases.
 This file is part of bzip2/libbzip2, a program and library for
 lossless, block-sorting data compression.
 
-bzip2/libbzip2 version 1.0.5 of 10 December 2007
-Copyright (C) 1996-2007 Julian Seward <jseward@bzip.org>
+bzip2/libbzip2 version 1.0.6 of 6 September 2010
+Copyright (C) 1996-2010 Julian Seward <jseward@bzip.org>
 
 Please read the WARNING, DISCLAIMER and PATENTS sections in this file.
 
@@ -181,6 +181,10 @@ WHAT'S NEW IN 1.0.5 ?
 
    See the CHANGES file.
 
+WHAT'S NEW IN 1.0.6 ?
+
+   See the CHANGES file.
+
 
 I hope you find bzip2 useful.  Feel free to contact me at
    jseward@bzip.org
@@ -208,3 +212,4 @@ Cambridge, UK.
 15 February 2005 (bzip2, version 1.0.3)
 20 December 2006 (bzip2, version 1.0.4)
 10 December 2007 (bzip2, version 1.0.5)
+ 6     Sept 2010 (bzip2, version 1.0.6)
diff --git a/archivers/bzip2/files/bzdiff b/archivers/bzip2/files/bzdiff
new file mode 100644
index 00000000000..6fc38f92d27
--- /dev/null
+++ b/archivers/bzip2/files/bzdiff
@@ -0,0 +1,76 @@
+#!/bin/sh
+# sh is buggy on RS/6000 AIX 3.2. Replace above line with #!/bin/ksh
+
+# Bzcmp/diff wrapped for bzip2, 
+# adapted from zdiff by Philippe Troin <phil@fifi.org> for Debian GNU/Linux.
+
+# Bzcmp and bzdiff are used to invoke the cmp or the  diff  pro-
+# gram  on compressed files.  All options specified are passed
+# directly to cmp or diff.  If only 1 file is specified,  then
+# the  files  compared  are file1 and an uncompressed file1.gz.
+# If two files are specified, then they are  uncompressed  (if
+# necessary) and fed to cmp or diff.  The exit status from cmp
+# or diff is preserved.
+
+PATH="/usr/bin:/bin:$PATH"; export PATH
+prog=`echo $0 | sed 's|.*/||'`
+case "$prog" in
+  *cmp) comp=${CMP-cmp}   ;;
+  *)    comp=${DIFF-diff} ;;
+esac
+
+OPTIONS=
+FILES=
+for ARG
+do
+    case "$ARG" in
+    -*)	OPTIONS="$OPTIONS $ARG";;
+     *)	if test -f "$ARG"; then
+            FILES="$FILES $ARG"
+        else
+            echo "${prog}: $ARG not found or not a regular file"
+	    exit 1
+        fi ;;
+    esac
+done
+if test -z "$FILES"; then
+	echo "Usage: $prog [${comp}_options] file [file]"
+	exit 1
+fi
+tmp=`mktemp ${TMPDIR:-/tmp}/bzdiff.XXXXXXXXXX` || {
+      echo 'cannot create a temporary file' >&2
+      exit 1
+}
+set $FILES
+if test $# -eq 1; then
+	FILE=`echo "$1" | sed 's/.bz2$//'`
+	bzip2 -cd "$FILE.bz2" | $comp $OPTIONS - "$FILE"
+	STAT="$?"
+
+elif test $# -eq 2; then
+	case "$1" in
+        *.bz2)
+                case "$2" in
+	        *.bz2)
+			F=`echo "$2" | sed 's|.*/||;s|.bz2$||'`
+                        bzip2 -cdfq "$2" > $tmp
+                        bzip2 -cdfq "$1" | $comp $OPTIONS - $tmp
+                        STAT="$?"
+			/bin/rm -f $tmp;;
+
+                *)      bzip2 -cdfq "$1" | $comp $OPTIONS - "$2"
+                        STAT="$?";;
+                esac;;
+        *)      case "$2" in
+	        *.bz2)
+                        bzip2 -cdfq "$2" | $comp $OPTIONS "$1" -
+                        STAT="$?";;
+                *)      $comp $OPTIONS "$1" "$2"
+                        STAT="$?";;
+                esac;;
+	esac
+        exit "$STAT"
+else
+	echo "Usage: $prog [${comp}_options] file [file]"
+	exit 1
+fi
diff --git a/archivers/bzip2/files/bzdiff.1 b/archivers/bzip2/files/bzdiff.1
new file mode 100644
index 00000000000..adb7a8e724e
--- /dev/null
+++ b/archivers/bzip2/files/bzdiff.1
@@ -0,0 +1,47 @@
+\"Shamelessly copied from zmore.1 by Philippe Troin <phil@fifi.org>
+\"for Debian GNU/Linux
+.TH BZDIFF 1
+.SH NAME
+bzcmp, bzdiff \- compare bzip2 compressed files
+.SH SYNOPSIS
+.B bzcmp
+[ cmp_options ] file1
+[ file2 ]
+.br
+.B bzdiff
+[ diff_options ] file1
+[ file2 ]
+.SH DESCRIPTION
+.I  Bzcmp
+and 
+.I bzdiff
+are used to invoke the
+.I cmp
+or the
+.I diff
+program on bzip2 compressed files.  All options specified are passed
+directly to
+.I cmp
+or
+.IR diff "."
+If only 1 file is specified, then the files compared are
+.I file1
+and an uncompressed
+.IR file1 ".bz2."
+If two files are specified, then they are uncompressed if necessary and fed to
+.I cmp
+or
+.IR diff "."
+The exit status from 
+.I cmp
+or
+.I diff
+is preserved.
+.SH "SEE ALSO"
+cmp(1), diff(1), bzmore(1), bzless(1), bzgrep(1), bzip2(1)
+.SH BUGS
+Messages from the
+.I cmp
+or
+.I diff
+programs refer to temporary filenames instead of those specified.
diff --git a/archivers/bzip2/files/bzgrep b/archivers/bzip2/files/bzgrep
new file mode 100644
index 00000000000..9a04b8337d7
--- /dev/null
+++ b/archivers/bzip2/files/bzgrep
@@ -0,0 +1,75 @@
+#!/bin/sh
+
+# Bzgrep wrapped for bzip2, 
+# adapted from zgrep by Philippe Troin <phil@fifi.org> for Debian GNU/Linux.
+## zgrep notice:
+## zgrep -- a wrapper around a grep program that decompresses files as needed
+## Adapted from a version sent by Charles Levert <charles@comm.polymtl.ca>
+
+PATH="/usr/bin:$PATH"; export PATH
+
+prog=`echo $0 | sed 's|.*/||'`
+case "$prog" in
+	*egrep)	grep=${EGREP-egrep}	;;
+	*fgrep)	grep=${FGREP-fgrep}	;;
+	*)	grep=${GREP-grep}	;;
+esac
+pat=""
+while test $# -ne 0; do
+  case "$1" in
+  -e | -f) opt="$opt $1"; shift; pat="$1"
+           if test "$grep" = grep; then  # grep is buggy with -e on SVR4
+             grep=egrep
+           fi;;
+  -A | -B) opt="$opt $1 $2"; shift;;
+  -*)	   opt="$opt $1";;
+   *)      if test -z "$pat"; then
+	     pat="$1"
+	   else
+	     break;
+           fi;;
+  esac
+  shift
+done
+
+if test -z "$pat"; then
+  echo "grep through bzip2 files"
+  echo "usage: $prog [grep_options] pattern [files]"
+  exit 1
+fi
+
+list=0
+silent=0
+op=`echo "$opt" | sed -e 's/ //g' -e 's/-//g'`
+case "$op" in
+  *l*) list=1
+esac
+case "$op" in
+  *h*) silent=1
+esac
+
+if test $# -eq 0; then
+  bzip2 -cdfq | $grep $opt "$pat"
+  exit $?
+fi
+
+res=0
+for i do
+  if test -f "$i"; then :; else if test -f "$i.bz2"; then i="$i.bz2"; fi; fi
+  if test $list -eq 1; then
+    bzip2 -cdfq "$i" | $grep $opt "$pat" 2>&1 > /dev/null && echo $i
+    r=$?
+  elif test $# -eq 1 -o $silent -eq 1; then
+    bzip2 -cdfq "$i" | $grep $opt "$pat"
+    r=$?
+  else
+    j=${i//\\/\\\\}
+    j=${j//|/\\|}
+    j=${j//&/\\&}
+    j=`printf "%s" "$j" | tr '\n' ' '`
+    bzip2 -cdfq "$i" | $grep $opt "$pat" | sed "s|^|${j}:|"
+    r=$?
+  fi
+  test "$r" -ne 0 && res="$r"
+done
+exit $res
diff --git a/archivers/bzip2/files/bzgrep.1 b/archivers/bzip2/files/bzgrep.1
new file mode 100644
index 00000000000..930af8c7fcb
--- /dev/null
+++ b/archivers/bzip2/files/bzgrep.1
@@ -0,0 +1,56 @@
+\"Shamelessly copied from zmore.1 by Philippe Troin <phil@fifi.org>
+\"for Debian GNU/Linux
+.TH BZGREP 1
+.SH NAME
+bzgrep, bzfgrep, bzegrep \- search possibly bzip2 compressed files for a regular expression
+.SH SYNOPSIS
+.B bzgrep
+[ grep_options ]
+.BI  [\ -e\ ] " pattern"
+.IR filename ".\|.\|."
+.br
+.B bzegrep
+[ egrep_options ]
+.BI  [\ -e\ ] " pattern"
+.IR filename ".\|.\|."
+.br
+.B bzfgrep
+[ fgrep_options ]
+.BI  [\ -e\ ] " pattern"
+.IR filename ".\|.\|."
+.SH DESCRIPTION
+.IR  Bzgrep
+is used to invoke the
+.I grep
+on bzip2-compressed files. All options specified are passed directly to
+.I grep.
+If no file is specified, then the standard input is decompressed
+if necessary and fed to grep.
+Otherwise the given files are uncompressed if necessary and fed to
+.I grep.
+.PP
+If
+.I bzgrep
+is invoked as
+.I bzegrep
+or
+.I bzfgrep
+then
+.I egrep
+or
+.I fgrep
+is used instead of
+.I grep.
+If the GREP environment variable is set,
+.I bzgrep
+uses it as the
+.I grep
+program to be invoked. For example:
+
+    for sh:  GREP=fgrep  bzgrep string files
+    for csh: (setenv GREP fgrep; bzgrep string files)
+.SH AUTHOR
+Charles Levert (charles@comm.polymtl.ca). Adapted to bzip2 by Philippe
+Troin <phil@fifi.org> for Debian GNU/Linux.
+.SH "SEE ALSO"
+grep(1), egrep(1), fgrep(1), bzdiff(1), bzmore(1), bzless(1), bzip2(1)
diff --git a/archivers/bzip2/files/decompress.c b/archivers/bzip2/files/decompress.c
index bba5e0fa36d..311f5668f9a 100644
--- a/archivers/bzip2/files/decompress.c
+++ b/archivers/bzip2/files/decompress.c
@@ -8,8 +8,8 @@
    This file is part of bzip2/libbzip2, a program and library for
    lossless, block-sorting data compression.
 
-   bzip2/libbzip2 version 1.0.5 of 10 December 2007
-   Copyright (C) 1996-2007 Julian Seward <jseward@bzip.org>
+   bzip2/libbzip2 version 1.0.6 of 6 September 2010
+   Copyright (C) 1996-2010 Julian Seward <jseward@bzip.org>
 
    Please read the WARNING, DISCLAIMER and PATENTS sections in the 
    README file.
@@ -381,6 +381,13 @@ Int32 BZ2_decompress ( DState* s )
             es = -1;
             N = 1;
             do {
+               /* Check that N doesn't get too big, so that es doesn't
+                  go negative.  The maximum value that can be
+                  RUNA/RUNB encoded is equal to the block size (post
+                  the initial RLE), viz, 900k, so bounding N at 2
+                  million should guard against overflow without
+                  rejecting any legitimate inputs. */
+               if (N >= 2*1024*1024) RETURN(BZ_DATA_ERROR);
                if (nextSym == BZ_RUNA) es = es + (0+1) * N; else
                if (nextSym == BZ_RUNB) es = es + (1+1) * N;
                N = N * 2;
@@ -485,15 +492,28 @@ Int32 BZ2_decompress ( DState* s )
          RETURN(BZ_DATA_ERROR);
 
       /*-- Set up cftab to facilitate generation of T^(-1) --*/
+      /* Check: unzftab entries in range. */
+      for (i = 0; i <= 255; i++) {
+         if (s->unzftab[i] < 0 || s->unzftab[i] > nblock)
+            RETURN(BZ_DATA_ERROR);
+      }
+      /* Actually generate cftab. */
       s->cftab[0] = 0;
       for (i = 1; i <= 256; i++) s->cftab[i] = s->unzftab[i-1];
       for (i = 1; i <= 256; i++) s->cftab[i] += s->cftab[i-1];
+      /* Check: cftab entries in range. */
       for (i = 0; i <= 256; i++) {
          if (s->cftab[i] < 0 || s->cftab[i] > nblock) {
             /* s->cftab[i] can legitimately be == nblock */
             RETURN(BZ_DATA_ERROR);
          }
       }
+      /* Check: cftab entries non-descending. */
+      for (i = 1; i <= 256; i++) {
+         if (s->cftab[i-1] > s->cftab[i]) {
+            RETURN(BZ_DATA_ERROR);
+         }
+      }
 
       s->state_out_len = 0;
       s->state_out_ch  = 0;