summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--gnu/local.mk5
-rw-r--r--gnu/packages/backup.scm18
-rw-r--r--gnu/packages/patches/libarchive-CVE-2013-0211.patch21
-rw-r--r--gnu/packages/patches/libarchive-CVE-2016-1541.patch67
-rw-r--r--gnu/packages/patches/libarchive-bsdtar-test.patch74
-rw-r--r--gnu/packages/patches/libarchive-fix-lzo-test-case.patch83
-rw-r--r--gnu/packages/patches/libarchive-mtree-filename-length-fix.patch18
7 files changed, 2 insertions, 284 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index 9d3bc1ee8b..8cf5ef5c99 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -561,11 +561,6 @@ dist_patch_DATA =						\
   gnu/packages/patches/liba52-link-with-libm.patch		\
   gnu/packages/patches/liba52-set-soname.patch			\
   gnu/packages/patches/liba52-use-mtune-not-mcpu.patch		\
-  gnu/packages/patches/libarchive-bsdtar-test.patch		\
-  gnu/packages/patches/libarchive-CVE-2013-0211.patch		\
-  gnu/packages/patches/libarchive-CVE-2016-1541.patch		\
-  gnu/packages/patches/libarchive-fix-lzo-test-case.patch	\
-  gnu/packages/patches/libarchive-mtree-filename-length-fix.patch \
   gnu/packages/patches/libbonobo-activation-test-race.patch	\
   gnu/packages/patches/libcanberra-sound-theme-freedesktop.patch \
   gnu/packages/patches/libcmis-fix-test-onedrive.patch		\
diff --git a/gnu/packages/backup.scm b/gnu/packages/backup.scm
index 917bee78d9..05423f1401 100644
--- a/gnu/packages/backup.scm
+++ b/gnu/packages/backup.scm
@@ -136,8 +136,7 @@ backups (called chunks) to allow easy burning to CD/DVD.")
 (define-public libarchive
   (package
     (name "libarchive")
-    (replacement libarchive/fixed)
-    (version "3.1.2")
+    (version "3.2.0")
     (source
      (origin
        (method url-fetch)
@@ -145,12 +144,7 @@ backups (called chunks) to allow easy burning to CD/DVD.")
                            version ".tar.gz"))
        (sha256
         (base32
-         "0pixqnrcf35dnqgv0lp7qlcw7k13620qkhgxr288v7p4iz6ym1zb"))
-       (patches
-        (search-patches "libarchive-mtree-filename-length-fix.patch"
-                        "libarchive-fix-lzo-test-case.patch"
-                        "libarchive-CVE-2013-0211.patch"
-                        "libarchive-bsdtar-test.patch"))))
+         "11xabdpmvdmcdkidigmqh4ymhra95lr7ipcys4hdq0gzf7ylbkkv"))))
     (build-system gnu-build-system)
     ;; TODO: Add -L/path/to/nettle in libarchive.pc.
     (inputs
@@ -194,14 +188,6 @@ archive.  In particular, note that there is currently no built-in support for
 random access nor for in-place modification.")
     (license license:bsd-2)))
 
-(define libarchive/fixed
-  (package
-    (inherit libarchive)
-    (source (origin
-              (inherit (package-source libarchive))
-              (patches (cons (search-patch "libarchive-CVE-2016-1541.patch")
-                             (origin-patches (package-source libarchive))))))))
-
 (define-public rdup
   (package
     (name "rdup")
diff --git a/gnu/packages/patches/libarchive-CVE-2013-0211.patch b/gnu/packages/patches/libarchive-CVE-2013-0211.patch
deleted file mode 100644
index b024a7d4a8..0000000000
--- a/gnu/packages/patches/libarchive-CVE-2013-0211.patch
+++ /dev/null
@@ -1,21 +0,0 @@
-Description: Fix CVE-2013-0211: read buffer overflow on 64-bit systems
-Origin: upstream
-Bug-Debian: http://bugs.debian.org/703957
-Forwarded: not-needed
-
---- libarchive-3.0.4.orig/libarchive/archive_write.c
-+++ libarchive-3.0.4/libarchive/archive_write.c
-@@ -665,8 +665,13 @@ static ssize_t
- _archive_write_data(struct archive *_a, const void *buff, size_t s)
- {
- 	struct archive_write *a = (struct archive_write *)_a;
-+	const size_t max_write = INT_MAX;
-+
- 	archive_check_magic(&a->archive, ARCHIVE_WRITE_MAGIC,
- 	    ARCHIVE_STATE_DATA, "archive_write_data");
-+	/* In particular, this catches attempts to pass negative values. */
-+	if (s > max_write)
-+		s = max_write;
- 	archive_clear_error(&a->archive);
- 	return ((a->format_write_data)(a, buff, s));
- }
diff --git a/gnu/packages/patches/libarchive-CVE-2016-1541.patch b/gnu/packages/patches/libarchive-CVE-2016-1541.patch
deleted file mode 100644
index 6ac8773244..0000000000
--- a/gnu/packages/patches/libarchive-CVE-2016-1541.patch
+++ /dev/null
@@ -1,67 +0,0 @@
-Fix CVE-2016-1541 (buffer overflow zip_read_mac_metadata)
-
-Taken from upstream source repository:
-https://github.com/libarchive/libarchive/commit/d0331e8e5b05b475f20b1f3101fe1ad772d7e7e7
-
-When reading OS X metadata entries in Zip archives that were stored
-without compression, libarchive would use the uncompressed entry size
-to allocate a buffer but would use the compressed entry size to limit
-the amount of data copied into that buffer.  Since the compressed
-and uncompressed sizes are provided by data in the archive itself,
-an attacker could manipulate these values to write data beyond
-the end of the allocated buffer.
-
-This fix provides three new checks to guard against such
-manipulation and to make libarchive generally more robust when
-handling this type of entry:
- 1. If an OS X metadata entry is stored without compression,
-    abort the entire archive if the compressed and uncompressed
-    data sizes do not match.
- 2. When sanity-checking the size of an OS X metadata entry,
-    abort this entry if either the compressed or uncompressed
-    size is larger than 4MB.
- 3. When copying data into the allocated buffer, check the copy
-    size against both the compressed entry size and uncompressed
-    entry size.
----
- libarchive/archive_read_support_format_zip.c | 13 +++++++++++++
- 1 file changed, 13 insertions(+)
-
-diff --git a/libarchive/archive_read_support_format_zip.c b/libarchive/archive_read_support_format_zip.c
-index 0f8262c..0a0be96 100644
---- a/libarchive/archive_read_support_format_zip.c
-+++ b/libarchive/archive_read_support_format_zip.c
-@@ -2778,6 +2778,11 @@ zip_read_mac_metadata(struct archive_read *a, struct archive_entry *entry,
- 
- 	switch(rsrc->compression) {
- 	case 0:  /* No compression. */
-+		if (rsrc->uncompressed_size != rsrc->compressed_size) {
-+			archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,
-+			    "Malformed OS X metadata entry: inconsistent size");
-+			return (ARCHIVE_FATAL);
-+		}
- #ifdef HAVE_ZLIB_H
- 	case 8: /* Deflate compression. */
- #endif
-@@ -2798,6 +2803,12 @@ zip_read_mac_metadata(struct archive_read *a, struct archive_entry *entry,
- 		    (intmax_t)rsrc->uncompressed_size);
- 		return (ARCHIVE_WARN);
- 	}
-+	if (rsrc->compressed_size > (4 * 1024 * 1024)) {
-+		archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,
-+		    "Mac metadata is too large: %jd > 4M bytes",
-+		    (intmax_t)rsrc->compressed_size);
-+		return (ARCHIVE_WARN);
-+	}
- 
- 	metadata = malloc((size_t)rsrc->uncompressed_size);
- 	if (metadata == NULL) {
-@@ -2836,6 +2847,8 @@ zip_read_mac_metadata(struct archive_read *a, struct archive_entry *entry,
- 			bytes_avail = remaining_bytes;
- 		switch(rsrc->compression) {
- 		case 0:  /* No compression. */
-+			if ((size_t)bytes_avail > metadata_bytes)
-+				bytes_avail = metadata_bytes;
- 			memcpy(mp, p, bytes_avail);
- 			bytes_used = (size_t)bytes_avail;
- 			metadata_bytes -= bytes_used;
diff --git a/gnu/packages/patches/libarchive-bsdtar-test.patch b/gnu/packages/patches/libarchive-bsdtar-test.patch
deleted file mode 100644
index 6a533a9a07..0000000000
--- a/gnu/packages/patches/libarchive-bsdtar-test.patch
+++ /dev/null
@@ -1,74 +0,0 @@
-commit b539b2e597b566fe3c4b49cb61c9eef83e5e052d
-Author: Pavel Raiskup <praiskup@redhat.com>
-Date:   Thu Jun 27 16:01:30 2013 +0200
-
-    Use ustar format in the test_option_b test
-    
-    .. because the ustar archive does not store SELinux context.  As the default
-    format for bsdtar is "restricted pax" (trying to store xattrs and other
-    things by default), the test failed on Fedora because our files have by
-    default SELinux context set.  This results in additional data in tested
-    archive ~> and the test failed because the archive was unexpectedly big:
-    
-     tar/test/test_option_b.c:41: File archive1.tar has size 3072, expected 2048
-    
-    Reviewed by Konrad Kleine <konrad.wilhelm.kleine@gmail.com>
-
-diff --git a/tar/test/test_option_b.c b/tar/test/test_option_b.c
-index be2ae65..6fea474 100644
---- a/tar/test/test_option_b.c
-+++ b/tar/test/test_option_b.c
-@@ -25,8 +25,14 @@
- #include "test.h"
- __FBSDID("$FreeBSD$");
- 
-+#define USTAR_OPT " --format=ustar"
-+
- DEFINE_TEST(test_option_b)
- {
-+	char *testprog_ustar = malloc(strlen(testprog) + sizeof(USTAR_OPT) + 1);
-+	strcpy(testprog_ustar, testprog);
-+	strcat(testprog_ustar, USTAR_OPT);
-+
- 	assertMakeFile("file1", 0644, "file1");
- 	if (systemf("cat file1 > test_cat.out 2> test_cat.err") != 0) {
- 		skipping("Platform doesn't have cat");
-@@ -36,7 +42,7 @@ DEFINE_TEST(test_option_b)
- 	/*
- 	 * Bsdtar does not pad if the output is going directly to a disk file.
- 	 */
--	assertEqualInt(0, systemf("%s -cf archive1.tar file1 >test1.out 2>test1.err", testprog));
-+	assertEqualInt(0, systemf("%s -cf archive1.tar file1 >test1.out 2>test1.err", testprog_ustar));
- 	failure("bsdtar does not pad archives written directly to regular files");
- 	assertFileSize("archive1.tar", 2048);
- 	assertEmptyFile("test1.out");
-@@ -46,24 +52,24 @@ DEFINE_TEST(test_option_b)
- 	 * Bsdtar does pad to the block size if the output is going to a socket.
- 	 */
- 	/* Default is -b 20 */
--	assertEqualInt(0, systemf("%s -cf - file1 2>test2.err | cat >archive2.tar ", testprog));
-+	assertEqualInt(0, systemf("%s -cf - file1 2>test2.err | cat >archive2.tar ", testprog_ustar));
- 	failure("bsdtar does pad archives written to pipes");
- 	assertFileSize("archive2.tar", 10240);
- 	assertEmptyFile("test2.err");
- 
--	assertEqualInt(0, systemf("%s -cf - -b 20 file1 2>test3.err | cat >archive3.tar ", testprog));
-+	assertEqualInt(0, systemf("%s -cf - -b 20 file1 2>test3.err | cat >archive3.tar ", testprog_ustar));
- 	assertFileSize("archive3.tar", 10240);
- 	assertEmptyFile("test3.err");
- 
--	assertEqualInt(0, systemf("%s -cf - -b 10 file1 2>test4.err | cat >archive4.tar ", testprog));
-+	assertEqualInt(0, systemf("%s -cf - -b 10 file1 2>test4.err | cat >archive4.tar ", testprog_ustar));
- 	assertFileSize("archive4.tar", 5120);
- 	assertEmptyFile("test4.err");
- 
--	assertEqualInt(0, systemf("%s -cf - -b 1 file1 2>test5.err | cat >archive5.tar ", testprog));
-+	assertEqualInt(0, systemf("%s -cf - -b 1 file1 2>test5.err | cat >archive5.tar ", testprog_ustar));
- 	assertFileSize("archive5.tar", 2048);
- 	assertEmptyFile("test5.err");
- 
--	assertEqualInt(0, systemf("%s -cf - -b 8192 file1 2>test6.err | cat >archive6.tar ", testprog));
-+	assertEqualInt(0, systemf("%s -cf - -b 8192 file1 2>test6.err | cat >archive6.tar ", testprog_ustar));
- 	assertFileSize("archive6.tar", 4194304);
- 	assertEmptyFile("test6.err");
- 
diff --git a/gnu/packages/patches/libarchive-fix-lzo-test-case.patch b/gnu/packages/patches/libarchive-fix-lzo-test-case.patch
deleted file mode 100644
index ffdc0db922..0000000000
--- a/gnu/packages/patches/libarchive-fix-lzo-test-case.patch
+++ /dev/null
@@ -1,83 +0,0 @@
-Description: This patch fixes test cases for LZO write support in various
- architectures, such as armhf. Writing a certain amount of files would
- cause the LZO compressor level 9 to produce a bigger archive than the
- default compressor level.
-Author: Andres Mejia <amejia@debian.org>
-
---- a/libarchive/test/test_write_filter_lzop.c
-+++ b/libarchive/test/test_write_filter_lzop.c
-@@ -39,7 +39,7 @@
- 	size_t buffsize, datasize;
- 	char path[16];
- 	size_t used1, used2;
--	int i, r, use_prog = 0;
-+	int i, r, use_prog = 0, filecount;
- 
- 	assert((a = archive_write_new()) != NULL);
- 	r = archive_write_add_filter_lzop(a);
-@@ -58,9 +58,10 @@
- 
- 	datasize = 10000;
- 	assert(NULL != (data = (char *)calloc(1, datasize)));
-+	filecount = 10;
- 
- 	/*
--	 * Write a 100 files and read them all back.
-+	 * Write a filecount files and read them all back.
- 	 */
- 	assert((a = archive_write_new()) != NULL);
- 	assertEqualIntA(a, ARCHIVE_OK, archive_write_set_format_ustar(a));
-@@ -77,7 +78,7 @@
- 	assert((ae = archive_entry_new()) != NULL);
- 	archive_entry_set_filetype(ae, AE_IFREG);
- 	archive_entry_set_size(ae, datasize);
--	for (i = 0; i < 100; i++) {
-+	for (i = 0; i < filecount; i++) {
- 		sprintf(path, "file%03d", i);
- 		archive_entry_copy_pathname(ae, path);
- 		assertEqualIntA(a, ARCHIVE_OK, archive_write_header(a, ae));
-@@ -97,7 +98,7 @@
- 	} else {
- 		assertEqualIntA(a, ARCHIVE_OK,
- 		    archive_read_open_memory(a, buff, used1));
--		for (i = 0; i < 100; i++) {
-+		for (i = 0; i < filecount; i++) {
- 			sprintf(path, "file%03d", i);
- 			if (!assertEqualInt(ARCHIVE_OK,
- 				archive_read_next_header(a, &ae)))
-@@ -133,7 +134,7 @@
- 	    archive_write_set_options(a, "lzop:compression-level=9"));
- 	assertEqualIntA(a, ARCHIVE_OK,
- 	    archive_write_open_memory(a, buff, buffsize, &used2));
--	for (i = 0; i < 100; i++) {
-+	for (i = 0; i < filecount; i++) {
- 		sprintf(path, "file%03d", i);
- 		assert((ae = archive_entry_new()) != NULL);
- 		archive_entry_copy_pathname(ae, path);
-@@ -161,7 +162,7 @@
- 		    archive_read_support_filter_all(a));
- 		assertEqualIntA(a, ARCHIVE_OK,
- 		    archive_read_open_memory(a, buff, used2));
--		for (i = 0; i < 100; i++) {
-+		for (i = 0; i < filecount; i++) {
- 			sprintf(path, "file%03d", i);
- 			if (!assertEqualInt(ARCHIVE_OK,
- 				archive_read_next_header(a, &ae)))
-@@ -186,7 +187,7 @@
- 	    archive_write_set_filter_option(a, NULL, "compression-level", "1"));
- 	assertEqualIntA(a, ARCHIVE_OK,
- 	    archive_write_open_memory(a, buff, buffsize, &used2));
--	for (i = 0; i < 100; i++) {
-+	for (i = 0; i < filecount; i++) {
- 		sprintf(path, "file%03d", i);
- 		assert((ae = archive_entry_new()) != NULL);
- 		archive_entry_copy_pathname(ae, path);
-@@ -216,7 +217,7 @@
- 	} else {
- 		assertEqualIntA(a, ARCHIVE_OK,
- 		    archive_read_open_memory(a, buff, used2));
--		for (i = 0; i < 100; i++) {
-+		for (i = 0; i < filecount; i++) {
- 			sprintf(path, "file%03d", i);
- 			if (!assertEqualInt(ARCHIVE_OK,
- 				archive_read_next_header(a, &ae)))
diff --git a/gnu/packages/patches/libarchive-mtree-filename-length-fix.patch b/gnu/packages/patches/libarchive-mtree-filename-length-fix.patch
deleted file mode 100644
index ad94592c05..0000000000
--- a/gnu/packages/patches/libarchive-mtree-filename-length-fix.patch
+++ /dev/null
@@ -1,18 +0,0 @@
-Description: Patch to fix filename length calculation when writing mtree archives.
-Author: Dave Reisner <dreisner@archlinux.org>
-Origin: upstream
-
---- a/libarchive/archive_write_set_format_mtree.c
-+++ b/libarchive/archive_write_set_format_mtree.c
-@@ -1855,9 +1855,9 @@
- 		return (ret);
- 	}
- 
--	/* Make a basename from dirname and slash */
-+	/* Make a basename from file->parentdir.s and slash */
- 	*slash  = '\0';
--	file->parentdir.length = slash - dirname;
-+	file->parentdir.length = slash - file->parentdir.s;
- 	archive_strcpy(&(file->basename),  slash + 1);
- 	return (ret);
- }