<feed xmlns='http://www.w3.org/2005/Atom'>
<title>src/lib/libarchive/Makefile, branch releng/12.2</title>
<subtitle>FreeBSD source tree</subtitle>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/'/>
<entry>
<title>MFC r347990:</title>
<updated>2019-06-04T10:20:56+00:00</updated>
<author>
<name>Martin Matuska</name>
<email>mm@FreeBSD.org</email>
</author>
<published>2019-06-04T10:20:56+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=590d65eeeb5221c41309c2112587b18b5af19dc8'/>
<id>590d65eeeb5221c41309c2112587b18b5af19dc8</id>
<content type='text'>
Sync libarchive with vendor.

Relevant vendor changes:
  Issue #795: XAR - do not try to add xattrs without an allocated name
  PR #812: non-recursive option for extract and list
  PR #958: support reading metadata from compressed files
  PR #999: add --exclude-vcs option to bsdtar
  Issue #1062: treat empty archives with a GNU volume header as valid
  PR #1074: Handle ZIP files with trailing 0s in the extra fields
            (Android APK archives)
  PR #1109: Ignore padding in Zip extra field data (Android APK archives)
  PR #1167: fix problems related to unreadable directories
  Issue #1168: fix handling of strtol() and strtoul()
  PR #1172: RAR5 - fix invalid window buffer read in E8E9 filter
  PR #1174: ZIP reader - fix of MSZIP signature parsing
  PR #1175: gzip filter - fix reading files larger than 4GB from memory
  PR #1177: gzip filter - fix memory leak with repeated header reads
  PR #1180: ZIP reader - add support for Info-ZIP Unicode Path Extra Field
  PR #1181: RAR5 - fix merge_block() recursion
            (OSS-Fuzz 12999, 13029, 13144, 13478, 13490)
  PR #1183: fix memory leak when decompressing ZIP files with LZMA
  PR #1184: fix RAR5 OSS-Fuzz issues 12466, 14490, 14491, 12817
    OSS-Fuzz 12466: RAR5 - fix buffer overflow when parsing huffman tables
    OSS-Fuzz 14490, 14491: RAR5 - fix bad shift-left operations
    OSS-Fuzz 12817: RAR5 - handle a case with truncated huffman tables
  PR #1186: RAR5 - fix invalid type used for dictionary size mask
            (OSS-Fuzz 14537)
  PR #1187: RAR5 - fix integer overflow (OSS-Fuzz 14555)
  PR #1190: RAR5 - RAR5 don't try to unpack entries marked as directories
            (OSS-Fuzz 14574)
  PR #1196: RAR5 - fix a potential SIGSEGV on 32-bit builds
  OSS-Fuzz 2582: RAR - fix use after free if there is an invalid entry
  OSS-Fuzz 14331: RAR5 - fix maximum owner name length
  OSS-Fuzz 13965: RAR5 - use unsigned int for volume number + range check

  Additional RAR5 reader changes:
    - support symlinks, hardlinks, file owner, file group, versioned files
    - change ARCHIVE_FORMAT_RAR_V5 to 0x100000
    - set correct mode for readonly directories
    - support readonly, hidden and system Windows file attributes
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Sync libarchive with vendor.

Relevant vendor changes:
  Issue #795: XAR - do not try to add xattrs without an allocated name
  PR #812: non-recursive option for extract and list
  PR #958: support reading metadata from compressed files
  PR #999: add --exclude-vcs option to bsdtar
  Issue #1062: treat empty archives with a GNU volume header as valid
  PR #1074: Handle ZIP files with trailing 0s in the extra fields
            (Android APK archives)
  PR #1109: Ignore padding in Zip extra field data (Android APK archives)
  PR #1167: fix problems related to unreadable directories
  Issue #1168: fix handling of strtol() and strtoul()
  PR #1172: RAR5 - fix invalid window buffer read in E8E9 filter
  PR #1174: ZIP reader - fix of MSZIP signature parsing
  PR #1175: gzip filter - fix reading files larger than 4GB from memory
  PR #1177: gzip filter - fix memory leak with repeated header reads
  PR #1180: ZIP reader - add support for Info-ZIP Unicode Path Extra Field
  PR #1181: RAR5 - fix merge_block() recursion
            (OSS-Fuzz 12999, 13029, 13144, 13478, 13490)
  PR #1183: fix memory leak when decompressing ZIP files with LZMA
  PR #1184: fix RAR5 OSS-Fuzz issues 12466, 14490, 14491, 12817
    OSS-Fuzz 12466: RAR5 - fix buffer overflow when parsing huffman tables
    OSS-Fuzz 14490, 14491: RAR5 - fix bad shift-left operations
    OSS-Fuzz 12817: RAR5 - handle a case with truncated huffman tables
  PR #1186: RAR5 - fix invalid type used for dictionary size mask
            (OSS-Fuzz 14537)
  PR #1187: RAR5 - fix integer overflow (OSS-Fuzz 14555)
  PR #1190: RAR5 - RAR5 don't try to unpack entries marked as directories
            (OSS-Fuzz 14574)
  PR #1196: RAR5 - fix a potential SIGSEGV on 32-bit builds
  OSS-Fuzz 2582: RAR - fix use after free if there is an invalid entry
  OSS-Fuzz 14331: RAR5 - fix maximum owner name length
  OSS-Fuzz 13965: RAR5 - use unsigned int for volume number + range check

  Additional RAR5 reader changes:
    - support symlinks, hardlinks, file owner, file group, versioned files
    - change ARCHIVE_FORMAT_RAR_V5 to 0x100000
    - set correct mode for readonly directories
    - support readonly, hidden and system Windows file attributes
</pre>
</div>
</content>
</entry>
<entry>
<title>MFC r344063,r344088:</title>
<updated>2019-02-28T22:55:44+00:00</updated>
<author>
<name>Martin Matuska</name>
<email>mm@FreeBSD.org</email>
</author>
<published>2019-02-28T22:55:44+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=92392d3609525f93aa203f74c7b204e28709d04d'/>
<id>92392d3609525f93aa203f74c7b204e28709d04d</id>
<content type='text'>
MFC r344063:
Sync libarchive with vendor.

Relevant vendor changes:
  PR #1085: Fix a null pointer dereference bug in zip writer
  PR #1110: ZIP reader added support for XZ, LZMA, PPMD8 and BZIP2
            decopmpression
  PR #1116: Add support for 64-bit ar format
  PR #1120: Fix a 7zip crash [1] and a ISO9660 infinite loop [2]
  PR #1125: RAR5 reader - fix an invalid read and a memory leak
  PR #1131: POSIX reader - do not fail when tree_current_lstat() fails
            due to ENOENT [3]
  PR #1134: Delete unnecessary null pointer checks before calls of free()
  OSS-Fuzz 10843: Force intermediate to uint64_t to make UBSAN happy.
  OSS-Fuzz 11011: Avoid buffer overflow in rar5 reader

MFC r344088:
  archive_read_disk_posix.c: initialize delayed_errno

PR:		233006 [3]
Security:	CVE-2019-1000019 [1], CVE-2019-1000020 [2]
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
MFC r344063:
Sync libarchive with vendor.

Relevant vendor changes:
  PR #1085: Fix a null pointer dereference bug in zip writer
  PR #1110: ZIP reader added support for XZ, LZMA, PPMD8 and BZIP2
            decopmpression
  PR #1116: Add support for 64-bit ar format
  PR #1120: Fix a 7zip crash [1] and a ISO9660 infinite loop [2]
  PR #1125: RAR5 reader - fix an invalid read and a memory leak
  PR #1131: POSIX reader - do not fail when tree_current_lstat() fails
            due to ENOENT [3]
  PR #1134: Delete unnecessary null pointer checks before calls of free()
  OSS-Fuzz 10843: Force intermediate to uint64_t to make UBSAN happy.
  OSS-Fuzz 11011: Avoid buffer overflow in rar5 reader

MFC r344088:
  archive_read_disk_posix.c: initialize delayed_errno

PR:		233006 [3]
Security:	CVE-2019-1000019 [1], CVE-2019-1000020 [2]
</pre>
</div>
</content>
</entry>
<entry>
<title>MFC r339746,339751,339794,340866,340939,342042:</title>
<updated>2018-12-21T23:32:50+00:00</updated>
<author>
<name>Martin Matuska</name>
<email>mm@FreeBSD.org</email>
</author>
<published>2018-12-21T23:32:50+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=300d1759a180771582504f31fd42abeb08d67f63'/>
<id>300d1759a180771582504f31fd42abeb08d67f63</id>
<content type='text'>
Sync libarchive with vendor.

Relevant vendor changes:
  PR #1013: Add missing h_base offset when performing absolute seeks in
            xar decompression
  PR #1023: Support extracting extattrs as non-root on non-user-writeable
            files
  PR #1061: Add support for extraction of RAR v5 archives
  PR #1066: Fix out of bounds read on empty string filename for gnutar, pax
            and v7tar
  PR #1067: Fix temporary file path buffer overflow in tests
  IS #1068: Correctly process and verify integer arguments passed to
            bsdcpio and bsdtar
  PR #1070: Don't default XAR entry atime/mtime to the current time
  PR #1080: Spelling fixes
  PR #1084: RAR5 reader bugfixes
  PR #1091: fix use-after-free in delayed newc link processing
  PR #1092: Fix a few obvious resource leaks and strcpy() misuses
  IS #1096: Support extracting ACLs with in-entry comments (GNU tar)
  PR #1102: RAR5 reader - fix big-endian problems
  PR #1105: Fix various crash, memory corruption and infinite loop conditions

  RAR5 reader: FreeBSD build platform fixes for powerpc(64), mips(64),
               sparc64 and riscv64
  RAR5 reader: more maybe-uninitialized size_t fixes for riscv64
               FreeBSD build
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Sync libarchive with vendor.

Relevant vendor changes:
  PR #1013: Add missing h_base offset when performing absolute seeks in
            xar decompression
  PR #1023: Support extracting extattrs as non-root on non-user-writeable
            files
  PR #1061: Add support for extraction of RAR v5 archives
  PR #1066: Fix out of bounds read on empty string filename for gnutar, pax
            and v7tar
  PR #1067: Fix temporary file path buffer overflow in tests
  IS #1068: Correctly process and verify integer arguments passed to
            bsdcpio and bsdtar
  PR #1070: Don't default XAR entry atime/mtime to the current time
  PR #1080: Spelling fixes
  PR #1084: RAR5 reader bugfixes
  PR #1091: fix use-after-free in delayed newc link processing
  PR #1092: Fix a few obvious resource leaks and strcpy() misuses
  IS #1096: Support extracting ACLs with in-entry comments (GNU tar)
  PR #1102: RAR5 reader - fix big-endian problems
  PR #1105: Fix various crash, memory corruption and infinite loop conditions

  RAR5 reader: FreeBSD build platform fixes for powerpc(64), mips(64),
               sparc64 and riscv64
  RAR5 reader: more maybe-uninitialized size_t fixes for riscv64
               FreeBSD build
</pre>
</div>
</content>
</entry>
<entry>
<title>MFV r324145,324147:</title>
<updated>2017-10-01T00:40:23+00:00</updated>
<author>
<name>Martin Matuska</name>
<email>mm@FreeBSD.org</email>
</author>
<published>2017-10-01T00:40:23+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=5c831a5bd61576cacb48b39f8eeb47b92707a355'/>
<id>5c831a5bd61576cacb48b39f8eeb47b92707a355</id>
<content type='text'>
Sync libarchive with vendor.

Relevant vendor changes:
  PR #905: Support for Zstandard read and write filters
  PR #922: Avoid overflow when reading corrupt cpio archive
  Issue #935: heap-based buffer overflow in xml_data (CVE-2017-14166)
  OSS-Fuzz 2936: Place a limit on the mtree line length
  OSS-Fuzz 2394: Ensure that the ZIP AES extension header is large enough
  OSS-Fuzz 573: Read off-by-one error in RAR archives (CVE-2017-14502)

MFC after:	1 week
Security:	CVE-2017-14166, CVE-2017-14502
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Sync libarchive with vendor.

Relevant vendor changes:
  PR #905: Support for Zstandard read and write filters
  PR #922: Avoid overflow when reading corrupt cpio archive
  Issue #935: heap-based buffer overflow in xml_data (CVE-2017-14166)
  OSS-Fuzz 2936: Place a limit on the mtree line length
  OSS-Fuzz 2394: Ensure that the ZIP AES extension header is large enough
  OSS-Fuzz 573: Read off-by-one error in RAR archives (CVE-2017-14502)

MFC after:	1 week
Security:	CVE-2017-14166, CVE-2017-14502
</pre>
</div>
</content>
</entry>
<entry>
<title>Add HAS_TESTS to all Makefiles that are currently using the</title>
<updated>2017-08-02T08:50:42+00:00</updated>
<author>
<name>Enji Cooper</name>
<email>ngie@FreeBSD.org</email>
</author>
<published>2017-08-02T08:50:42+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=d511b20a693d77c1dc2491a62124471361eddd8e'/>
<id>d511b20a693d77c1dc2491a62124471361eddd8e</id>
<content type='text'>
`SUBDIR.${MK_TESTS}+= tests` idiom.

This is a follow up to r321912.
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
`SUBDIR.${MK_TESTS}+= tests` idiom.

This is a follow up to r321912.
</pre>
</div>
</content>
</entry>
<entry>
<title>Convert traditional ${MK_TESTS} conditional idiom for including test</title>
<updated>2017-08-02T08:35:51+00:00</updated>
<author>
<name>Enji Cooper</name>
<email>ngie@FreeBSD.org</email>
</author>
<published>2017-08-02T08:35:51+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=4b330699f819a81d8e34d471225143ffeb321855'/>
<id>4b330699f819a81d8e34d471225143ffeb321855</id>
<content type='text'>
directories to SUBDIR.${MK_TESTS} idiom

This is being done to pave the way for future work (and homogenity) in
^/projects/make-check-sandbox .

No functional change intended.

MFC after:	1 weeks
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
directories to SUBDIR.${MK_TESTS} idiom

This is being done to pave the way for future work (and homogenity) in
^/projects/make-check-sandbox .

No functional change intended.

MFC after:	1 weeks
</pre>
</div>
</content>
</entry>
<entry>
<title>Commit the 64-bit inode project.</title>
<updated>2017-05-23T09:29:05+00:00</updated>
<author>
<name>Konstantin Belousov</name>
<email>kib@FreeBSD.org</email>
</author>
<published>2017-05-23T09:29:05+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=69921123490b99c2588b0c743bc4af32bbe6601c'/>
<id>69921123490b99c2588b0c743bc4af32bbe6601c</id>
<content type='text'>
Extend the ino_t, dev_t, nlink_t types to 64-bit ints.  Modify
struct dirent layout to add d_off, increase the size of d_fileno
to 64-bits, increase the size of d_namlen to 16-bits, and change
the required alignment.  Increase struct statfs f_mntfromname[] and
f_mntonname[] array length MNAMELEN to 1024.

ABI breakage is mitigated by providing compatibility using versioned
symbols, ingenious use of the existing padding in structures, and
by employing other tricks.  Unfortunately, not everything can be
fixed, especially outside the base system.  For instance, third-party
APIs which pass struct stat around are broken in backward and
forward incompatible ways.

Kinfo sysctl MIBs ABI is changed in backward-compatible way, but
there is no general mechanism to handle other sysctl MIBS which
return structures where the layout has changed. It was considered
that the breakage is either in the management interfaces, where we
usually allow ABI slip, or is not important.

Struct xvnode changed layout, no compat shims are provided.

For struct xtty, dev_t tty device member was reduced to uint32_t.
It was decided that keeping ABI compat in this case is more useful
than reporting 64-bit dev_t, for the sake of pstat.

Update note: strictly follow the instructions in UPDATING.  Build
and install the new kernel with COMPAT_FREEBSD11 option enabled,
then reboot, and only then install new world.

Credits: The 64-bit inode project, also known as ino64, started life
many years ago as a project by Gleb Kurtsou (gleb).  Kirk McKusick
(mckusick) then picked up and updated the patch, and acted as a
flag-waver.  Feedback, suggestions, and discussions were carried
by Ed Maste (emaste), John Baldwin (jhb), Jilles Tjoelker (jilles),
and Rick Macklem (rmacklem).  Kris Moore (kris) performed an initial
ports investigation followed by an exp-run by Antoine Brodin (antoine).
Essential and all-embracing testing was done by Peter Holm (pho).
The heavy lifting of coordinating all these efforts and bringing the
project to completion were done by Konstantin Belousov (kib).

Sponsored by:	The FreeBSD Foundation (emaste, kib)
Differential revision:	https://reviews.freebsd.org/D10439
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Extend the ino_t, dev_t, nlink_t types to 64-bit ints.  Modify
struct dirent layout to add d_off, increase the size of d_fileno
to 64-bits, increase the size of d_namlen to 16-bits, and change
the required alignment.  Increase struct statfs f_mntfromname[] and
f_mntonname[] array length MNAMELEN to 1024.

ABI breakage is mitigated by providing compatibility using versioned
symbols, ingenious use of the existing padding in structures, and
by employing other tricks.  Unfortunately, not everything can be
fixed, especially outside the base system.  For instance, third-party
APIs which pass struct stat around are broken in backward and
forward incompatible ways.

Kinfo sysctl MIBs ABI is changed in backward-compatible way, but
there is no general mechanism to handle other sysctl MIBS which
return structures where the layout has changed. It was considered
that the breakage is either in the management interfaces, where we
usually allow ABI slip, or is not important.

Struct xvnode changed layout, no compat shims are provided.

For struct xtty, dev_t tty device member was reduced to uint32_t.
It was decided that keeping ABI compat in this case is more useful
than reporting 64-bit dev_t, for the sake of pstat.

Update note: strictly follow the instructions in UPDATING.  Build
and install the new kernel with COMPAT_FREEBSD11 option enabled,
then reboot, and only then install new world.

Credits: The 64-bit inode project, also known as ino64, started life
many years ago as a project by Gleb Kurtsou (gleb).  Kirk McKusick
(mckusick) then picked up and updated the patch, and acted as a
flag-waver.  Feedback, suggestions, and discussions were carried
by Ed Maste (emaste), John Baldwin (jhb), Jilles Tjoelker (jilles),
and Rick Macklem (rmacklem).  Kris Moore (kris) performed an initial
ports investigation followed by an exp-run by Antoine Brodin (antoine).
Essential and all-embracing testing was done by Peter Holm (pho).
The heavy lifting of coordinating all these efforts and bringing the
project to completion were done by Konstantin Belousov (kib).

Sponsored by:	The FreeBSD Foundation (emaste, kib)
Differential revision:	https://reviews.freebsd.org/D10439
</pre>
</div>
</content>
</entry>
<entry>
<title>MFV r316083,316094:</title>
<updated>2017-03-28T10:39:17+00:00</updated>
<author>
<name>Martin Matuska</name>
<email>mm@FreeBSD.org</email>
</author>
<published>2017-03-28T10:39:17+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=a7f7e457db5b3f527b4698de613fe094c4ce33c0'/>
<id>a7f7e457db5b3f527b4698de613fe094c4ce33c0</id>
<content type='text'>
Sync libarchive with vendor

Vendor changes (FreeBSD-related):
- constify variables in several places
- unify platform ACL code in a single source file
- fix unused variable if compiling on FreeBSD without NFSv4 ACL support

MFC after:	3 days
X-MFC-with:	315636, 315876
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Sync libarchive with vendor

Vendor changes (FreeBSD-related):
- constify variables in several places
- unify platform ACL code in a single source file
- fix unused variable if compiling on FreeBSD without NFSv4 ACL support

MFC after:	3 days
X-MFC-with:	315636, 315876
</pre>
</div>
</content>
</entry>
<entry>
<title>MFV r315633, 315635:</title>
<updated>2017-03-20T13:02:27+00:00</updated>
<author>
<name>Martin Matuska</name>
<email>mm@FreeBSD.org</email>
</author>
<published>2017-03-20T13:02:27+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=4657548d18877f64bd02be888406aa5b02bf9b06'/>
<id>4657548d18877f64bd02be888406aa5b02bf9b06</id>
<content type='text'>
Sync libarchive with vendor

Vendor changes/bugfixes (FreeBSD-related):
  PR 867 (bsdcpio): show numeric uid/gid when names are not found
  PR 870 (seekable zip): accept files with valid ZIP64 EOCD headers
  PR 880 (pax): Fix handling of "size" pax header keyword
  PR 887 (crypto): Discard 3072 bytes instead of 1024 of first keystream
  OSS-Fuzz issue 806 (mtree): rework mtree_atol10 integer parser
  Break ACL read/write code into platform-specific source files
  Unbreak static dependency on libbz2

MFC after:	1 week
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Sync libarchive with vendor

Vendor changes/bugfixes (FreeBSD-related):
  PR 867 (bsdcpio): show numeric uid/gid when names are not found
  PR 870 (seekable zip): accept files with valid ZIP64 EOCD headers
  PR 880 (pax): Fix handling of "size" pax header keyword
  PR 887 (crypto): Discard 3072 bytes instead of 1024 of first keystream
  OSS-Fuzz issue 806 (mtree): rework mtree_atol10 integer parser
  Break ACL read/write code into platform-specific source files
  Unbreak static dependency on libbz2

MFC after:	1 week
</pre>
</div>
</content>
</entry>
<entry>
<title>Use SRCTOP-relative paths to other directories instead of .CURDIR-relative ones</title>
<updated>2017-01-20T03:54:36+00:00</updated>
<author>
<name>Enji Cooper</name>
<email>ngie@FreeBSD.org</email>
</author>
<published>2017-01-20T03:54:36+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=dd1ed99736e4708c29ff94688176044bc268c1ee'/>
<id>dd1ed99736e4708c29ff94688176044bc268c1ee</id>
<content type='text'>
This implifies pathing in make/displayed output

MFC after:    3 weeks
Sponsored by: Dell EMC Isilon
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
This implifies pathing in make/displayed output

MFC after:    3 weeks
Sponsored by: Dell EMC Isilon
</pre>
</div>
</content>
</entry>
</feed>
