ngie [Sun, 15 Oct 2017 17:59:07 +0000 (10:59 -0700)]
Fix a potential NULL pointer dereference of `tar` in archive_read_support_format_tar when HAVE_COPYFILE_H is defined (#959)
If HAVE_COPYFILE_H is defined and allocating tar via calloc fails, tar
would be dereferenced before the tar == NULL check is done, causing a
NULL pointer dereference. Move the HAVE_COPYFILE_H block after the NULL
dereference check.
(1) Do not double free a for the stdin case. Reported by Sean Purcell in
PR #904.
(2) Do not query errors after archive_read_free either, the memory is
gone. Split operation into close and read, reporting errors from the
former.
Brad King [Wed, 20 Sep 2017 14:19:38 +0000 (10:19 -0400)]
Do not use nanosecond file time APIs on macOS < 10.13
The SDK for macOS 10.13 adds `futimens` and `utimensat` so our checks
for these symbols may pass. However, the symbols are not available at
runtime on older macOS versions. Instead on macOS we can check for
availability based on the deployment target version.
jrmarino [Tue, 22 Aug 2017 13:46:29 +0000 (08:46 -0500)]
Recognize ".tzst" extension as ".tar.zst"
This follows convention establish by ".tgz", ".txz", etc.
The alias array was not sorted alphabetically (the only order seems to be grouping by decomposed extension), so the new element was just added to the end.
Tony Theodore [Sun, 13 Aug 2017 04:27:12 +0000 (14:27 +1000)]
libarchive.pc.in: add Cflags.private for static linking
`pkgconf` supports a `Cflags.private` that simplifies static linking
for windows (mingw cross) builds. Users of `pkg-config` will be
unaffected by this as existing build scripts will already set the
`-DLIBARCHIVE_STATIC` as required.
Colin Percival [Fri, 28 Jul 2017 23:28:50 +0000 (16:28 -0700)]
Avoid overflow when reading corrupt cpio archive
A cpio "newc" archive with a namelength of "FFFFFFFF", if read on a
system with a 32-bit size_t, would result in namelength + name_pad
overflowing 32 bits and libarchive attempting to copy 2^32-1 bytes
from a 2-byte buffer, with appropriately hilarious results.
Check for this overflow and fail; there's no legitimate reason for a
cpio archive to contain a file with a name over 4 billion characters
in length.
Reported by: Eyal Itkin
Security: Corrupt archives can cause libarchive to crash on
32-bit platforms.
Sponsored by: Tarsnap Backup Inc.
The LZX decoder flattens the Huffman tree into a table, but wanted to
limit it to 1k elements to reduce L1 pressure. Since the logic for
filling was flawed and performance argument points more to a bad index
logic, remove the tree logic.
Issue #901: Sparse files with long name get renamed.
The original ustar header has a 100 character limit for the file name.
With the POSIX interchange format, an additional header attribute
contains the full path and libarchive tries to cut it to something
sensible. The GNU sparse file extension on the other hand also likes to
mangle the ustar header field to include a marker and contains yet
another attribute for the original path. If the name was truncated
earlier, this attribute would get the incorrect truncated name.
Martin Matuska [Wed, 29 Mar 2017 21:16:02 +0000 (23:16 +0200)]
Report names of extended attributes that could not be restored
Remove xattr namespace limitations for AIX and Darwin
On Linux, skip all known ACL extended attributes and obsolete xfsroot
Mike Frysinger [Thu, 23 Mar 2017 06:26:52 +0000 (02:26 -0400)]
constify variables more
A bunch of constant variables/tables are missing const markings.
Adding them allows moving more data to the read only sections, and
ends up shrinking writable data a bit by 1k on x86_64/Linux. Not
much, but still nice.
Martin Matuska [Thu, 23 Mar 2017 14:27:59 +0000 (15:27 +0100)]
Improve extended attribute support
Mac OS X changes:
- add support for extended file attributes via sys/xattr.h
- when extracting an archive entry that has mac_metadata and
mac_metadata is requested to be extracted, extended attributes
are restored only from mac_metadata.
- by default, extended attributes are stored both in mac_metadata and
SCHILY.xattr/LIBARCHIVE.xattr. This is subject to review and change.
To match behavior on other platforms, store extended attributes on
FreeBSD with extattr_set_link() if no fd is provided.
Detection of extended attributes support in configure stage has been
rewritten.
Added xattr platform test to libarchive and xattrs option test to bsdtar.