#
218f8022 |
| 29-Oct-2024 |
Mark Johnston <markj@FreeBSD.org> |
libarchive tests: Re-enable a broken test
It passes and so appears to have been silently fixed at some point.
PR: 240683 MFC after: 1 week
|
#
bd66c1b4 |
| 20-Oct-2024 |
Martin Matuska <mm@FreeBSD.org> |
libarchive: merge from vendor branch
Libarchive 3.7.7
Security fixes: #2158 rpm: calculate huge header sizes correctly #2160 util: fix out of boundary access in mktemp functions #2168 uu: stop p
libarchive: merge from vendor branch
Libarchive 3.7.7
Security fixes: #2158 rpm: calculate huge header sizes correctly #2160 util: fix out of boundary access in mktemp functions #2168 uu: stop processing if lines are too long #2174 lzop: prevent integer overflow #2172 rar4: protect copy_from_lzss_window_to_unp() (CVE-2024-20696) #2175 unzip: unify EOF handling #2179 rar4: fix out of boundary access with large files #2203 rar4: fix OOB access with unicode filenames #2210 rar4: add boundary checks to rgb filter #2248 rar4: fix OOB in delta filter #2249 rar4: fix OOB in audio filter #2256 fix multiple vulnerabilities identified by SAST #2258 cpio: ignore out-of-range gid/uid/size/ino and harden AFIO parsing #2265 rar5: clear 'data ready' cache on window buffer reallocs #2269 rar4: fix CVE-2024-26256 (CVE-2024-26256) #2330 iso: be more cautious about parsing ISO-9660 timestamps #2343 tar: clean up linkpath between entries #2364 tar: don't crash on truncated tar archives #2366 gzip: prevent a hang when processing a malformed gzip inside a gzip #2377 tar: fix two leaks in tar header parsing
Important bugfixes: #2096 rar5: report encrypted entries #2150 xar: fix another infinite loop and expat error handling #2173 shar: check strdup return value #2161 lha: fix integer truncation on 32-bit systems #2338 tar: fix memory leaks when processing symlinks or parsing pax headers #2245 7zip: fix issue when skipping first file in 7zip archive that is a multiple of 65536 bytes #2252 7-zip: read/write symlink paths as UTF-8 #2259 rar5: don't try to read rediculously long names #2290 ar: fix archive entries having no type #2360 tar: fix truncation of entry pathnames in specific archives
CVE: CVE-2024-20696, CVE-2024-26256 PR: 282047 (exp-run) MFC after: 1 week
show more ...
|
Revision tags: release/13.4.0, release/14.1.0 |
|
#
13d826ff |
| 29-Apr-2024 |
Martin Matuska <mm@FreeBSD.org> |
libarchive: merge from vendor branch
Libarchive 3.7.4 + three fixes from master
Security fixes: #2135 rar: Fix OOB in rar e8 filter (CVE-2024-26256) #2145 zip: Fix out of boundary access #2148 r
libarchive: merge from vendor branch
Libarchive 3.7.4 + three fixes from master
Security fixes: #2135 rar: Fix OOB in rar e8 filter (CVE-2024-26256) #2145 zip: Fix out of boundary access #2148 rar: Fix OOB in rar delta filter #2149 rar: Fix OOB in rar audio filter
Important bugfixes: #2131 7zip: Limit amount of properties #2110 bsdtar: Fix error handling around strtol() usages #2116 passphrase: Never allow empty passwords #2124 rar: Fix "File CRC Error" when extracting specific rar4 archives #2123 xar: Avoid infinite link loop #2150 xar: Fix another infinite loop and expat error handling #2108 zip: Update AppleDouble support for directories #2071 zstd: Implement core detectiongit
PR: 278588 (exp-run) MFC after: 1 day
show more ...
|
#
7d03ec33 |
| 17-Apr-2024 |
Martin Matuska <mm@FreeBSD.org> |
libarchive: add two missing package files to libarchive tests
MFC after: 1 week
|
#
b9128a37 |
| 16-Apr-2024 |
Martin Matuska <mm@FreeBSD.org> |
libarchive: merge from vendor branch
Libarchive 3.7.3
New features: #1941 uudecode filter: support file name and file mode in raw mode #1943 7-zip reader: translate Windows permissions into UNI
libarchive: merge from vendor branch
Libarchive 3.7.3
New features: #1941 uudecode filter: support file name and file mode in raw mode #1943 7-zip reader: translate Windows permissions into UNIX permissions #1962 zstd filter now supports the "long" write option #2012 add trailing letter b to bsdtar(1) substitute pattern #2031 PCRE2 support #2054 add support for long options "--group" and "--owner" to tar(1)
Security fixes: #2101 Fix possible vulnerability in tar error reporting introduced in f27c173
Important bugfixes: #1974 ISO9660: preserve the natural order of links #2105 rar5: fix infinite loop if during rar5 decompression the last block produced no data #2027 xz filter: fix incorrect eof at the end of an lzip member #2043 zip: fix end-of-data marker processing when decompressing zip archives
PR: 278315 (exp-run) MFC after: 1 week
show more ...
|
Revision tags: release/13.3.0, release/14.0.0 |
|
#
d0b2dbfa |
| 16-Aug-2023 |
Warner Losh <imp@FreeBSD.org> |
Remove $FreeBSD$: one-line sh pattern
Remove /^\s*#[#!]?\s*\$FreeBSD\$.*$\n/
|
#
e64fe029 |
| 24-Jul-2023 |
Martin Matuska <mm@FreeBSD.org> |
libarchive: merge from vendor branch
Libarchive 3.7.0
Important changes (relevant to FreeBSD): #1814 Do not account for NULL terminator when comparing with "TRAILER!!!" #1818 Add ability to pro
libarchive: merge from vendor branch
Libarchive 3.7.0
Important changes (relevant to FreeBSD): #1814 Do not account for NULL terminator when comparing with "TRAILER!!!" #1818 Add ability to produce multi-frame zstd archives #1840 year 2038 fix for pax archives on platforms with 64-bit time_t #1860 Make single bit bitfields unsigned to avoid clang 16 warning #1869 Fix FreeBSD builds with WARNS=6 #1873 bsdunzip ported to libarchive from FreeBSD #1894 read support for zstd compression in 7zip archives #1918 ARM64 filter support in 7zip archives
MFC after: 2 weeks PR: 272567 (exp-run)
show more ...
|
Revision tags: release/13.2.0 |
|
#
bd5e624a |
| 13-Dec-2022 |
Martin Matuska <mm@FreeBSD.org> |
libarchive: merge from vendor branch
Libarchive 3.6.2
Important bug fixes: rar5 reader: fix possible garbled output with bsdtar -O (#1745) mtree reader: support reading mtree files with tabs (#
libarchive: merge from vendor branch
Libarchive 3.6.2
Important bug fixes: rar5 reader: fix possible garbled output with bsdtar -O (#1745) mtree reader: support reading mtree files with tabs (#1783) various small fixes for issues found by CodeQL
MFC after: 2 weeks PR: 286306 (exp-run)
show more ...
|
Revision tags: release/12.4.0, release/13.1.0 |
|
#
833a452e |
| 10-Feb-2022 |
Martin Matuska <mm@FreeBSD.org> |
libarchive: import changes from upstream
Libarchive 3.6.0
New features: PR #1614: tar: new option "--no-read-sparse" PR #1503: RAR reader: filter support PR #1585: RAR5 reader: self-extracting arch
libarchive: import changes from upstream
Libarchive 3.6.0
New features: PR #1614: tar: new option "--no-read-sparse" PR #1503: RAR reader: filter support PR #1585: RAR5 reader: self-extracting archive support
New features (not used in FreeBSD base): PR #1567: tar: threads support for zstd (#1567) PR #1518: ZIP reader: zstd decompression support
Security Fixes: PR #1491, #1492, #1493, CVE-2021-36976: fix invalid memory access and out of bounds read in RAR5 reader PR #1566, #1618, CVE-2021-31566: extended fix for following symlinks when processing the fixup list
Other notable bugfixes and improvements: PR #1620: tar: respect "--ignore-zeros" in c, r and u modes PR #1625: reduced size of application binaries
MFC after: 2 weeks Relnotes: yes
show more ...
|
Revision tags: release/12.3.0 |
|
#
ddce862a |
| 23-Aug-2021 |
Martin Matuska <mm@FreeBSD.org> |
libarchive: import changes from upstream
Libarchive 3.5.2
New features: PR #1502: Support for PWB and v7 binary cpio formats PR #1509: Support of deflate algorithm in symbolic link decompressio
libarchive: import changes from upstream
Libarchive 3.5.2
New features: PR #1502: Support for PWB and v7 binary cpio formats PR #1509: Support of deflate algorithm in symbolic link decompression for ZIP archives
Important bugfixes: IS #1044: fix extraction of hardlinks to symlinks PR #1480: Fix truncation of size values during 7zip archive extraction on 32bit architectures PR #1504: fix rar header skiming PR #1514: ZIP excessive disk read - fix location of central directory PR #1520: fix double-free in CAB reader PR #1521: Fixed leak of rar before ending with error PR #1530: Handle short writes from archive_write_callback PR #1532: 7zip: Use compression settings from file also for file header IS #1566: do not follow symlinks when processing the fixup list
MFC after: 2 weeks Relnotes: yes
show more ...
|
Revision tags: release/13.0.0 |
|
#
3454fa11 |
| 25-Jan-2021 |
Alex Richardson <Alexander.Richardson@cl.cam.ac.uk> |
Don't include libarchive fuzz tests by default
These tests are basic fuzz tests that permute input to trigger crashes rather than regression or unit tests. Additionally, some of them take a rather l
Don't include libarchive fuzz tests by default
These tests are basic fuzz tests that permute input to trigger crashes rather than regression or unit tests. Additionally, some of them take a rather long time to run and should probably be run on a dedicated fuzzing job instead. Moreover, these simple tests use rand() instead of a real fuzzing tool that generates interesting inputs (e.g. LLVM libFuzzer) so are unlikely to find anything interesting when run in CI.
This allows removing one BROKEN_TESTS case due to timeouts and speeds up running tests on emulated platforms such as QEMU.
Reviewed By: lwhsu, mm Differential Revision: https://reviews.freebsd.org/D27153
show more ...
|
#
c3afd20f |
| 01-Dec-2020 |
Martin Matuska <mm@FreeBSD.org> |
MFV r368207: Update libarchive to 3.5.0
Relevant vendor changes: Issue #1258: add archive_read_support_filter_by_code() PR #1347: mtree digest reader support Issue #1381: skip hardlinks pointi
MFV r368207: Update libarchive to 3.5.0
Relevant vendor changes: Issue #1258: add archive_read_support_filter_by_code() PR #1347: mtree digest reader support Issue #1381: skip hardlinks pointing to itself on extraction PR #1387: fix writing of cpio archives with hardlinks without file type PR #1388: fix rdev field in cpio format for device nodes PR #1389: completed support for UTF-8 encoding conversion PR #1405: more formats in archive_read_support_format_by_code() PR #1408: fix uninitialized size in rar5_read_data PR #1409: system extended attribute support PR #1435: support for decompression of symbolic links in zipx archives Issue #1456: memory leak after unsuccessful archive_write_open_filename
MFC after: 1 week
show more ...
|
Revision tags: release/12.2.0 |
|
#
fe815331 |
| 18-Sep-2020 |
Kyle Evans <kevans@FreeBSD.org> |
build: provide a default WARNS for all in-tree builds
The current default is provided in various Makefile.inc in some top-level directories and covers a good portion of the tree, but doesn't cover p
build: provide a default WARNS for all in-tree builds
The current default is provided in various Makefile.inc in some top-level directories and covers a good portion of the tree, but doesn't cover parts of the build a little deeper (e.g. libcasper).
Provide a default in src.sys.mk and set WARNS to it in bsd.sys.mk if that variable is defined. This lets us relatively cleanly provide a default WARNS no matter where you're building in the src tree without breaking things outside of the tree.
Crunchgen has been updated as a bootstrap tool to work on this change because it needs r365605 at a minimum to succeed. The cleanup necessary to successfully walk over this change on WITHOUT_CLEAN builds has been added.
There is a supplemental project to this to list all of the warnings that are encountered when the environment has WARNS=6 NO_WERROR=yes: https://warns.kevans.dev -- this project will hopefully eventually go away in favor of CI doing a much better job than it.
Reviewed by: emaste, brooks, ngie (all earlier version) Reviewed by: emaste, arichardson (depend-cleanup.sh change) Differential Revision: https://reviews.freebsd.org/D26455
show more ...
|
#
c5ef56ea |
| 18-Sep-2020 |
Alex Richardson <arichardson@FreeBSD.org> |
Remove unnecessary include "../Makefile.inc"
This is already pulled in by bsd.init.mk.
Reported By: kevans
|
#
72f97a2d |
| 18-Sep-2020 |
Alex Richardson <arichardson@FreeBSD.org> |
libarchive: fix mismatch between library and test configuration
I was investigating libarchive test failures on CheriBSD and it turns out we get a reproducible SIGBUS for test_archive_m5, etc. Debug
libarchive: fix mismatch between library and test configuration
I was investigating libarchive test failures on CheriBSD and it turns out we get a reproducible SIGBUS for test_archive_m5, etc. Debugging this shows that libarchive and the tests disagree when it comes to the definition of archive_md5_ctx: libarchive assumes it's the OpenSSL type whereas the test use the libmd type. The latter is not necessarily aligned enough to store a pointer (16 bytes for CHERI RISC-V), so we were crashing when storing EVP_MD_CTX* to an 8-byte-aligned archive_md5_ctx.
To avoid problems like this in the future, factor out the common compiler flags into a Makefile.inc and include that from the tests Makefile.
Reviewed By: lwhsu Differential Revision: https://reviews.freebsd.org/D26469
show more ...
|
Revision tags: release/11.4.0 |
|
#
de6fa6b4 |
| 20-May-2020 |
Martin Matuska <mm@FreeBSD.org> |
MFV r361280: Update libarchive to 3.4.3
Relevant vendor changes: PR #1352: support negative zstd compression levels PR #1359: improve zstd version checking PR #1348: support RHT.security.selin
MFV r361280: Update libarchive to 3.4.3
Relevant vendor changes: PR #1352: support negative zstd compression levels PR #1359: improve zstd version checking PR #1348: support RHT.security.selinux from GNU tar PR #1357: support for archives compressed with pzstd PR #1367: fix issues in acl tests PR #1372: child handling cleanup PR #1378: fix memory leak from passphrase callback
show more ...
|
#
e43d33d2 |
| 05-Mar-2020 |
Dimitry Andric <dim@FreeBSD.org> |
Merge ^/head r358466 through r358677.
|
#
f55be4fc |
| 02-Mar-2020 |
Martin Matuska <mm@FreeBSD.org> |
MFV r358511,r358532:
Sync libarchive with vendor.
Relevant vendor changes: Issue #1257: Add testcase for ZIPX files with LZMA_STREAM_END marker PR #1331: cpio.5: fix hard link description Iss
MFV r358511,r358532:
Sync libarchive with vendor.
Relevant vendor changes: Issue #1257: Add testcase for ZIPX files with LZMA_STREAM_END marker PR #1331: cpio.5: fix hard link description Issue #1335: archive_read.c: fix UBSan warning about undefined behavior Issue #1338: XAR reader: fix UBSan warning about undefined behavior Issue #1339: bsdcpio_test: fix datatype in from_hex() Issue #1341: Safe writes: delete temporary file if rename fails. Issue #1341: Safe writes: improve error handling
MFC after: 1 week
show more ...
|
#
44e86fbd |
| 13-Feb-2020 |
Dimitry Andric <dim@FreeBSD.org> |
Merge ^/head r357662 through r357854.
|
#
f9762417 |
| 12-Feb-2020 |
Martin Matuska <mm@FreeBSD.org> |
MFV r357783: Update libarchive to 3.4.2
Relevant vendor changes: PR #1289: atomic extraction support (bsdtar -x --safe-writes) PR #1308: big endian fix for UTF16 support in LHA reader PR #1326
MFV r357783: Update libarchive to 3.4.2
Relevant vendor changes: PR #1289: atomic extraction support (bsdtar -x --safe-writes) PR #1308: big endian fix for UTF16 support in LHA reader PR #1326: reject RAR5 files that declare invalid header flags Issue #987: fix support 7z archive entries with Delta filter Issue #1317: fix compression output buffer handling in XAR writer Issue #1319: fix uname or gname longer than 32 characters in pax writer Issue #1325: fix use after free when archiving hardlinks in ISO9660 or XAR Use localtime_r() and gmtime_r() instead of localtime() and gmtime()
X-MFC-With: r356212,r356365,r356416 MFC after: 1 week
show more ...
|
#
79085fd3 |
| 31-Dec-2019 |
Martin Matuska <mm@FreeBSD.org> |
MFV r356163,r356197: Update libarchive to 3.4.1
Relevant vendor changes since last update: Issue #351: Refactor and implement private state logic for write filters PR #1252: RAR5 reader - verify
MFV r356163,r356197: Update libarchive to 3.4.1
Relevant vendor changes since last update: Issue #351: Refactor and implement private state logic for write filters PR #1252: RAR5 reader - verify window size for solid files (OSS-Fuzz 15482) PR #1255: zip writer - don't append unused NUL for directories PR #1260: Fix sparse file offset overflow on 32-bit systems PR #1263: UNICODE filename support for reading lha/lzh format Issue #1276: Bugfix and optimize archive_wstring_append_from_mbs() PR #1288: Add the "xattrhdr" option to pax write options PR #1295: 7z reader - fix reading archives with digests in PackInfo PR #1296: RAR5 reader - verify window size for multivolume archives PR #1297: ZIP reader - support LZMA_STREAM_END marker in 'lzma alone' files Issue #1298: Fix a heap-buffer-overflow in archive_string_append_from_wcs() OSS-Fuzz 19360, 19362: LHA reader - plug two memory leaks on error Fix possible off-by-one when dealing with readlink(2)
MFC after: 2 weeks
show more ...
|
Revision tags: release/12.1.0 |
|
#
0f80acb9 |
| 19-Sep-2019 |
Dimitry Andric <dim@FreeBSD.org> |
Merge ^/head r352436 through r352536.
|
#
05a42b76 |
| 19-Sep-2019 |
Li-Wen Hsu <lwhsu@FreeBSD.org> |
Whitespace cleanup, no functional change
Sponsored by: The FreeBSD Foundation
|
#
e7512153 |
| 19-Sep-2019 |
Li-Wen Hsu <lwhsu@FreeBSD.org> |
Temporarily add test_write_filter_zstd BROKEN_TESTS as it always fails in CI
There is no trivial way to mark single libarchive test skip currently so just add it to BROKEN_TESTS for now.
PR: 24068
Temporarily add test_write_filter_zstd BROKEN_TESTS as it always fails in CI
There is no trivial way to mark single libarchive test skip currently so just add it to BROKEN_TESTS for now.
PR: 240683 Sponsored by: The FreeBSD Foundation
show more ...
|
#
58df81b3 |
| 30-Jul-2019 |
Alan Somers <asomers@FreeBSD.org> |
MFHead @350426
Sponsored by: The FreeBSD Foundation
|