| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Libarchive 3.5.0
Relevant vendor changes:
Issue #1258: add archive_read_support_filter_by_code()
PR #1347: mtree digest reader support
Issue #1381: skip hardlinks pointing to itself on extraction
PR #1387: fix writing of cpio archives with hardlinks without file type
PR #1388: fix rdev field in cpio format for device nodes
PR #1389: completed support for UTF-8 encoding conversion
PR #1405: more formats in archive_read_support_format_by_code()
PR #1408: fix uninitialized size in rar5_read_data
PR #1409: system extended attribute support
PR #1435: support for decompression of symbolic links in zipx archives
Issue #1456: memory leak after unsuccessful archive_write_open_filename
Notes:
svn path=/vendor/libarchive/dist/; revision=368207
svn path=/vendor/libarchive/3.5.0/; revision=368208; tag=vendor/libarchive/3.5.0
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Libarchive 3.4.2
Relevant vendor changes:
PR #1289: atomic extraction support (bsdtar -x --safe-writes)
PR #1308: big endian fix for UTF16 support in LHA reader
PR #1326: reject RAR5 files that declare invalid header flags
Issue #987: fix support 7z archive entries with Delta filter
Issue #1317: fix compression output buffer handling in XAR writer
Issue #1319: fix uname or gname longer than 32 characters in pax writer
Issue #1325: fix use after free when archiving hardlinks in ISO9660 or XAR
Use localtime_r() and gmtime_r() instead of localtime() and gmtime()
Notes:
svn path=/vendor/libarchive/dist/; revision=357783
svn path=/vendor/libarchive/3.4.2/; revision=357784; tag=vendor/libarchive/3.4.2
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Relevant vendor changes:
Issue #795: XAR - do not try to add xattrs without an allocated name
PR #812: non-recursive option for extract and list
PR #958: support reading metadata from compressed files
PR #999: add --exclude-vcs option to bsdtar
Issue #1062: treat empty archives with a GNU volume header as valid
PR #1074: Handle ZIP files with trailing 0s in the extra fields
(Android APK archives)
PR #1109: Ignore padding in Zip extra field data (Android APK archives)
PR #1167: fix problems related to unreadable directories
Issue #1168: fix handling of strtol() and strtoul()
PR #1172: RAR5 - fix invalid window buffer read in E8E9 filter
PR #1174: ZIP reader - fix of MSZIP signature parsing
PR #1175: gzip filter - fix reading files larger than 4GB from memory
PR #1177: gzip filter - fix memory leak with repeated header reads
PR #1180: ZIP reader - add support for Info-ZIP Unicode Path Extra Field
PR #1181: RAR5 - fix merge_block() recursion
(OSS-Fuzz 12999, 13029, 13144, 13478, 13490)
PR #1183: fix memory leak when decompressing ZIP files with LZMA
PR #1184: fix RAR5 OSS-Fuzz issues 12466, 14490, 14491, 12817
OSS-Fuzz 12466: RAR5 - fix buffer overflow when parsing huffman tables
OSS-Fuzz 14490, 14491: RAR5 - fix bad shift-left operations
OSS-Fuzz 12817: RAR5 - handle a case with truncated huffman tables
PR #1186: RAR5 - fix invalid type used for dictionary size mask
(OSS-Fuzz 14537)
PR #1187: RAR5 - fix integer overflow (OSS-Fuzz 14555)
PR #1190: RAR5 - RAR5 don't try to unpack entries marked as directories
(OSS-Fuzz 14574)
PR #1196: RAR5 - fix a potential SIGSEGV on 32-bit builds
OSS-Fuzz 2582: RAR - fix use after free if there is an invalid entry
OSS-Fuzz 14331: RAR5 - fix maximum owner name length
OSS-Fuzz 13965: RAR5 - use unsigned int for volume number + range check
Additional RAR5 reader changes:
- support symlinks, hardlinks, file owner, file group, versioned files
- change ARCHIVE_FORMAT_RAR_V5 to 0x100000
- set correct mode for readonly directories
- support readonly, hidden and system Windows file attributes
NOTE: a version bump of libarchive will happen in the following days
Notes:
svn path=/vendor/libarchive/dist/; revision=347989
|
| |
|
|
|
|
|
|
|
|
| |
Important vendor changes:
PR #993: Chdir to -C directory for metalog processing
OSS-Fuzz #4969: Check size of the extended time field in zip archives
PR #973: Record informational compression level in gzip header
Notes:
svn path=/vendor/libarchive/dist/; revision=336851
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Relevant vendor changes:
PR #893: delete dead ppmd7 alloc callbacks
PR #904: Fix archive freeing bug in bsdcat
PR #961: Fix ZIP format names
PR #962: Don't modify attributes for existing directories
when ARCHIVE_EXTRACT_NO_OVERWRITE is set
PR #964: Fix -Werror=implicit-fallthrough= for GCC 7
PR #970: zip: Allow backslash as path separator
Notes:
svn path=/vendor/libarchive/dist/; revision=328323
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Relevant vendor changes:
PR #905: Support for Zstandard read and write filters
PR #922: Avoid overflow when reading corrupt cpio archive
Issue #935: heap-based buffer overflow in xml_data (CVE-2017-14166)
OSS-Fuzz 2936: Place a limit on the mtree line length
OSS-Fuzz 2394: Ensure that the ZIP AES extension header is large enough
OSS-Fuzz 573: Read off-by-one error in RAR archives (CVE-2017-14502)
Security: CVE-2017-14166, CVE-2017-14502
Notes:
svn path=/vendor/libarchive/dist/; revision=324145
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Vendor changes (FreeBSD-related):
PR 897: test for ZIP archives with invalid EOCD headers
PR 901: fix invalid renaming of sparse files
OSS-Fuzz issue 497: remove fallback tree in LZX decoder
OSS-Fuzz issue 527: rewrite expressions in lz4 filter
OSS-Fuzz issue 577: fix integer overflow in cpio reader
OSS-Fuzz issue 862: fix numerc parsing in mtree reader
OSS-Fuzz issue 1097: fix undefined shift in rar reader
cpio: various optimizations and memory leak fixes
Notes:
svn path=/vendor/libarchive/dist/; revision=317781
|
| |
|
|
|
|
|
|
|
|
| |
Vendor changes (FreeBSD-related):
- constify variables in several places
- unify platform ACL code in a single source file
- fix unused variable if compiling on FreeBSD without NFSv4 ACL support
Notes:
svn path=/vendor/libarchive/dist/; revision=316083
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Vendor changes (FreeBSD-related):
Break ACL read/write code into platform-specific source files
Vendor bugfixes (FreeBSD-related):
PR 867 (bsdcpio): show numeric uid/gid when names are not found
PR 870 (seekable zip): accept files with valid ZIP64 EOCD headers
PR 880 (pax): Fix handling of "size" pax header keyword
PR 887 (crypto): Discard 3072 bytes instead of 1024 of first keystream
OSS-Fuzz issue 806 (mtree): rework mtree_atol10 integer parser
Unbreak static dependency on libbz2
Notes:
svn path=/vendor/libarchive/dist/; revision=315633
|
| |
|
|
|
|
|
|
|
|
|
| |
Vendor bugfixes:
cpio reader sanity fix (OSS-Fuzz 504)
WARC reader sanity fixes (OSS-Fuzz 511, 526, 532, 552)
mtree reader time parsing fix (OSS-Fuzz 538)
XAR reader memleak fix (OSS-Fuzz 551)
Notes:
svn path=/vendor/libarchive/dist/; revision=313569
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Vendor changes (relevant to FreeBSD):
- bugfixes, improvemens and optimizations in ACL code
- NFSv4 ACLs can now be extracted from Solaris tar archives
Security fixes:
- cab reader: endless loop when parsing MSZIP signature (OSS-Fuzz 335)
- LHA reader: heap-buffer-overflow in lha_read_file_header_1() (CVE-2017-5601)
- LZ4 reader: null-pointer dereference in lz4_filter_read_legacy_stream()
(OSS-Fuzz 453)
- mtree reader: heap-buffer-overflow in detect_form() (OSS-Fuzz 421, 443)
- WARC reader: heap-buffer-overflow in xstrpisotime() (OSS-Fuzz 382, 458)
Memory leak fixes:
- ACL support: free memory allocated by acl_get_qualifier()
- disk writer: missing free in create_filesystem_object()
- file reader: fd leak (Coverity 1016755)
- gnutar writer: fix free in archive_write_gnutar_header() (Coverity 1016752)
- iso 9660 reader: missing free in parse_file_info() (part. Coverity 1016754)
- program reader: missing free in __archive_read_program()
- program writer: missing free in __archive_write_program_free()
- xar reader: missing free in xar_cleanup()
- xar reader: missing frees in expat_xmlattr_setup() (Coverity 1229979-1229981)
- xar writer: missing free in file_free()
- zip reader: missing free in zip_read_locazip_read_local_file_header()
Notes:
svn path=/vendor/libarchive/dist/; revision=313071
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Vendor bugfixes:
PR 826: OpenSSL 1.1 support
PR 830, 831, 833: Spelling fixes
OSS-Fuzz 227, 230, 239: Fix possible memory leak in archive_read_free()
OSS-Fuzz 237: Fix heap buffer overflow when reading invalid ar archives
Notes:
svn path=/vendor/libarchive/dist/; revision=310115
|
| |
|
|
|
|
|
|
|
|
| |
Small improvements, style fixes, bugfixes.
Important vendor bugfixes:
Restore compatibility with Perl Archive::Tar that was broken with #825
Notes:
svn path=/vendor/libarchive/dist/; revision=309362
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Important vendor bugfixes (relevant to FreeBSD):
#747: Out of bounds read in mtree parser
#761: heap-based buffer overflow in read_Header (7-zip)
#784: Invalid file on bsdtar command line results in internal errors (1)
PR: 213092 (1)
Obtained from: https://github.com/libarchive/libarchive
Notes:
svn path=/vendor/libarchive/dist/; revision=306669
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Fixed vendor issues:
Issue 553: Fix broken decryption for ZIP files
Issue 657: Allow up to 8k for the test root directory name
Issue 682: Correctly write gnutar filenames of exactly 512 bytes
Issue 708: tar should fail if a named input file is missing
PR 715: Fix libarchive/archive_read_support_format_mtree.c:1388:11:
error: array subscript is above array bounds
Notes:
svn path=/vendor/libarchive/dist/; revision=302003
|
| |
|
|
|
|
|
| |
Integrates my pull requests #701, #702 and #703
Notes:
svn path=/vendor/libarchive/dist/; revision=299539
|
| |
|
|
|
| |
Notes:
svn path=/vendor/libarchive/dist/; revision=299425
svn path=/vendor/libarchive/3.2.0/; revision=299528; tag=vendor/libarchive/3.2.0
|
| |
|
|
|
|
|
|
|
|
| |
Git branch: release
Git commit: 19f23e191f9d3e1dd2a518735046100419965804
Obtained from: https://github.com/libarchive/libarchive.git
Notes:
svn path=/vendor/libarchive/dist/; revision=248590
|
| |
|
|
|
|
|
|
|
|
|
| |
Git branch: release
Git commit: 8076b31490c90aaf0edccecf760004c30bd95edc
Obtained from: https://github.com/libarchive/libarchive.git
Notes:
svn path=/vendor/libarchive/dist/; revision=238825
svn path=/vendor/libarchive/3.0.4/; revision=238833; tag=vendor/libarchive/3.0.4
|
| |
|
|
|
|
|
|
|
|
| |
Git branch: release
Git commit: c477edc817b4382a1d0b2ff8c7b619af13bd349e
Obtained from: https://github.com/libarchive/libarchive.git
Notes:
svn path=/vendor/libarchive/dist/; revision=231270
|
| |
|
|
|
|
|
|
|
|
| |
Git branch: release
Git commit: 9af87742342aa4f37a22ec12c4cc1c82e00ffa2f
Obtained from: https://github.com/libarchive/libarchive.git
Notes:
svn path=/vendor/libarchive/dist/; revision=231200
|
|
|
Obtained from: http://libarchive.googlecode.com/svn/release/2.8
Notes:
svn path=/vendor/libarchive/dist/; revision=228753
|
