pkg_install-20100405:

- Try to detect common forms of pkgdb corruption and issue a warning in
  that case.
- Refactor the pkg_vulnerabilities logic to use the compression support
  from libarchive. This reduces the amount zlib/bzip2 interaction to the
  linkage.

9 files changed, 126 insertions, 259 deletions

diff --git a/pkgtools/pkg_install/Makefile b/pkgtools/pkg_install/Makefile
index f854d2bb1ad..e104062de04 100644
--- a/pkgtools/pkg_install/Makefile
+++ b/pkgtools/pkg_install/Makefile
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.176 2010/03/26 17:04:45 joerg Exp $
+# $NetBSD: Makefile,v 1.177 2010/04/14 18:24:58 joerg Exp $
 
 # Notes to package maintainers:
 #
@@ -83,11 +83,8 @@ MESSAGE_SUBST+=		PKGVULNDIR=${PKG_DBDIR:Q}			\
 VERSION!=		${AWK} '/PKGTOOLS_VERSION/ {print $$3}' \
 			${FILESDIR}/lib/version.h
 
-# linkresolver interface appeared in libarchive 2.5 and extract
-# requires version 2.5.4b to handle hardlinks correctly.
-BUILDLINK_API_DEPENDS.libarchive+=	libarchive>=2.5.4b
-# Depends on gzip handling of zlib
-BUILDLINK_API_DEPENDS.zlib+=		zlib>=1.2
+# raw format appeared in libarchive 2.8.
+BUILDLINK_API_DEPENDS.libarchive+=	libarchive>=2.8.0
 
 .include "../../archivers/bzip2/builtin.mk"
 .include "../../archivers/libarchive/builtin.mk"
diff --git a/pkgtools/pkg_install/files/add/perform.c b/pkgtools/pkg_install/files/add/perform.c
index bbd379ba889..081b6d3f48f 100644
--- a/pkgtools/pkg_install/files/add/perform.c
+++ b/pkgtools/pkg_install/files/add/perform.c
@@ -1,4 +1,4 @@
-/*	$NetBSD: perform.c,v 1.95 2010/02/20 04:40:03 joerg Exp $	*/
+/*	$NetBSD: perform.c,v 1.96 2010/04/14 18:24:58 joerg Exp $	*/
 #if HAVE_CONFIG_H
 #include "config.h"
 #endif
@@ -6,7 +6,7 @@
 #if HAVE_SYS_CDEFS_H
 #include <sys/cdefs.h>
 #endif
-__RCSID("$NetBSD: perform.c,v 1.95 2010/02/20 04:40:03 joerg Exp $");
+__RCSID("$NetBSD: perform.c,v 1.96 2010/04/14 18:24:58 joerg Exp $");
 
 /*-
  * Copyright (c) 2003 Grant Beattie <grant@NetBSD.org>
@@ -1280,7 +1280,7 @@ check_vulnerable(struct pkg_task *pkg)
 	}
 
 	if (pv == NULL) {
-		pv = read_pkg_vulnerabilities(pkg_vulnerabilities_file,
+		pv = read_pkg_vulnerabilities_file(pkg_vulnerabilities_file,
 		    require_check, 0);
 		if (pv == NULL)
 			return require_check;
diff --git a/pkgtools/pkg_install/files/admin/audit.c b/pkgtools/pkg_install/files/admin/audit.c
index 2d7c9332cef..c23ed42064c 100644
--- a/pkgtools/pkg_install/files/admin/audit.c
+++ b/pkgtools/pkg_install/files/admin/audit.c
@@ -1,4 +1,4 @@
-/*	$NetBSD: audit.c,v 1.14 2009/08/02 17:56:44 joerg Exp $	*/
+/*	$NetBSD: audit.c,v 1.15 2010/04/14 18:24:58 joerg Exp $	*/
 
 #if HAVE_CONFIG_H
 #include "config.h"
@@ -7,7 +7,7 @@
 #if HAVE_SYS_CDEFS_H
 #include <sys/cdefs.h>
 #endif
-__RCSID("$NetBSD: audit.c,v 1.14 2009/08/02 17:56:44 joerg Exp $");
+__RCSID("$NetBSD: audit.c,v 1.15 2010/04/14 18:24:58 joerg Exp $");
 
 /*-
  * Copyright (c) 2008 Joerg Sonnenberger <joerg@NetBSD.org>.
@@ -209,7 +209,7 @@ check_and_read_pkg_vulnerabilities(void)
 			    (long)(now / 86400), now / 86400 == 1 ? "" : "s");
 	}
 
-	pv = read_pkg_vulnerabilities(pkg_vulnerabilities_file, 0, check_signature);
+	pv = read_pkg_vulnerabilities_file(pkg_vulnerabilities_file, 0, check_signature);
 }
 
 void
@@ -282,7 +282,7 @@ check_pkg_vulnerabilities(int argc, char **argv)
 	if (argc != optind + 1)
 		usage();
 
-	pv = read_pkg_vulnerabilities(argv[optind], 0, check_signature);
+	pv = read_pkg_vulnerabilities_file(argv[optind], 0, check_signature);
 	free_pkg_vulnerabilities(pv);
 }
 
@@ -290,8 +290,8 @@ void
 fetch_pkg_vulnerabilities(int argc, char **argv)
 {
 	struct pkg_vulnerabilities *pv_check;
-	char *buf, *decompressed_input;
-	size_t buf_len, buf_fetched, decompressed_len;
+	char *buf;
+	size_t buf_len, buf_fetched;
 	ssize_t cur_fetched;
 	struct url *url;
 	struct url_stat st;
@@ -363,15 +363,7 @@ fetch_pkg_vulnerabilities(int argc, char **argv)
 	
 	buf[buf_len] = '\0';
 
-	if (decompress_buffer(buf, buf_len, &decompressed_input,
-	    &decompressed_len)) {
-		pv_check = parse_pkg_vulnerabilities(decompressed_input,
-		    decompressed_len, check_signature);
-		free(decompressed_input);
-	} else {
-		pv_check = parse_pkg_vulnerabilities(buf, buf_len,
-		    check_signature);
-	}
+	pv_check = read_pkg_vulnerabilities_memory(buf, buf_len, check_signature);
 	free_pkg_vulnerabilities(pv_check);
 
 	fd = open(pkg_vulnerabilities_file, O_WRONLY | O_CREAT | O_TRUNC, 0644);
diff --git a/pkgtools/pkg_install/files/lib/Makefile.in b/pkgtools/pkg_install/files/lib/Makefile.in
index c8b4e7ff69c..fcedbb67f02 100644
--- a/pkgtools/pkg_install/files/lib/Makefile.in
+++ b/pkgtools/pkg_install/files/lib/Makefile.in
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.in,v 1.28 2010/01/22 13:30:42 joerg Exp $
+# $NetBSD: Makefile.in,v 1.29 2010/04/14 18:24:58 joerg Exp $
 
 srcdir=		@srcdir@
 
@@ -26,7 +26,7 @@ INSTALL=	@INSTALL@
 
 LIB=	libinstall.a
 
-OBJS=	automatic.o conflicts.o decompress.o dewey.o fexec.o file.o \
+OBJS=	automatic.o conflicts.o dewey.o fexec.o file.o \
 	gpgsig.o global.o iterate.o license.o lpkg.o opattern.o \
 	parse-config.o pkgdb.o plist.o remove.o \
 	str.o var.o version.o vulnerabilities-file.o xwrapper.o
diff --git a/pkgtools/pkg_install/files/lib/decompress.c b/pkgtools/pkg_install/files/lib/decompress.c
deleted file mode 100644
index 31500f2580d..00000000000
--- a/pkgtools/pkg_install/files/lib/decompress.c
+++ /dev/null
@@ -1,186 +0,0 @@
-/*	$NetBSD: decompress.c,v 1.3 2009/08/02 17:56:45 joerg Exp $	*/
-
-/*-
- * Copyright (c) 2008 Joerg Sonnenberger <joerg@NetBSD.org>.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE
- * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
- * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
- * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
- * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#if HAVE_CONFIG_H
-#include "config.h"
-#endif
-
-#include <nbcompat.h>
-
-#if HAVE_SYS_CDEFS_H
-#include <sys/cdefs.h>
-#endif
-
-__RCSID("$NetBSD: decompress.c,v 1.3 2009/08/02 17:56:45 joerg Exp $");
-
-#ifdef BOOTSTRAP
-#include "lib.h"
-
-int
-decompress_buffer(const char *input, size_t input_len, char **output,
-    size_t *output_len)
-{
-	return 0;
-}
-
-#else
-
-#include <bzlib.h>
-#if HAVE_ERR_H
-#include <err.h>
-#endif
-#include <limits.h>
-#include <stdlib.h>
-#include <zlib.h>
-
-#include "lib.h"
-
-static void
-decompress_bzip2(const char *in, size_t in_len, char **out, size_t *out_len)
-{
-	bz_stream stream;
-	size_t output_produced;
-
-	if (in_len < SSIZE_MAX / 10)
-		*out_len = in_len * 10;
-	else
-		*out_len = in_len;
-	*out = xmalloc(*out_len + 1);
-
-	stream.next_in = __UNCONST(in);
-	stream.avail_in = in_len;
-	stream.next_out = *out;
-	stream.avail_out = *out_len;
-	output_produced = 0;
-	stream.bzalloc = NULL;
-	stream.bzfree = NULL;
-	stream.opaque = NULL;
-
-	if (BZ2_bzDecompressInit(&stream, 0, 0) != BZ_OK)
-		errx(EXIT_FAILURE, "BZ2_bzDecompressInit failed");
-
-	for (;;) {
-		switch (BZ2_bzDecompress(&stream)) {
-		case BZ_STREAM_END:
-			if (BZ2_bzDecompressEnd(&stream) != Z_OK)
-				errx(EXIT_FAILURE, "inflateEnd failed");
-			output_produced = *out_len - stream.avail_out;
-			*out = xrealloc(*out, output_produced + 1);
-			*out_len = output_produced;
-			(*out)[*out_len] = '\0';
-			return;
-		case BZ_OK:
-			output_produced = *out_len - stream.avail_out;
-			if (*out_len <= SSIZE_MAX / 2)
-				*out_len *= 2;
-			else
-				errx(EXIT_FAILURE, "input too large");
-			*out = xrealloc(*out, *out_len + 1);
-			stream.next_out = *out + output_produced;
-			stream.avail_out = *out_len - output_produced;
-			break;
-		default:
-			errx(EXIT_FAILURE, "inflate failed");
-		}
-	}
-}
-
-static void
-decompress_zlib(const char *in, size_t in_len, char **out, size_t *out_len)
-{
-	z_stream stream;
-	size_t output_produced;
-
-	if (in_len < SSIZE_MAX / 10)
-		*out_len = in_len * 10;
-	else
-		*out_len = in_len;
-	*out = xmalloc(*out_len + 1);
-
-	stream.next_in = __UNCONST(in);
-	stream.avail_in = in_len;
-	stream.next_out = (unsigned char *)*out;
-	stream.avail_out = *out_len;
-	output_produced = 0;
-	stream.zalloc = Z_NULL;
-	stream.zfree = Z_NULL;
-	stream.opaque = NULL;
-
-	if (inflateInit2(&stream, 47) != Z_OK)
-		errx(EXIT_FAILURE, "inflateInit failed");
-
-	for (;;) {
-		switch (inflate(&stream, Z_FINISH)) {
-		case Z_STREAM_END:
-			if (inflateEnd(&stream) != Z_OK)
-				errx(EXIT_FAILURE, "inflateEnd failed");
-			output_produced = *out_len - stream.avail_out;
-			*out = xrealloc(*out, output_produced + 1);
-			*out_len = output_produced;
-			(*out)[*out_len] = '\0';
-			return;
-		case Z_OK:
-			output_produced = *out_len - stream.avail_out;
-			if (*out_len < SSIZE_MAX / 2)
-				*out_len *= 2;
-			else if (*out_len == SSIZE_MAX - 1)
-				errx(EXIT_FAILURE, "input too large");
-			else
-				*out_len = SSIZE_MAX - 1;
-			*out = xrealloc(*out, *out_len + 1);
-			stream.next_out = (unsigned char *)*out + output_produced;
-			stream.avail_out = *out_len - output_produced;
-			break;
-		default:
-			errx(EXIT_FAILURE, "inflate failed");
-		}
-	}
-}
-
-int
-decompress_buffer(const char *input, size_t input_len, char **output,
-    size_t *output_len)
-{
-	if (input_len < 4)
-		return 0;
-	if (input[0] == 'B' && input[1] == 'Z' && input[2] == 'h' &&
-	    input[3] >= '1' && input[3] <= '9') {
-		/* Normal bzip2. */
-		decompress_bzip2(input, input_len, output, output_len);
-	} else if (input[0] == 037 && (unsigned char)input[1] == 139 &&
-	    input[2] == 8 && (input[3] & 0xe0) == 0) {
-		/* gzip header with Deflate method */
-		decompress_zlib(input, input_len, output, output_len);
-	} else /* plain text */
-		return 0;
-	return 1;
-}
-#endif /* BOOTSTRAP */
diff --git a/pkgtools/pkg_install/files/lib/lib.h b/pkgtools/pkg_install/files/lib/lib.h
index 1d6237171d5..4006474c9ea 100644
--- a/pkgtools/pkg_install/files/lib/lib.h
+++ b/pkgtools/pkg_install/files/lib/lib.h
@@ -1,4 +1,4 @@
-/* $NetBSD: lib.h,v 1.62 2010/02/20 04:40:03 joerg Exp $ */
+/* $NetBSD: lib.h,v 1.63 2010/04/14 18:24:58 joerg Exp $ */
 
 /* from FreeBSD Id: lib.h,v 1.25 1997/10/08 07:48:03 charnier Exp */
 
@@ -374,13 +374,10 @@ lpkg_t *alloc_lpkg(const char *);
 lpkg_t *find_on_queue(lpkg_head_t *, const char *);
 void    free_lpkg(lpkg_t *);
 
-/* Extract input if compressed to NUL terminated buffer (not counted) */
-int decompress_buffer(const char *, size_t, char **, size_t *);
-
-/* Parse NUL terminated inputed, argument is strlen of the input */
-struct pkg_vulnerabilities *parse_pkg_vulnerabilities(const char *, size_t, int);
 /* Read pkg_vulnerabilities from file */
-struct pkg_vulnerabilities *read_pkg_vulnerabilities(const char *, int, int);
+struct pkg_vulnerabilities *read_pkg_vulnerabilities_file(const char *, int, int);
+/* Read pkg_vulnerabilities from memory */
+struct pkg_vulnerabilities *read_pkg_vulnerabilities_memory(void *, size_t, int);
 void free_pkg_vulnerabilities(struct pkg_vulnerabilities *);
 int audit_package(struct pkg_vulnerabilities *, const char *, const char *,
     int, int);
diff --git a/pkgtools/pkg_install/files/lib/pkgdb.c b/pkgtools/pkg_install/files/lib/pkgdb.c
index 7a6d2da34fb..0d9244b9d09 100644
--- a/pkgtools/pkg_install/files/lib/pkgdb.c
+++ b/pkgtools/pkg_install/files/lib/pkgdb.c
@@ -1,4 +1,4 @@
-/*	$NetBSD: pkgdb.c,v 1.37 2010/01/22 13:30:42 joerg Exp $	*/
+/*	$NetBSD: pkgdb.c,v 1.38 2010/04/14 18:24:58 joerg Exp $	*/
 
 #if HAVE_CONFIG_H
 #include "config.h"
@@ -7,10 +7,10 @@
 #if HAVE_SYS_CDEFS_H
 #include <sys/cdefs.h>
 #endif
-__RCSID("$NetBSD: pkgdb.c,v 1.37 2010/01/22 13:30:42 joerg Exp $");
+__RCSID("$NetBSD: pkgdb.c,v 1.38 2010/04/14 18:24:58 joerg Exp $");
 
 /*-
- * Copyright (c) 1999-2008 The NetBSD Foundation, Inc.
+ * Copyright (c) 1999-2010 The NetBSD Foundation, Inc.
  * All rights reserved.
  *
  * This code is derived from software contributed to The NetBSD Foundation
@@ -168,6 +168,8 @@ pkgdb_retrieve(const char *key)
 {
 	DBT     keyd, vald;
 	int     status;
+	char	*eos;
+	static int corruption_warning;
 
 	if (pkgdbp == NULL)
 		return NULL;
@@ -179,9 +181,15 @@ pkgdb_retrieve(const char *key)
 	vald.data = (void *)NULL;
 	vald.size = 0;
 	status = (*pkgdbp->get) (pkgdbp, &keyd, &vald, 0);
-	if (status) {
-		vald.data = NULL;
-		vald.size = 0;
+	if (status)
+		return NULL;
+	eos = memchr(vald.data, 0, vald.size);
+	if (eos == NULL || eos != (char *)vald.data + vald.size) {
+		if (!corruption_warning) {
+			warnx("pkgdb corrupted, please run ``pkg_admin rebuild''");
+			corruption_warning = 1;
+		}
+		return NULL;
 	}
 
 	return vald.data;
diff --git a/pkgtools/pkg_install/files/lib/version.h b/pkgtools/pkg_install/files/lib/version.h
index f45b14cddd1..fed93d9923c 100644
--- a/pkgtools/pkg_install/files/lib/version.h
+++ b/pkgtools/pkg_install/files/lib/version.h
@@ -1,4 +1,4 @@
-/*	$NetBSD: version.h,v 1.152 2010/03/19 12:49:53 wiz Exp $	*/
+/*	$NetBSD: version.h,v 1.153 2010/04/14 18:24:58 joerg Exp $	*/
 
 /*
  * Copyright (c) 2001 Thomas Klausner.  All rights reserved.
@@ -27,6 +27,6 @@
 #ifndef _INST_LIB_VERSION_H_
 #define _INST_LIB_VERSION_H_
 
-#define PKGTOOLS_VERSION 20100319
+#define PKGTOOLS_VERSION 20100405
 
 #endif /* _INST_LIB_VERSION_H_ */
diff --git a/pkgtools/pkg_install/files/lib/vulnerabilities-file.c b/pkgtools/pkg_install/files/lib/vulnerabilities-file.c
index a53f73466ff..897795fd9b1 100644
--- a/pkgtools/pkg_install/files/lib/vulnerabilities-file.c
+++ b/pkgtools/pkg_install/files/lib/vulnerabilities-file.c
@@ -1,7 +1,7 @@
-/*	$NetBSD: vulnerabilities-file.c,v 1.5 2009/03/02 14:59:14 joerg Exp $	*/
+/*	$NetBSD: vulnerabilities-file.c,v 1.6 2010/04/14 18:24:58 joerg Exp $	*/
 
 /*-
- * Copyright (c) 2008 Joerg Sonnenberger <joerg@NetBSD.org>.
+ * Copyright (c) 2008, 2010 Joerg Sonnenberger <joerg@NetBSD.org>.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -38,7 +38,7 @@
 #if HAVE_SYS_CDEFS_H
 #include <sys/cdefs.h>
 #endif
-__RCSID("$NetBSD: vulnerabilities-file.c,v 1.5 2009/03/02 14:59:14 joerg Exp $");
+__RCSID("$NetBSD: vulnerabilities-file.c,v 1.6 2010/04/14 18:24:58 joerg Exp $");
 
 #if HAVE_SYS_STAT_H
 #include <sys/stat.h>
@@ -46,6 +46,9 @@ __RCSID("$NetBSD: vulnerabilities-file.c,v 1.5 2009/03/02 14:59:14 joerg Exp $")
 #if HAVE_SYS_WAIT_H
 #include <sys/wait.h>
 #endif
+#ifndef BOOTSTRAP
+#include <archive.h>
+#endif
 #include <ctype.h>
 #if HAVE_ERR_H
 #include <err.h>
@@ -66,6 +69,9 @@ __RCSID("$NetBSD: vulnerabilities-file.c,v 1.5 2009/03/02 14:59:14 joerg Exp $")
 
 #include "lib.h"
 
+static struct pkg_vulnerabilities *read_pkg_vulnerabilities_archive(struct archive *, int);
+static struct pkg_vulnerabilities *parse_pkg_vuln(const char *, size_t, int);
+
 static const char pgp_msg_start[] = "-----BEGIN PGP SIGNED MESSAGE-----\n";
 static const char pgp_msg_end[] = "-----BEGIN PGP SIGNATURE-----\n";
 static const char pkcs7_begin[] = "-----BEGIN PKCS7-----\n";
@@ -336,14 +342,38 @@ add_vulnerability(struct pkg_vulnerabilities *pv, size_t *allocated, const char
 }
 
 struct pkg_vulnerabilities *
-read_pkg_vulnerabilities(const char *path, int ignore_missing, int check_sum)
+read_pkg_vulnerabilities_memory(void *buf, size_t len, int check_sum)
+{
+#ifdef BOOTSTRAP
+	errx(EXIT_FAILURE, "Audit functions are unsupported during bootstrap");
+#else
+	struct archive *a;
+	struct pkg_vulnerabilities *pv;
+
+	if ((a = archive_read_new()) == NULL)
+		errx(EXIT_FAILURE, "memory allocation failed");
+	
+	if (archive_read_support_compression_all(a) != ARCHIVE_OK ||
+	    archive_read_support_format_raw(a) != ARCHIVE_OK ||
+	    archive_read_open_memory(a, buf, len) != ARCHIVE_OK)
+		errx(EXIT_FAILURE, "Cannot open pkg_vulnerabilies buffer: %s",
+		    archive_error_string(a));
+
+	pv = read_pkg_vulnerabilities_archive(a, check_sum);
+
+	return pv;
+#endif
+}
+
+struct pkg_vulnerabilities *
+read_pkg_vulnerabilities_file(const char *path, int ignore_missing, int check_sum)
 {
+#ifdef BOOTSTRAP
+	errx(EXIT_FAILURE, "Audit functions are unsupported during bootstrap");
+#else
+	struct archive *a;
 	struct pkg_vulnerabilities *pv;
-	struct stat st;
 	int fd;
-	char *input, *decompressed_input;
-	size_t input_len, decompressed_len;
-	ssize_t bytes_read;
 
 	if ((fd = open(path, O_RDONLY)) == -1) {
 		if (errno == ENOENT && ignore_missing)
@@ -351,39 +381,67 @@ read_pkg_vulnerabilities(const char *path, int ignore_missing, int check_sum)
 		err(EXIT_FAILURE, "Cannot open %s", path);
 	}
 
-	if (fstat(fd, &st) == -1)
-		err(EXIT_FAILURE, "Cannot stat %s", path);
+	if ((a = archive_read_new()) == NULL)
+		errx(EXIT_FAILURE, "memory allocation failed");
+	
+	if (archive_read_support_compression_all(a) != ARCHIVE_OK ||
+	    archive_read_support_format_raw(a) != ARCHIVE_OK ||
+	    archive_read_open_fd(a, fd, 65536) != ARCHIVE_OK)
+		errx(EXIT_FAILURE, "Cannot open ``%s'': %s", path,
+		    archive_error_string(a));
 
-	if ((st.st_mode & S_IFMT) != S_IFREG)
-		errx(EXIT_FAILURE, "Input is not regular file");
-	if (st.st_size > SSIZE_MAX - 1)
-		errx(EXIT_FAILURE, "Input too large");
+	pv = read_pkg_vulnerabilities_archive(a, check_sum);
+	close(fd);
+
+	return pv;
+#endif
+}
 
-	input_len = (size_t)st.st_size;
-	if (input_len < 4)
-		err(EXIT_FAILURE, "Input too short for a pkg_vulnerability file");
-	input = xmalloc(input_len + 1);
-	if ((bytes_read = read(fd, input, input_len)) == -1)
-		err(1, "Failed to read input");
-	if (bytes_read != st.st_size)
-		errx(1, "Unexpected short read");
+#ifndef BOOTSTRAP
+static struct pkg_vulnerabilities *
+read_pkg_vulnerabilities_archive(struct archive *a, int check_sum)
+{
+	struct archive_entry *ae;
+	struct pkg_vulnerabilities *pv;
+	char *buf;
+	size_t buf_len, off;
+	ssize_t r;
 
-	close(fd);
+	if (archive_read_next_header(a, &ae) != ARCHIVE_OK)
+		errx(EXIT_FAILURE, "Cannot read pkg_vulnerabilities: %s",
+		    archive_error_string(a));
 
-	if (decompress_buffer(input, input_len, &decompressed_input,
-	    &decompressed_len)) {
-		free(input);
-		input = decompressed_input;
-		input_len = decompressed_len;
+	off = 0;
+	buf_len = 65536;
+	buf = xmalloc(buf_len + 1);
+
+	for (;;) {
+		r = archive_read_data(a, buf + off, buf_len - off);
+		if (r <= 0)
+			break;
+		off += r;
+		if (off == buf_len) {
+			buf_len *= 2;
+			if (buf_len < off)
+				errx(EXIT_FAILURE, "pkg_vulnerabilties too large");
+			buf = xrealloc(buf, buf_len + 1);
+		}
 	}
-	pv = parse_pkg_vulnerabilities(input, input_len, check_sum);
-	free(input);
 
+	if (r != ARCHIVE_OK)
+		errx(EXIT_FAILURE, "Cannot read pkg_vulnerabilities: %s",
+		    archive_error_string(a));
+
+	archive_read_close(a);
+
+	buf[off] = '\0';
+	pv = parse_pkg_vuln(buf, off, check_sum);
+	free(buf);
 	return pv;
 }
 
-struct pkg_vulnerabilities *
-parse_pkg_vulnerabilities(const char *input, size_t input_len, int check_sum)
+static struct pkg_vulnerabilities *
+parse_pkg_vuln(const char *input, size_t input_len, int check_sum)
 {
 	struct pkg_vulnerabilities *pv;
 	long version;
@@ -502,6 +560,7 @@ parse_pkg_vulnerabilities(const char *input, size_t input_len, int check_sum)
 
 	return pv;
 }
+#endif
 
 void
 free_pkg_vulnerabilities(struct pkg_vulnerabilities *pv)