summaryrefslogtreecommitdiff
path: root/archivers
diff options
context:
space:
mode:
authoradrianp <adrianp@pkgsrc.org>2006-11-10 00:29:44 +0000
committeradrianp <adrianp@pkgsrc.org>2006-11-10 00:29:44 +0000
commit52b0fc8fd3e398c6e28173768ccbb01eccc986f7 (patch)
tree570d511c5f0950e458e8815afb6ccbec8a17f987 /archivers
parent6a3488f924e7c17cb62a9c28369063c7d1b0f52e (diff)
downloadpkgsrc-52b0fc8fd3e398c6e28173768ccbb01eccc986f7.tar.gz
Update to 1.3.1
Sep 05, 2006: libarchive 1.3.1 released Sep 5, 2006: Bump version to 1.3 for new I/O wrappers. Sep 4, 2006: New memory and FILE read/write wrappers. Sep 4, 2006: libarchive test harness is now minimally functional; it's located a few minor bugs in error-handling logic Fix a denial of service security issue via FreeBSD: If the end of an archive is reached while attempting to "skip" past a region of an archive, libarchive will enter an infinite loop wherein it repeatedly attempts (and fails) to read further data.
Diffstat (limited to 'archivers')
-rw-r--r--archivers/libarchive/Makefile4
-rw-r--r--archivers/libarchive/distinfo9
-rw-r--r--archivers/libarchive/patches/patch-ac52
3 files changed, 59 insertions, 6 deletions
diff --git a/archivers/libarchive/Makefile b/archivers/libarchive/Makefile
index 9cc86aa45b7..000739e91ac 100644
--- a/archivers/libarchive/Makefile
+++ b/archivers/libarchive/Makefile
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.14 2006/08/20 14:56:03 joerg Exp $
+# $NetBSD: Makefile,v 1.15 2006/11/10 00:29:44 adrianp Exp $
#
-DISTNAME= libarchive-1.2.57
+DISTNAME= libarchive-1.3.1
CATEGORIES= archivers
MASTER_SITES= http://people.freebsd.org/~kientzle/libarchive/src/
diff --git a/archivers/libarchive/distinfo b/archivers/libarchive/distinfo
index 7af318f5498..d785aed7de3 100644
--- a/archivers/libarchive/distinfo
+++ b/archivers/libarchive/distinfo
@@ -1,6 +1,7 @@
-$NetBSD: distinfo,v 1.12 2006/08/20 14:56:03 joerg Exp $
+$NetBSD: distinfo,v 1.13 2006/11/10 00:29:44 adrianp Exp $
-SHA1 (libarchive-1.2.57.tar.gz) = 70bf5a0a6a8af4cefda412db5a2ba53724e9e3e8
-RMD160 (libarchive-1.2.57.tar.gz) = 238a44ec554aa4fc5ae795c1af3640d253f36445
-Size (libarchive-1.2.57.tar.gz) = 536128 bytes
+SHA1 (libarchive-1.3.1.tar.gz) = aed6eda15b012adbb88af0f0d76887920ffe7bbf
+RMD160 (libarchive-1.3.1.tar.gz) = e518f802d9a50afcfede6dd7cbb4f42b2cbe12a1
+Size (libarchive-1.3.1.tar.gz) = 901173 bytes
SHA1 (patch-ab) = 5e92405b0898123d8240f332475d13abe85f8ad3
+SHA1 (patch-ac) = 5775e26d19ace2b94c870c0e8de8e6efbe4b5c63
diff --git a/archivers/libarchive/patches/patch-ac b/archivers/libarchive/patches/patch-ac
new file mode 100644
index 00000000000..ba331b02208
--- /dev/null
+++ b/archivers/libarchive/patches/patch-ac
@@ -0,0 +1,52 @@
+$NetBSD: patch-ac,v 1.1 2006/11/10 00:29:44 adrianp Exp $
+
+--- libarchive/archive_read_support_compression_none.c.orig 2006-09-05 07:00:47.000000000 +0100
++++ libarchive/archive_read_support_compression_none.c
+@@ -257,7 +257,9 @@ archive_decompressor_none_read_consume(s
+ }
+
+ /*
+- * Skip at most request bytes. Skipped data is marked as consumed.
++ * Skip forward by exactly the requested bytes or else return
++ * ARCHIVE_FATAL. Note that this differs from the contract for
++ * read_ahead, which does not gaurantee a minimum count.
+ */
+ static ssize_t
+ archive_decompressor_none_skip(struct archive *a, size_t request)
+@@ -287,9 +289,7 @@ archive_decompressor_none_skip(struct ar
+ if (request == 0)
+ return (total_bytes_skipped);
+ /*
+- * If no client_skipper is provided, just read the old way. It is very
+- * likely that after skipping, the request has not yet been fully
+- * satisfied (and is still > 0). In that case, read as well.
++ * If a client_skipper was provided, try that first.
+ */
+ if (a->client_skipper != NULL) {
+ bytes_skipped = (a->client_skipper)(a, a->client_data,
+@@ -307,6 +307,12 @@ archive_decompressor_none_skip(struct ar
+ a->raw_position += bytes_skipped;
+ state->client_avail = state->client_total = 0;
+ }
++ /*
++ * Note that client_skipper will usually not satisfy the
++ * full request (due to low-level blocking concerns),
++ * so even if client_skipper is provided, we may still
++ * have to use ordinary reads to finish out the request.
++ */
+ while (request > 0) {
+ const void* dummy_buffer;
+ ssize_t bytes_read;
+@@ -314,6 +320,12 @@ archive_decompressor_none_skip(struct ar
+ &dummy_buffer, request);
+ if (bytes_read < 0)
+ return (bytes_read);
++ if (bytes_read == 0) {
++ /* We hit EOF before we satisfied the skip request. */
++ archive_set_error(a, ARCHIVE_ERRNO_MISC,
++ "Truncated input file (need to skip %d bytes)", (int)request);
++ return (ARCHIVE_FATAL);
++ }
+ assert(bytes_read >= 0); /* precondition for cast below */
+ min = minimum((size_t)bytes_read, request);
+ bytes_read = archive_decompressor_none_read_consume(a, min);