diff options
Diffstat (limited to 'poky/meta/recipes-extended/libarchive')
5 files changed, 336 insertions, 0 deletions
diff --git a/poky/meta/recipes-extended/libarchive/libarchive/CVE-2017-14166.patch b/poky/meta/recipes-extended/libarchive/libarchive/CVE-2017-14166.patch new file mode 100644 index 000000000..e85fec40a --- /dev/null +++ b/poky/meta/recipes-extended/libarchive/libarchive/CVE-2017-14166.patch @@ -0,0 +1,37 @@ +libarchive-3.3.2: Fix CVE-2017-14166 + +[No upstream tracking] -- https://github.com/libarchive/libarchive/pull/935 + +archive_read_support_format_xar: heap-based buffer overflow in xml_data + +Upstream-Status: Backport [https://github.com/libarchive/libarchive/commit/fa7438a0ff4033e4741c807394a9af6207940d71] +CVE: CVE-2017-14166 +Bug: 935 +Signed-off-by: Andrej Valek <andrej.valek@siemens.com> + +diff --git a/libarchive/archive_read_support_format_xar.c b/libarchive/archive_read_support_format_xar.c +index 7a22beb..93eeacc 100644 +--- a/libarchive/archive_read_support_format_xar.c ++++ b/libarchive/archive_read_support_format_xar.c +@@ -1040,6 +1040,9 @@ atol10(const char *p, size_t char_cnt) + uint64_t l; + int digit; + ++ if (char_cnt == 0) ++ return (0); ++ + l = 0; + digit = *p - '0'; + while (digit >= 0 && digit < 10 && char_cnt-- > 0) { +@@ -1054,7 +1057,10 @@ atol8(const char *p, size_t char_cnt) + { + int64_t l; + int digit; +- ++ ++ if (char_cnt == 0) ++ return (0); ++ + l = 0; + while (char_cnt-- > 0) { + if (*p >= '0' && *p <= '7') diff --git a/poky/meta/recipes-extended/libarchive/libarchive/CVE-2017-14502.patch b/poky/meta/recipes-extended/libarchive/libarchive/CVE-2017-14502.patch new file mode 100644 index 000000000..72e154643 --- /dev/null +++ b/poky/meta/recipes-extended/libarchive/libarchive/CVE-2017-14502.patch @@ -0,0 +1,37 @@ +From 5562545b5562f6d12a4ef991fae158bf4ccf92b6 Mon Sep 17 00:00:00 2001 +From: Joerg Sonnenberger <joerg@bec.de> +Date: Sat, 9 Sep 2017 17:47:32 +0200 +Subject: [PATCH] Avoid a read off-by-one error for UTF16 names in RAR + archives. + +Reported-By: OSS-Fuzz issue 573 + +CVE: CVE-2017-14502 + +Upstream-Status: Backport + +Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> +--- + libarchive/archive_read_support_format_rar.c | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +diff --git a/libarchive/archive_read_support_format_rar.c b/libarchive/archive_read_support_format_rar.c +index cbb14c3..751de69 100644 +--- a/libarchive/archive_read_support_format_rar.c ++++ b/libarchive/archive_read_support_format_rar.c +@@ -1496,7 +1496,11 @@ read_header(struct archive_read *a, struct archive_entry *entry, + return (ARCHIVE_FATAL); + } + filename[filename_size++] = '\0'; +- filename[filename_size++] = '\0'; ++ /* ++ * Do not increment filename_size here as the computations below ++ * add the space for the terminating NUL explicitly. ++ */ ++ filename[filename_size] = '\0'; + + /* Decoded unicode form is UTF-16BE, so we have to update a string + * conversion object for it. */ +-- +1.9.1 + diff --git a/poky/meta/recipes-extended/libarchive/libarchive/bug929.patch b/poky/meta/recipes-extended/libarchive/libarchive/bug929.patch new file mode 100644 index 000000000..2f3254c8d --- /dev/null +++ b/poky/meta/recipes-extended/libarchive/libarchive/bug929.patch @@ -0,0 +1,38 @@ +libarchive-3.3.2: Fix bug929 + +[No upstream tracking] -- https://github.com/libarchive/libarchive/pull/929 + +archive_read_support_format_cpio: header_newc(): Avoid overflow when reading corrupt +cpio archive + +A cpio "newc" archive with a namelength of "FFFFFFFF", if read on a +system with a 32-bit size_t, would result in namelength + name_pad +overflowing 32 bits and libarchive attempting to copy 2^32-1 bytes +from a 2-byte buffer, with appropriately hilarious results. + +Check for this overflow and fail; there's no legitimate reason for a +cpio archive to contain a file with a name over 4 billion characters +in length. + +Upstream-Status: Backport [https://github.com/libarchive/libarchive/commit/bac4659e0b970990e7e3f3a3d239294e96311630] +Bug: 929 +Signed-off-by: Andrej Valek <andrej.valek@siemens.com> + +diff --git a/libarchive/archive_read_support_format_cpio.c b/libarchive/archive_read_support_format_cpio.c +index ad9f782..1faa64d 100644 +--- a/libarchive/archive_read_support_format_cpio.c ++++ b/libarchive/archive_read_support_format_cpio.c +@@ -633,6 +633,13 @@ header_newc(struct archive_read *a, struct cpio *cpio, + /* Pad name to 2 more than a multiple of 4. */ + *name_pad = (2 - *namelength) & 3; + ++ /* Make sure that the padded name length fits into size_t. */ ++ if ((size_t)(*namelength + *name_pad) < *namelength) { ++ archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, ++ "cpio archive has invalid namelength"); ++ return (ARCHIVE_FATAL); ++ } ++ + /* + * Note: entry_bytes_remaining is at least 64 bits and + * therefore guaranteed to be big enough for a 33-bit file diff --git a/poky/meta/recipes-extended/libarchive/libarchive/non-recursive-extract-and-list.patch b/poky/meta/recipes-extended/libarchive/libarchive/non-recursive-extract-and-list.patch new file mode 100644 index 000000000..cd7be5127 --- /dev/null +++ b/poky/meta/recipes-extended/libarchive/libarchive/non-recursive-extract-and-list.patch @@ -0,0 +1,153 @@ +From 47f7566f6829c2b14e21bbbba699916de4998c72 Mon Sep 17 00:00:00 2001 +From: Patrick Ohly <patrick.ohly@intel.com> +Date: Mon, 24 Oct 2016 12:54:48 +0200 +Subject: [PATCH 1/1] non-recursive extract and list + +Sometimes it makes sense to extract or list a directory contained in +an archive without also doing the same for the content of the +directory, i.e. allowing -n (= --no-recursion) in combination with the +x and t modes. + +bsdtar uses the match functionality in libarchive to track include +matches. A new libarchive API call +archive_match_include_directories_recursively() gets introduced to +influence the matching behavior, with the default behavior as before. + +Non-recursive matching can be achieved by anchoring the path match at +both start and end. Asking for a directory which itself isn't in the +archive when in non-recursive mode is an error and handled by the +existing mechanism for tracking unused inclusion entries. + +Upstream-Status: Submitted [https://github.com/libarchive/libarchive/pull/812] + +Signed-off-by: Patrick Ohly <patrick.ohly@intel.com> + +--- + libarchive/archive.h | 2 ++ + libarchive/archive_match.c | 30 +++++++++++++++++++++++++++++- + tar/bsdtar.1 | 3 +-- + tar/bsdtar.c | 12 ++++++++++-- + 4 files changed, 42 insertions(+), 5 deletions(-) + +diff --git a/libarchive/archive.h b/libarchive/archive.h +index 32710201..59fb4aa6 100644 +--- a/libarchive/archive.h ++++ b/libarchive/archive.h +@@ -1093,6 +1093,8 @@ __LA_DECL int archive_match_excluded(struct archive *, + */ + __LA_DECL int archive_match_path_excluded(struct archive *, + struct archive_entry *); ++/* Control recursive inclusion of directory content when directory is included. Default on. */ ++__LA_DECL int archive_match_include_directories_recursively(struct archive *, int _enabled); + /* Add exclusion pathname pattern. */ + __LA_DECL int archive_match_exclude_pattern(struct archive *, const char *); + __LA_DECL int archive_match_exclude_pattern_w(struct archive *, +diff --git a/libarchive/archive_match.c b/libarchive/archive_match.c +index be72066e..bb6a3407 100644 +--- a/libarchive/archive_match.c ++++ b/libarchive/archive_match.c +@@ -93,6 +93,9 @@ struct archive_match { + /* exclusion/inclusion set flag. */ + int setflag; + ++ /* Recursively include directory content? */ ++ int recursive_include; ++ + /* + * Matching filename patterns. + */ +@@ -223,6 +226,7 @@ archive_match_new(void) + return (NULL); + a->archive.magic = ARCHIVE_MATCH_MAGIC; + a->archive.state = ARCHIVE_STATE_NEW; ++ a->recursive_include = 1; + match_list_init(&(a->inclusions)); + match_list_init(&(a->exclusions)); + __archive_rb_tree_init(&(a->exclusion_tree), &rb_ops_mbs); +@@ -471,6 +475,28 @@ archive_match_path_excluded(struct archive *_a, + } + + /* ++ * When recursive inclusion of directory content is enabled, ++ * an inclusion pattern that matches a directory will also ++ * include everything beneath that directory. Enabled by default. ++ * ++ * For compatibility with GNU tar, exclusion patterns always ++ * match if a subset of the full patch matches (i.e., they are ++ * are not rooted at the beginning of the path) and thus there ++ * is no corresponding non-recursive exclusion mode. ++ */ ++int ++archive_match_include_directories_recursively(struct archive *_a, int _enabled) ++{ ++ struct archive_match *a; ++ ++ archive_check_magic(_a, ARCHIVE_MATCH_MAGIC, ++ ARCHIVE_STATE_NEW, "archive_match_include_directories_recursively"); ++ a = (struct archive_match *)_a; ++ a->recursive_include = _enabled; ++ return (ARCHIVE_OK); ++} ++ ++/* + * Utility functions to get statistic information for inclusion patterns. + */ + int +@@ -781,7 +807,9 @@ static int + match_path_inclusion(struct archive_match *a, struct match *m, + int mbs, const void *pn) + { +- int flag = PATHMATCH_NO_ANCHOR_END; ++ int flag = a->recursive_include ? ++ PATHMATCH_NO_ANCHOR_END : /* Prefix match is good enough. */ ++ 0; /* Full match required. */ + int r; + + if (mbs) { +diff --git a/tar/bsdtar.1 b/tar/bsdtar.1 +index 132e1145..1dd2a847 100644 +--- a/tar/bsdtar.1 ++++ b/tar/bsdtar.1 +@@ -386,8 +386,7 @@ and the default behavior in c, r, and u modes or if + .Nm + is run in x mode as root. + .It Fl n , Fl Fl norecurse , Fl Fl no-recursion +-(c, r, u modes only) +-Do not recursively archive the contents of directories. ++Do not recursively archive (c, r, u), extract (x) or list (t) the contents of directories. + .It Fl Fl newer Ar date + (c, r, u modes only) + Only include files and directories newer than the specified date. +diff --git a/tar/bsdtar.c b/tar/bsdtar.c +index 11dedbf9..d014cc3e 100644 +--- a/tar/bsdtar.c ++++ b/tar/bsdtar.c +@@ -794,8 +794,6 @@ main(int argc, char **argv) + break; + } + } +- if (bsdtar->flags & OPTFLAG_NO_SUBDIRS) +- only_mode(bsdtar, "-n", "cru"); + if (bsdtar->flags & OPTFLAG_STDOUT) + only_mode(bsdtar, "-O", "xt"); + if (bsdtar->flags & OPTFLAG_UNLINK_FIRST) +@@ -845,6 +843,16 @@ main(int argc, char **argv) + only_mode(bsdtar, buff, "cru"); + } + ++ /* ++ * When creating an archive from a directory tree, the directory ++ * walking code will already avoid entering directories when ++ * recursive inclusion of directory content is disabled, therefore ++ * changing the matching behavior has no effect for creation modes. ++ * It is relevant for extraction or listing. ++ */ ++ archive_match_include_directories_recursively(bsdtar->matching, ++ !(bsdtar->flags & OPTFLAG_NO_SUBDIRS)); ++ + /* Filename "-" implies stdio. */ + if (strcmp(bsdtar->filename, "-") == 0) + bsdtar->filename = NULL; +-- +2.11.0 + diff --git a/poky/meta/recipes-extended/libarchive/libarchive_3.3.2.bb b/poky/meta/recipes-extended/libarchive/libarchive_3.3.2.bb new file mode 100644 index 000000000..5daca2731 --- /dev/null +++ b/poky/meta/recipes-extended/libarchive/libarchive_3.3.2.bb @@ -0,0 +1,71 @@ +SUMMARY = "Support for reading various archive formats" +DESCRIPTION = "C library and command-line tools for reading and writing tar, cpio, zip, ISO, and other archive formats" +HOMEPAGE = "http://www.libarchive.org/" +SECTION = "devel" +LICENSE = "BSD" +LIC_FILES_CHKSUM = "file://COPYING;md5=ed99aca006bc346974bb745a35336425" + +DEPENDS = "e2fsprogs-native" + +PACKAGECONFIG ?= "zlib bz2 xz lzo" + +PACKAGECONFIG_append_class-target = "\ + libxml2 \ + ${@bb.utils.filter('DISTRO_FEATURES', 'acl xattr', d)} \ +" + +DEPENDS_BZIP2 = "bzip2-replacement-native" +DEPENDS_BZIP2_class-target = "bzip2" + +PACKAGECONFIG[acl] = "--enable-acl,--disable-acl,acl," +PACKAGECONFIG[xattr] = "--enable-xattr,--disable-xattr,attr," +PACKAGECONFIG[zlib] = "--with-zlib,--without-zlib,zlib," +PACKAGECONFIG[bz2] = "--with-bz2lib,--without-bz2lib,${DEPENDS_BZIP2}," +PACKAGECONFIG[xz] = "--with-lzma,--without-lzma,xz," +PACKAGECONFIG[openssl] = "--with-openssl,--without-openssl,openssl," +PACKAGECONFIG[libxml2] = "--with-xml2,--without-xml2,libxml2," +PACKAGECONFIG[expat] = "--with-expat,--without-expat,expat," +PACKAGECONFIG[lzo] = "--with-lzo2,--without-lzo2,lzo," +PACKAGECONFIG[nettle] = "--with-nettle,--without-nettle,nettle," +PACKAGECONFIG[lz4] = "--with-lz4,--without-lz4,lz4," + +EXTRA_OECONF += "--enable-largefile" + +SRC_URI = "http://libarchive.org/downloads/libarchive-${PV}.tar.gz \ + file://bug929.patch \ + file://CVE-2017-14166.patch \ + file://CVE-2017-14502.patch \ + file://non-recursive-extract-and-list.patch \ + " + +SRC_URI[md5sum] = "4583bd6b2ebf7e0e8963d90879eb1b27" +SRC_URI[sha256sum] = "ed2dbd6954792b2c054ccf8ec4b330a54b85904a80cef477a1c74643ddafa0ce" + +inherit autotools update-alternatives pkgconfig + +CPPFLAGS += "-I${WORKDIR}/extra-includes" + +do_configure[cleandirs] += "${WORKDIR}/extra-includes" +do_configure_prepend() { + # We just need the headers for some type constants, so no need to + # build all of e2fsprogs for the target + cp -R ${STAGING_INCDIR_NATIVE}/ext2fs ${WORKDIR}/extra-includes/ +} + +ALTERNATIVE_PRIORITY = "80" + +PACKAGES =+ "bsdtar" +FILES_bsdtar = "${bindir}/bsdtar" + +ALTERNATIVE_bsdtar = "tar" +ALTERNATIVE_LINK_NAME[tar] = "${base_bindir}/tar" +ALTERNATIVE_TARGET[tar] = "${bindir}/bsdtar" + +PACKAGES =+ "bsdcpio" +FILES_bsdcpio = "${bindir}/bsdcpio" + +ALTERNATIVE_bsdcpio = "cpio" +ALTERNATIVE_LINK_NAME[cpio] = "${base_bindir}/cpio" +ALTERNATIVE_TARGET[cpio] = "${bindir}/bsdcpio" + +BBCLASSEXTEND = "native nativesdk" |
