| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Relevant vendor changes:
Issue #795: XAR - do not try to add xattrs without an allocated name
PR #812: non-recursive option for extract and list
PR #958: support reading metadata from compressed files
PR #999: add --exclude-vcs option to bsdtar
Issue #1062: treat empty archives with a GNU volume header as valid
PR #1074: Handle ZIP files with trailing 0s in the extra fields
(Android APK archives)
PR #1109: Ignore padding in Zip extra field data (Android APK archives)
PR #1167: fix problems related to unreadable directories
Issue #1168: fix handling of strtol() and strtoul()
PR #1172: RAR5 - fix invalid window buffer read in E8E9 filter
PR #1174: ZIP reader - fix of MSZIP signature parsing
PR #1175: gzip filter - fix reading files larger than 4GB from memory
PR #1177: gzip filter - fix memory leak with repeated header reads
PR #1180: ZIP reader - add support for Info-ZIP Unicode Path Extra Field
PR #1181: RAR5 - fix merge_block() recursion
(OSS-Fuzz 12999, 13029, 13144, 13478, 13490)
PR #1183: fix memory leak when decompressing ZIP files with LZMA
PR #1184: fix RAR5 OSS-Fuzz issues 12466, 14490, 14491, 12817
OSS-Fuzz 12466: RAR5 - fix buffer overflow when parsing huffman tables
OSS-Fuzz 14490, 14491: RAR5 - fix bad shift-left operations
OSS-Fuzz 12817: RAR5 - handle a case with truncated huffman tables
PR #1186: RAR5 - fix invalid type used for dictionary size mask
(OSS-Fuzz 14537)
PR #1187: RAR5 - fix integer overflow (OSS-Fuzz 14555)
PR #1190: RAR5 - RAR5 don't try to unpack entries marked as directories
(OSS-Fuzz 14574)
PR #1196: RAR5 - fix a potential SIGSEGV on 32-bit builds
OSS-Fuzz 2582: RAR - fix use after free if there is an invalid entry
OSS-Fuzz 14331: RAR5 - fix maximum owner name length
OSS-Fuzz 13965: RAR5 - use unsigned int for volume number + range check
Additional RAR5 reader changes:
- support symlinks, hardlinks, file owner, file group, versioned files
- change ARCHIVE_FORMAT_RAR_V5 to 0x100000
- set correct mode for readonly directories
- support readonly, hidden and system Windows file attributes
NOTE: a version bump of libarchive will happen in the following days
Notes:
svn path=/vendor/libarchive/dist/; revision=347989
|
|
|
|
|
|
|
|
|
|
|
|
| |
Relevant vendor changes:
PR #1153: fixed 2 bugs in ZIP reader
PR #1143: ensure archive_read_disk_entry_from_file() uses ARCHIVE_READ_DISK
Changes to file flags code, support more file flags on FreeBSD:
UF_OFFLINE, UF_READONLY, UF_SPARSE, UF_REPARSE, UF_SYSTEM
UF_ARCHIVE is not supported by intention (yet)
Notes:
svn path=/vendor/libarchive/dist/; revision=345495
|
|
|
|
|
|
|
| |
archive_read_disk_posix.c: initialize delayed_errno
Notes:
svn path=/vendor/libarchive/dist/; revision=344088
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Relevant vendor changes:
PR #1085: Fix a null pointer dereference bug in zip writer
PR #1110: ZIP reader added support for XZ, LZMA, PPMD8 and BZIP2
decopmpression
PR #1116: Add support for 64-bit ar format
PR #1120: Fix a 7zip crash [1] and a ISO9660 infinite loop [2]
PR #1125: RAR5 reader - fix an invalid read and a memory leak
PR #1131: POSIX reader - do not fail when tree_current_lstat() fails
due to ENOENT [3]
PR #1134: Delete unnecessary null pointer checks before calls of free()
OSS-Fuzz 10843: Force intermediate to uint64_t to make UBSAN happy.
OSS-Fuzz 11011: Avoid buffer overflow in rar5 reader
PR: 233006 [3]
Security: CVE-2019-1000019 [1], CVE-2019-1000020 [2]
Notes:
svn path=/vendor/libarchive/dist/; revision=344063
|
|
|
|
|
|
|
|
| |
Relevant vendor changes:
PR #1105: Fix various crash, memory corruption and infinite loop conditions
Notes:
svn path=/vendor/libarchive/dist/; revision=342041
|
|
|
|
|
|
|
|
| |
Relevant vendor changes:
PR #1107: RAR5 reader: removed an unused function: bf_is_last_block
Notes:
svn path=/vendor/libarchive/dist/; revision=342040
|
|
|
|
|
|
|
|
| |
Relevant vendor changes:
PR #1102: RAR5 reader - fix big-endian problems
Notes:
svn path=/vendor/libarchive/dist/; revision=341771
|
|
|
|
|
|
|
|
|
| |
Relevant vendor changes:
Issue #1096: Support extracting ACLs with in-entry comments (GNU tar)
PR #1023: Support extracting extattrs as non-root on non-user-writable files
Notes:
svn path=/vendor/libarchive/dist/; revision=340938
|
|
|
|
|
|
|
|
|
|
|
| |
Relevant vendor changes:
PR #1080: Spelling fixes
PR #1084: RAR5 reader bugfixes
PR #1091: fix use-after-free in delayed newc link processing
PR #1092: Fix a few obvious resource leaks and strcpy() misuses
Notes:
svn path=/vendor/libarchive/dist/; revision=340865
|
|
|
|
|
|
|
|
|
| |
Relevant vendor changes:
RAR5 reader: more maybe-uninitialized size_t fixes for riscv64
FreeBSD build
Notes:
svn path=/vendor/libarchive/dist/; revision=339792
|
|
|
|
|
|
|
|
|
| |
Relevant vendor changes:
RAR5 reader: FreeBSD build platform fixes for powerpc(64), mips(64),
sparc64 and riscv64
Notes:
svn path=/vendor/libarchive/dist/; revision=339750
|
|
|
|
|
|
|
|
| |
Relevant ventor changes:
RAR5 reader: comment out unused constant
Notes:
svn path=/vendor/libarchive/dist/; revision=339644
|
|
|
|
|
|
|
|
| |
Relevant ventor changes:
RAR5 reader: declare some constants static
Notes:
svn path=/vendor/libarchive/dist/; revision=339641
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Relevant vendor changes:
PR #1013: Add missing h_base offset when performing absolute seeks in
xar decompression
PR #1061: Add support for extraction of RAR v5 archives
PR #1066: Fix out of bounds read on empty string filename for gnutar, pax
and v7tar
PR #1067: Fix temporary file path buffer overflow in tests
IS #1068: Correctly process and verify integer arguments passed to
bsdcpio and bsdtar
PR #1070: Don't default XAR entry atime/mtime to the current time
Notes:
svn path=/vendor/libarchive/dist/; revision=339640
|
|
|
|
|
|
|
|
|
| |
Relevant vendor changes:
PR #1019: Add allocation check for the zip_entry struct
Oss-Fuzz #10192: Handle whitespace-only ACL fields correctly
Notes:
svn path=/vendor/libarchive/dist/; revision=338797
|
|
|
|
|
|
|
|
| |
libarchive 3.3.3
Notes:
svn path=/vendor/libarchive/dist/; revision=338519
svn path=/vendor/libarchive/3.3.3/; revision=338520; tag=vendor/libarchive/3.3.3
|
|
|
|
|
|
|
|
|
|
| |
Important vendor changes:
PR #1042: validate iso9660 directory record length
Security: CVE-2017-14501
Notes:
svn path=/vendor/libarchive/dist/; revision=337744
|
|
|
|
|
|
|
|
|
|
| |
Important vendor changes:
PR #993: Chdir to -C directory for metalog processing
OSS-Fuzz #4969: Check size of the extended time field in zip archives
PR #973: Record informational compression level in gzip header
Notes:
svn path=/vendor/libarchive/dist/; revision=336851
|
|
|
|
|
|
|
|
|
|
|
| |
Relevant vendor changes:
Fix issue #948: out-of-bounds read in lha_read_data_none()
admbugs: 877
Security: CVE-2017-14503
Notes:
svn path=/vendor/libarchive/dist/; revision=336800
|
|
|
|
| |
Notes:
svn path=/vendor/libarchive/dist/; revision=328324
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Relevant vendor changes:
PR #893: delete dead ppmd7 alloc callbacks
PR #904: Fix archive freeing bug in bsdcat
PR #961: Fix ZIP format names
PR #962: Don't modify attributes for existing directories
when ARCHIVE_EXTRACT_NO_OVERWRITE is set
PR #964: Fix -Werror=implicit-fallthrough= for GCC 7
PR #970: zip: Allow backslash as path separator
Notes:
svn path=/vendor/libarchive/dist/; revision=328323
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Relevant vendor changes:
PR #905: Support for Zstandard read and write filters
PR #922: Avoid overflow when reading corrupt cpio archive
Issue #935: heap-based buffer overflow in xml_data (CVE-2017-14166)
OSS-Fuzz 2936: Place a limit on the mtree line length
OSS-Fuzz 2394: Ensure that the ZIP AES extension header is large enough
OSS-Fuzz 573: Read off-by-one error in RAR archives (CVE-2017-14502)
Security: CVE-2017-14166, CVE-2017-14502
Notes:
svn path=/vendor/libarchive/dist/; revision=324145
|
|
|
|
|
|
|
|
| |
Relevant vendor changes:
PR #926: ensure ar strtab is null terminated
Notes:
svn path=/vendor/libarchive/dist/; revision=321673
|
|
|
|
|
|
|
| |
libarchive 3.3.3dev
Notes:
svn path=/vendor/libarchive/dist/; revision=321672
|
|
|
|
|
|
|
|
|
|
|
| |
Release 3.3.2
Vendor changes:
PR #901: don't depend on stdin in a testcase
Notes:
svn path=/vendor/libarchive/dist/; revision=320924
svn path=/vendor/libarchive/3.3.2/; revision=320926; tag=vendor/libarchive/3.3.2
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Vendor changes (FreeBSD-related):
PR 897: test for ZIP archives with invalid EOCD headers
PR 901: fix invalid renaming of sparse files
OSS-Fuzz issue 497: remove fallback tree in LZX decoder
OSS-Fuzz issue 527: rewrite expressions in lz4 filter
OSS-Fuzz issue 577: fix integer overflow in cpio reader
OSS-Fuzz issue 862: fix numerc parsing in mtree reader
OSS-Fuzz issue 1097: fix undefined shift in rar reader
cpio: various optimizations and memory leak fixes
Notes:
svn path=/vendor/libarchive/dist/; revision=317781
|
|
|
|
|
|
|
|
| |
Vendor changes (FreeBSD-related):
Plug memory leaks in xattr tests.
Notes:
svn path=/vendor/libarchive/dist/; revision=316455
|
|
|
|
|
|
|
|
|
| |
Vendor changes (FreeBSD-related):
Report which extended attributes could not be restored
Update archive_read_disk.3 and archive_write_disk.3 manual pages
Notes:
svn path=/vendor/libarchive/dist/; revision=316454
|
|
|
|
|
|
|
|
|
| |
Vendor changes (FreeBSD-related):
- add missing file from previous merge
- encapsulate platform ACL code in an #ifdef
Notes:
svn path=/vendor/libarchive/dist/; revision=316094
|
|
|
|
|
|
|
|
|
|
| |
Vendor changes (FreeBSD-related):
- constify variables in several places
- unify platform ACL code in a single source file
- fix unused variable if compiling on FreeBSD without NFSv4 ACL support
Notes:
svn path=/vendor/libarchive/dist/; revision=316083
|
|
|
|
|
|
|
|
|
|
| |
Vendor changes (FreeBSD-related):
- store extended attributes with extattr_set_link() if no fd is provided
- add extended attribute tests to libarchive and bsdtar
- support the UF_HIDDEN file flag
Notes:
svn path=/vendor/libarchive/dist/; revision=315875
|
|
|
|
|
|
|
|
|
| |
Vendor changes:
Fix type in archive_read_open(3)
Always use extern keyword for shared constants in archive_acl_maps.h
Notes:
svn path=/vendor/libarchive/dist/; revision=315635
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Vendor changes (FreeBSD-related):
Break ACL read/write code into platform-specific source files
Vendor bugfixes (FreeBSD-related):
PR 867 (bsdcpio): show numeric uid/gid when names are not found
PR 870 (seekable zip): accept files with valid ZIP64 EOCD headers
PR 880 (pax): Fix handling of "size" pax header keyword
PR 887 (crypto): Discard 3072 bytes instead of 1024 of first keystream
OSS-Fuzz issue 806 (mtree): rework mtree_atol10 integer parser
Unbreak static dependency on libbz2
Notes:
svn path=/vendor/libarchive/dist/; revision=315633
|
|
|
|
|
|
|
|
| |
Documentation, style, test suite changes and typo fixes.
New bsdtar tests for --acls and --fflags options.
Notes:
svn path=/vendor/libarchive/dist/; revision=314567
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Release 3.3.1
Notable vendor changes:
PR #501: improvements in ACL path handling
PR #724: fix hang when reading malformed cpio files
PR #864: fix out of bounds read with malformed GNU tar archives
Test suite improvements
New options to bsdtar that enable or disable reading and/or writing of:
Access Control Lists (--acls, --no-acls)
Extended file flags (--fflags, --no-fflags)
Extended attributes (--xattrs, --no-xattrs)
Notes:
svn path=/vendor/libarchive/dist/; revision=314565
svn path=/vendor/libarchive/3.3.1/; revision=314566; tag=vendor/libarchive/3.3.1
|
|
|
|
|
|
|
|
|
|
|
|
| |
Vendor changes:
Make SCHILY.acl.ace header more compact (NFSv4 ACLs)
Vendor bugfixes:
zip reader integer parsing fix (OSS-Fuzz 556)
spelling fixes (issue #863)
Notes:
svn path=/vendor/libarchive/dist/; revision=313781
|
|
|
|
|
|
|
|
|
|
|
| |
Vendor bugfixes:
cpio reader sanity fix (OSS-Fuzz 504)
WARC reader sanity fixes (OSS-Fuzz 511, 526, 532, 552)
mtree reader time parsing fix (OSS-Fuzz 538)
XAR reader memleak fix (OSS-Fuzz 551)
Notes:
svn path=/vendor/libarchive/dist/; revision=313569
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Vendor changes (relevant to FreeBSD):
- bugfixes, improvemens and optimizations in ACL code
- NFSv4 ACLs can now be extracted from Solaris tar archives
Security fixes:
- cab reader: endless loop when parsing MSZIP signature (OSS-Fuzz 335)
- LHA reader: heap-buffer-overflow in lha_read_file_header_1() (CVE-2017-5601)
- LZ4 reader: null-pointer dereference in lz4_filter_read_legacy_stream()
(OSS-Fuzz 453)
- mtree reader: heap-buffer-overflow in detect_form() (OSS-Fuzz 421, 443)
- WARC reader: heap-buffer-overflow in xstrpisotime() (OSS-Fuzz 382, 458)
Memory leak fixes:
- ACL support: free memory allocated by acl_get_qualifier()
- disk writer: missing free in create_filesystem_object()
- file reader: fd leak (Coverity 1016755)
- gnutar writer: fix free in archive_write_gnutar_header() (Coverity 1016752)
- iso 9660 reader: missing free in parse_file_info() (part. Coverity 1016754)
- program reader: missing free in __archive_read_program()
- program writer: missing free in __archive_write_program_free()
- xar reader: missing free in xar_cleanup()
- xar reader: missing frees in expat_xmlattr_setup() (Coverity 1229979-1229981)
- xar writer: missing free in file_free()
- zip reader: missing free in zip_read_locazip_read_local_file_header()
Notes:
svn path=/vendor/libarchive/dist/; revision=313071
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Vendor changes:
#691: Support for SCHILY.xattr extended attributes
#854: Spelling fixes
Multiple fixes in ACL code:
- prefer acl_set_fd_np() to acl_set_fd()
- if acl_set_fd_np() fails, do no fallback to acl_set_file()
- do not warn if trying to write ACLs to a filesystem without ACL support
- fix id handling in archive_acl_(from_to)_text*() for NFSv4 ACLs
Notes:
svn path=/vendor/libarchive/dist/; revision=311899
|
|
|
|
|
|
|
|
| |
Vendor bugfixes:
Use __LA_DEPRECATED macro with functions deprecated in 379867e (r310796)
Notes:
svn path=/vendor/libarchive/dist/; revision=310869
|
|
|
|
|
|
|
|
|
|
| |
Vendor bugfixes:
PR #843: Fix memory leak of struct archive_entry in cpio/cpio.c
PR #851: Spelling fixes
Fix two protoypes in manual page archive_read_disk.3
Notes:
svn path=/vendor/libarchive/dist/; revision=310798
|
|
|
|
|
|
|
| |
Fix style typo in tar.5
Notes:
svn path=/vendor/libarchive/dist/; revision=310797
|
|
|
|
|
|
|
|
| |
Vendor changes:
PR #771: Add NFSv4 ACL support to pax and restricted pax
Notes:
svn path=/vendor/libarchive/dist/; revision=310796
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Vendor bugfixes:
PR 844: Coverity bug fixes in tests
PR 846: Spelling fixes
PR 850: Fix issues with reading certain jar files
PR 826: OpenSSL 1.1 support
PR 830, 831, 833: Spelling fixes
OSS-Fuzz 227, 230, 239: Fix possible memory leak in archive_read_free()
OSS-Fuzz 237: Fix heap buffer overflow when reading invalid ar archives
OSS-Fuzz 286: Bugfix in archive_strncat_l()
Notes:
svn path=/vendor/libarchive/dist/; revision=310622
|
|
|
|
| |
Notes:
svn path=/vendor/libarchive/dist/; revision=310184
|
|
|
|
|
|
|
|
|
|
|
|
| |
Vendor bugfixes:
PR 826: OpenSSL 1.1 support
PR 830, 831, 833: Spelling fixes
OSS-Fuzz 227, 230, 239: Fix possible memory leak in archive_read_free()
OSS-Fuzz 237: Fix heap buffer overflow when reading invalid ar archives
Notes:
svn path=/vendor/libarchive/dist/; revision=310115
|
|
|
|
|
|
|
| |
Obtained from: libarchive (f9e3de49fb294901374e0c8c6c2ceaeea7b6d6c0)
Notes:
svn path=/vendor/libarchive/dist/; revision=309865
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Vendor bugfixes:
libarchive #831:
Spelling fixes
libarchive #832:
Relax sanity checks of number fields in tar header even more
OSS-Fuzz #16:
Fix possible hang in uudecode_filter_read()
OSS-Fuzz #220:
Reject an 'ar' filename table larger than 1GB or a filename larger
than 1MB.
Notes:
svn path=/vendor/libarchive/dist/; revision=309587
|
|
|
|
|
|
|
|
|
|
| |
Vendor bugfixes:
Fix for heap-buffer-overflow in archive_le16dec()
Fix for heap-buffer-overflow in uudecode_bidder_bid()
Reworked fix for compatibility with archives created by Perl Archive::Tar
Notes:
svn path=/vendor/libarchive/dist/; revision=309403
|
|
|
|
|
|
|
|
|
|
| |
Small improvements, style fixes, bugfixes.
Important vendor bugfixes:
Restore compatibility with Perl Archive::Tar that was broken with #825
Notes:
svn path=/vendor/libarchive/dist/; revision=309362
|