| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Sync libarchive with vendor.
Relevant vendor changes:
PR #1102: RAR5 reader - fix big-endian problems
PR #1105: Fix various crash, memory corruption and infinite loop conditions
PR #1107: RAR5 reader: removed an unused function: bf_is_last_block
MFC after: 1 week
Notes:
svn path=/head/; revision=342042
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Sync libarchive with vendor.
Relevant vendor changes:
Issue #1096: Support extracting ACLs with in-entry comments (GNU tar)
PR #1023: Support extracting extattrs as non-root on non-user-writeable
files
MFC after: 1 week
Notes:
svn path=/head/; revision=340939
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Sync libarchive with vendor.
Relevant vendor changes:
PR #1080: Spelling fixes
PR #1084: RAR5 reader bugfixes
PR #1091: fix use-after-free in delayed newc link processing
PR #1092: Fix a few obvious resource leaks and strcpy() misuses
MFC after: 1 week
Notes:
svn path=/head/; revision=340866
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Sync libarchive with vendor.
Relevant vendor changes:
RAR5 reader: more maybe-uninitialized size_t fixes for riscv64
FreeBSD build
MFC after: 1 month
Notes:
svn path=/head/; revision=339794
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Sync libarchive with vendor.
Relevant vendor changes:
RAR5 reader: FreeBSD build platform fixes for powerpc(64), mips(64),
sparc64 and riscv64
MFC after: 1 month
Notes:
svn path=/head/; revision=339751
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Sync libarchive with vendor
Relevant vendor changes:
PR #1013: Add missing h_base offset when performing absolute seeks in
xar decompression
PR #1061: Add support for extraction of RAR v5 archives
PR #1066: Fix out of bounds read on empty string filename for gnutar, pax
and v7tar
PR #1067: Fix temporary file path buffer overflow in tests
IS #1068: Correctly process and verify integer arguments passed to
bsdcpio and bsdtar
PR #1070: Don't default XAR entry atime/mtime to the current time
MFC after: 1 month
Notes:
svn path=/head/; revision=339746
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Sync libarchive with vendor.
Relevant vendor changes:
PR #1019: Add allocation check for the zip_entry struct
Oss-Fuzz #10192: Handle whitespace-only ACL fields correctly
Approved by: re (kib)
MFC after: 1 week
Notes:
svn path=/head/; revision=338827
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update libarchive to 3.3.3
As all important changes have already been merged from libarchive git
this is just version number bump, documentation update and some
polishing for cpio tests. Other source code changes are not relevant to
FreeBSD.
Approved by: re (gjb)
MFC after: 1 week
Notes:
svn path=/head/; revision=338600
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Sync libarchive with vendor..
Vendor changes:
PR #1042: validate iso9660 directory record length
MFC after: 3 days
Security: CVE-2017-14501
Notes:
svn path=/head/; revision=337745
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update vendor/libarchive/dist to git 2c8c83b9731ff822fad6cc8c670ea5519c366a14
Important vendor changes:
PR #993: Chdir to -C directory for metalog processing
OSS-Fuzz #4969: Check size of the extended time field in zip archives
PR #973: Record informational compression level in gzip header
MFC after: 1 week
Notes:
svn path=/head/; revision=336854
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Relevant vendor changes:
Fix issue #948: out-of-bounds read in lha_read_data_none()
admbugs: 877
MFC after: 3 days
Security: CVE-2017-14503
Notes:
svn path=/head/; revision=336801
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Sync libarchive with vendor.
Relevant vendor changes:
PR #893: delete dead ppmd7 alloc callbacks
PR #904: Fix archive freeing bug in bsdcat
PR #961: Fix ZIP format names
PR #962: Don't modify attributes for existing directories
when ARCHIVE_EXTRACT_NO_OVERWRITE is set
PR #964: Fix -Werror=implicit-fallthrough= for GCC 7
PR #970: zip: Allow backslash as path separator
MFC after: 1 week
Notes:
svn path=/head/; revision=328332
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Sync libarchive with vendor.
Relevant vendor changes:
PR #905: Support for Zstandard read and write filters
PR #922: Avoid overflow when reading corrupt cpio archive
Issue #935: heap-based buffer overflow in xml_data (CVE-2017-14166)
OSS-Fuzz 2936: Place a limit on the mtree line length
OSS-Fuzz 2394: Ensure that the ZIP AES extension header is large enough
OSS-Fuzz 573: Read off-by-one error in RAR archives (CVE-2017-14502)
MFC after: 1 week
Security: CVE-2017-14166, CVE-2017-14502
Notes:
svn path=/head/; revision=324148
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Sync libarchive with vendor.
Relevant vendor changes:
PR #926: ensure ar strtab is null terminated
MFC after: 1 week
Notes:
svn path=/head/; revision=321674
|
| |
|
|
|
|
|
|
|
| |
MFC after: 1 week
X-MFC-with: 320927
Reported by: Ngie Cooper <ngie@FreeBSD.org>
Notes:
svn path=/head/; revision=320932
|
| |
|
|
|
|
|
|
|
| |
MFC after: 1 week
X-MFC-with: 320927
Reported by: Ngie Cooper <ngie@FreeBSD.org>
Notes:
svn path=/head/; revision=320931
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Bump libarchive to 3.3.2
Vendor changes:
PR #901: don't depend on stdin in a testcase
MFC after: 1 week
Notes:
svn path=/head/; revision=320927
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This change will be upstreamed to the libarchive project.
MFC after: 6 days
MFC with: r317782
Reported by: Coverity
Sponsored by: Dell EMC Isilon
Notes:
svn path=/head/; revision=318181
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Sync libarchive with vendor
Vendor changes (FreeBSD-related):
PR 897: add test for ZIP archives with invalid EOCD headers
PR 901: fix invalid renaming of sparse files
OSS-Fuzz issue 497: remove fallback tree in LZX decoder
OSS-Fuzz issue 527: rewrite expressions in lz4 filter
OSS-Fuzz issue 577: fix integer overflow in cpio reader
OSS-Fuzz issue 862: fix numerc parsing in mtree reader
OSS-Fuzz issue 1097: fix undefined shift in rar reader
cpio: various optimizations and memory leak fixes
MFC after: 1 week
Notes:
svn path=/head/; revision=317782
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Vendor changes (FreeBSD-related):
Report which extended attributes could not be restored
Update archive_read_disk.3 and archive_write_disk.3 manual pages
Plug memory leaks in xattr tests.
MFC after: 1 week
Notes:
svn path=/head/; revision=316456
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Sync libarchive with vendor
Vendor changes (FreeBSD-related):
- constify variables in several places
- unify platform ACL code in a single source file
- fix unused variable if compiling on FreeBSD without NFSv4 ACL support
MFC after: 3 days
X-MFC-with: 315636, 315876
Notes:
svn path=/head/; revision=316095
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Sync libarchive with vendor.
Vendor changes (FreeBSD-related):
- store extended attributes with extattr_set_link() if no fd is provided
- add extended attribute tests to libarchive and bsdtar
- fix tar's test_option_acls
- support the UF_HIDDEN file flag
X-MFC with: 315636
Notes:
svn path=/head/; revision=315876
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Sync libarchive with vendor
Vendor changes/bugfixes (FreeBSD-related):
PR 867 (bsdcpio): show numeric uid/gid when names are not found
PR 870 (seekable zip): accept files with valid ZIP64 EOCD headers
PR 880 (pax): Fix handling of "size" pax header keyword
PR 887 (crypto): Discard 3072 bytes instead of 1024 of first keystream
OSS-Fuzz issue 806 (mtree): rework mtree_atol10 integer parser
Break ACL read/write code into platform-specific source files
Unbreak static dependency on libbz2
MFC after: 1 week
Notes:
svn path=/head/; revision=315636
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update libarchive to version 3.3.1 (and sync with latest vendor dist)
Notable vendor changes:
PR #501: improvements in ACL path handling
PR #724: fix hang when reading malformed cpio files
PR #864: fix out of bounds read with malformed GNU tar archives
Documentation, style, test suite improvements and typo fixes.
New options to bsdtar that enable or disable reading and/or writing of:
Access Control Lists (--acls, --no-acls)
Extended file flags (--fflags, --no-fflags)
Extended attributes (--xattrs, --no-xattrs)
Mac OS X metadata (Mac OS X only) (--mac-metadata, --no-mac-metadata)
MFC after: 2 weeks
Notes:
svn path=/head/; revision=314571
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Renumber cluase 4 to 3, per what everybody else did when BSD granted
them permission to remove clause 3. My insistance on keeping the same
numbering for legal reasons is too pedantic, so give up on that point.
Submitted by: Jan Schaumann <jschauma@stevens.edu>
Pull Request: https://github.com/freebsd/freebsd/pull/96
Notes:
svn path=/head/; revision=314436
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Sync libarchive with vendor
Vendor changes:
Make SCHILY.acl.ace header more compact (NFSv4 ACLs)
Vendor bugfixes:
zip reader integer parsing fix (OSS-Fuzz 556)
spelling fixes (issue #863)
Notes:
svn path=/head/; revision=313782
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Sync libarchive with vendor
Vendor bugfixes:
cpio reader sanity fix (OSS-Fuzz 504)
WARC reader sanity fixes (OSS-Fuzz 511, 526, 532, 552)
mtree reader time parsing fix (OSS-Fuzz 538)
XAR reader memleak fix (OSS-Fuzz 551)
MFC after: 1 week
Notes:
svn path=/head/; revision=313572
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Sync libarchive with vendor
Vendor changes (relevant to FreeBSD):
- support extracting NFSv4 ACLs from Solaris tar archives
- bugfixes and optimizations in the ACL code
- multiple fixes in the test suite
- typo and other small bugfixes
Security fixes:
- cab reader: endless loop when parsing MSZIP signature (OSS-Fuzz 335)
- LHA reader: heap-buffer-overflow in lha_read_file_header_1()
(CVE-2017-5601)
- LZ4 reader: null-pointer dereference in lz4_filter_read_legacy_stream()
(OSS-Fuzz 453)
- mtree reader: heap-buffer-overflow in detect_form() (OSS-Fuzz 421, 443)
- WARC reader: heap-buffer-overflow in xstrpisotime() (OSS-Fuzz 382, 458)
Memory leak fixes:
- ACL support: free memory allocated by acl_get_qualifier()
- disk writer: missing free in create_filesystem_object()
- file reader: fd leak (Coverity 1016755)
- gnutar writer: fix free in archive_write_gnutar_header()
(Coverity 101675)
- iso 9660 reader: missing free in parse_file_info()
(partial Coverity 1016754)
- program reader: missing free in __archive_read_program()
- program writer: missing free in __archive_write_program_free()
- xar reader: missing free in xar_cleanup()
- xar reader: missing frees in expat_xmlattr_setup()
(Coverity 1229979-1229981)
- xar writer: missing free in file_free()
- zip reader: missing free in zip_read_local_file_header()
MFC after: 1 week
X-MFC with: 310866, 310868, 310870, 311899
Notes:
svn path=/head/; revision=313074
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Sync libarchive with vendor.
Vendor bugfixes:
#691: Support for SCHILY.xattr extended attributes
#854: Spelling fixes
Multiple fixes in ACL code:
- prefer acl_set_fd_np() to acl_set_fd()
- if acl_set_fd_np() fails, do no fallback to acl_set_file()
- do not warn if trying to write ACLs to a filesystem without ACL support
- fix id handling in archive_acl_(from_to)_text*() for NFSv4 ACLs
MFC after: 1 week
X-MFC with: r310866
Notes:
svn path=/head/; revision=311903
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Sync libarchive with vendor.
Vendor bugfixes:
Use __LA_DEPRECATED macro with functions deprecated in 379867e (r310796)
MFC after: 2 weeks
X-MFC with: r310866
Notes:
svn path=/head/; revision=310870
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Sync libarchive with vendor.
Vendor bugfixes (relevant to FreeBSD):
PR #843: Fix memory leak of struct archive_entry in cpio/cpio.c
PR #851: Spelling fixes
Fix two protoypes in manual page archive_read_disk.3
MFC after: 2 weeks
Notes:
svn path=/head/; revision=310868
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Sync libarchive with vendor.
Vendor changes (relevant to FreeBSD):
PR #771: Add NFSv4 ACL support to pax and restricted pax
NFSv4 ACL information may now be stored to and restored from tar archives.
ACL must be non-trivial and supported by the underlying filesystem, e.g.
natively by ZFS or by UFS with the NFSv4 ACL enable flag set.
MFC after: 2 weeks
Relnotes: yes
Notes:
svn path=/head/; revision=310866
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Sync libarchive with vendor.
Vendor bugfixes (relevant to FreeBSD):
PR 846: Spelling fixes
PR 850: Fix issues with reading certain jar files
OSS-Fuzz 286: Bugfix in archive_strncat_l()
Notes:
svn path=/head/; revision=310623
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Sync libarchive with vendor.
Vendor bugfixes (relevant to FreeBSD):
PR 830, 831, 833: Spelling fixes
OSS-Fuzz 227, 230, 239: Fix possible memory leak in archive_read_free()
OSS-Fuzz 237: Fix heap buffer overflow when reading invalid ar archives
MFC after: 1 week
Notes:
svn path=/head/; revision=310185
|
| |
|
|
|
|
|
|
|
|
|
| |
contrib/libarchive's tests
MFC after: 2 weeks
Obtained from: libarchive (ebe29c, fd0ea2, f9e3de)
Reported by: Coverity
Notes:
svn path=/head/; revision=309869
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Sync libarchive with vendor.
Vendor bugfixes:
libarchive #831:
Spelling fixes
libarchive #832:
Relax sanity checks of number fields in tar header even more
OSS-Fuzz #16:
Fix possible hang in uudecode_filter_read()
OSS-Fuzz #220:
Reject an 'ar' filename table larger than 1GB or a filename larger
than 1MB.
MFC after: 1 week
Notes:
svn path=/head/; revision=309590
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes reading tar archives created by older versions of
plexus-archiver (used by maven-assembly-plugin) that fill uid and gid
fields with spaces (PLXCOMP-233).
Vendor issue:
https://github.com/libarchive/libarchive/issues/832
Reported by: Antoine Brodin <antoine@freebsd.org>
MFC after: 1 week
Notes:
svn path=/head/; revision=309523
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Sync libarchive with vendor.
Vendor bugfixes:
Fix for heap-buffer-overflow in archive_le16dec()
Fix for heap-buffer-overflow in uudecode_bidder_bid()
Reworked fix for compatibility with archives created by Perl Archive::Tar
MFC after: 1 week
Notes:
svn path=/head/; revision=309405
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Sync libarchive with vendor.
Small improvements, style fixes, bugfixes.
Restores compatibility with tar archives created with Perl Archive::Tar (1)
MFC after: 1 week
Reported by: Matthew Seaman <matthew@freebsd.org> (1)
Notes:
svn path=/head/; revision=309363
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Sync libarchive with vendor.
Important vendor bugfixes (relevant to FreeBSD):
#821: tar -P cannot extract hardlinks through symlinks
#825: Add sanity check of tar "uid, "gid" and "mtime" fields
PR: 213255
Reported by: Tijl Coosemans <tilj@FreeBSD.org>
MFC after: 1 week
Notes:
svn path=/head/; revision=309300
|
| |
|
|
|
|
|
| |
Update libarchive to 3.2.2
Notes:
svn path=/head/; revision=307861
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Sync libarchive with vendor. Style and tests fixes.
Important vendor bugfixes (relevant to FreeBSD):
#801: FreeBSD Coverity report: resource leak in libarchive/tar/test/main.c
MFC after: 1 week
Notes:
svn path=/head/; revision=307215
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Sync libarchive with vendor including security fixes.
Important vendor bugfixes (relevant to FreeBSD):
#747: Out of bounds read in mtree parser
#761: heap-based buffer overflow in read_Header (7-zip)
#784: Invalid file on bsdtar command line results in internal errors (1)
PR: 213092 (1)
MFC after: 1 week
Notes:
svn path=/head/; revision=306670
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Sync libarchive with vendor including important security fixes.
Issues fixed (FreeBSD):
PR #778: ACL error handling
Issue #745: Symlink check prefix optimization is too aggressive
Issue #746: Hard links with data can evade sandboxing restrictions
This update fixes the vulnerability #3 and vulnerability #4 as reported in
"non-cryptanalytic attacks against FreeBSD update components".
https://gist.github.com/anonymous/e48209b03f1dd9625a992717e7b89c4f
Fix for vulnerability #2 has already been merged in r304989.
MFC after: 1 week
Security: http://gist.github.com/anonymous/e48209b03f1dd9625a992717e7b89c4f
Notes:
svn path=/head/; revision=305819
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Sync libarchive with vendor
Vendor issues fixed:
PR #777: Multiple bugfixes for setup_acls()
This includes a bugfix for a bug that caused ACLs not to be read properly
for files and directories inside subdirectories and as a result not being
stored or being incorrectly stored in tar archives.
MFC after: 3 days
Notes:
svn path=/head/; revision=305422
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Sync libarchive with vendor including security fixes
Vendor issues fixed:
Issue #731: Reject tar entries >= INT64_MAX
Issue #744 (part of Issue #743): Enforce sandbox with very long pathnames
Issue #748: Zip decompression failure with highly-compressed data
Issue #767: Buffer overflow printing a filename
Issue #770: Zip read: be more careful about extra_length
MFC after: 3 days
Notes:
svn path=/head/; revision=304989
|
| |
|
|
|
|
|
| |
This commit was incorrect and will be re-committed asap.
Notes:
svn path=/head/; revision=304988
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Sync libarchive with vendor including security fixes
Vendor issues fixed:
Issue #731: Reject tar entries >= INT64_MAX
Issue #744 (part of Issue #743): Enforce sandbox with very long pathnames
Issue #748: Zip decompression failure with highly-compressed data
Issue #767: Buffer overflow printing a filename
Issue #770: Zip read: be more careful about extra_length
MFC after: 3 days
Notes:
svn path=/head/; revision=304869
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Sync libarchive with vendor including three security fixes
Vendor issues fixed:
Issue #744: Very long pathnames evade symlink checks
Issue #748: libarchive can compress, but cannot decompress zip some files
PR #750: ustar: fix out of bounds read on empty string ("") filename
PR #755: fix use of acl_get_flagset_np() on FreeBSD
MFC after: 3 days
Notes:
svn path=/head/; revision=304075
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Sync libarchive with vendor, bugfixes for tests:
- fix tests on filesystems without birthtime support, e.g. UFS1 (1)
- vendor issue #729: avoid use of C99 for-scope declarations in
test_write_format_gnutar_filenames.c
MFC after: 1 week
PR: 204157 (1)
Approved by: re (hrs)
Notes:
svn path=/head/; revision=302294
|
