aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--gnu/local.mk5
-rw-r--r--gnu/packages/backup.scm18
-rw-r--r--gnu/packages/patches/libarchive-CVE-2013-0211.patch21
-rw-r--r--gnu/packages/patches/libarchive-CVE-2016-1541.patch67
-rw-r--r--gnu/packages/patches/libarchive-bsdtar-test.patch74
-rw-r--r--gnu/packages/patches/libarchive-fix-lzo-test-case.patch83
-rw-r--r--gnu/packages/patches/libarchive-mtree-filename-length-fix.patch18
7 files changed, 2 insertions, 284 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index 9d3bc1ee8b..8cf5ef5c99 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -561,11 +561,6 @@ dist_patch_DATA = \
gnu/packages/patches/liba52-link-with-libm.patch \
gnu/packages/patches/liba52-set-soname.patch \
gnu/packages/patches/liba52-use-mtune-not-mcpu.patch \
- gnu/packages/patches/libarchive-bsdtar-test.patch \
- gnu/packages/patches/libarchive-CVE-2013-0211.patch \
- gnu/packages/patches/libarchive-CVE-2016-1541.patch \
- gnu/packages/patches/libarchive-fix-lzo-test-case.patch \
- gnu/packages/patches/libarchive-mtree-filename-length-fix.patch \
gnu/packages/patches/libbonobo-activation-test-race.patch \
gnu/packages/patches/libcanberra-sound-theme-freedesktop.patch \
gnu/packages/patches/libcmis-fix-test-onedrive.patch \
diff --git a/gnu/packages/backup.scm b/gnu/packages/backup.scm
index 917bee78d9..05423f1401 100644
--- a/gnu/packages/backup.scm
+++ b/gnu/packages/backup.scm
@@ -136,8 +136,7 @@ backups (called chunks) to allow easy burning to CD/DVD.")
(define-public libarchive
(package
(name "libarchive")
- (replacement libarchive/fixed)
- (version "3.1.2")
+ (version "3.2.0")
(source
(origin
(method url-fetch)
@@ -145,12 +144,7 @@ backups (called chunks) to allow easy burning to CD/DVD.")
version ".tar.gz"))
(sha256
(base32
- "0pixqnrcf35dnqgv0lp7qlcw7k13620qkhgxr288v7p4iz6ym1zb"))
- (patches
- (search-patches "libarchive-mtree-filename-length-fix.patch"
- "libarchive-fix-lzo-test-case.patch"
- "libarchive-CVE-2013-0211.patch"
- "libarchive-bsdtar-test.patch"))))
+ "11xabdpmvdmcdkidigmqh4ymhra95lr7ipcys4hdq0gzf7ylbkkv"))))
(build-system gnu-build-system)
;; TODO: Add -L/path/to/nettle in libarchive.pc.
(inputs
@@ -194,14 +188,6 @@ archive. In particular, note that there is currently no built-in support for
random access nor for in-place modification.")
(license license:bsd-2)))
-(define libarchive/fixed
- (package
- (inherit libarchive)
- (source (origin
- (inherit (package-source libarchive))
- (patches (cons (search-patch "libarchive-CVE-2016-1541.patch")
- (origin-patches (package-source libarchive))))))))
-
(define-public rdup
(package
(name "rdup")
diff --git a/gnu/packages/patches/libarchive-CVE-2013-0211.patch b/gnu/packages/patches/libarchive-CVE-2013-0211.patch
deleted file mode 100644
index b024a7d4a8..0000000000
--- a/gnu/packages/patches/libarchive-CVE-2013-0211.patch
+++ /dev/null
@@ -1,21 +0,0 @@
-Description: Fix CVE-2013-0211: read buffer overflow on 64-bit systems
-Origin: upstream
-Bug-Debian: http://bugs.debian.org/703957
-Forwarded: not-needed
-
---- libarchive-3.0.4.orig/libarchive/archive_write.c
-+++ libarchive-3.0.4/libarchive/archive_write.c
-@@ -665,8 +665,13 @@ static ssize_t
- _archive_write_data(struct archive *_a, const void *buff, size_t s)
- {
- struct archive_write *a = (struct archive_write *)_a;
-+ const size_t max_write = INT_MAX;
-+
- archive_check_magic(&a->archive, ARCHIVE_WRITE_MAGIC,
- ARCHIVE_STATE_DATA, "archive_write_data");
-+ /* In particular, this catches attempts to pass negative values. */
-+ if (s > max_write)
-+ s = max_write;
- archive_clear_error(&a->archive);
- return ((a->format_write_data)(a, buff, s));
- }
diff --git a/gnu/packages/patches/libarchive-CVE-2016-1541.patch b/gnu/packages/patches/libarchive-CVE-2016-1541.patch
deleted file mode 100644
index 6ac8773244..0000000000
--- a/gnu/packages/patches/libarchive-CVE-2016-1541.patch
+++ /dev/null
@@ -1,67 +0,0 @@
-Fix CVE-2016-1541 (buffer overflow zip_read_mac_metadata)
-
-Taken from upstream source repository:
-https://github.com/libarchive/libarchive/commit/d0331e8e5b05b475f20b1f3101fe1ad772d7e7e7
-
-When reading OS X metadata entries in Zip archives that were stored
-without compression, libarchive would use the uncompressed entry size
-to allocate a buffer but would use the compressed entry size to limit
-the amount of data copied into that buffer. Since the compressed
-and uncompressed sizes are provided by data in the archive itself,
-an attacker could manipulate these values to write data beyond
-the end of the allocated buffer.
-
-This fix provides three new checks to guard against such
-manipulation and to make libarchive generally more robust when
-handling this type of entry:
- 1. If an OS X metadata entry is stored without compression,
- abort the entire archive if the compressed and uncompressed
- data sizes do not match.
- 2. When sanity-checking the size of an OS X metadata entry,
- abort this entry if either the compressed or uncompressed
- size is larger than 4MB.
- 3. When copying data into the allocated buffer, check the copy
- size against both the compressed entry size and uncompressed
- entry size.
----
- libarchive/archive_read_support_format_zip.c | 13 +++++++++++++
- 1 file changed, 13 insertions(+)
-
-diff --git a/libarchive/archive_read_support_format_zip.c b/libarchive/archive_read_support_format_zip.c
-index 0f8262c..0a0be96 100644
---- a/libarchive/archive_read_support_format_zip.c
-+++ b/libarchive/archive_read_support_format_zip.c
-@@ -2778,6 +2778,11 @@ zip_read_mac_metadata(struct archive_read *a, struct archive_entry *entry,
-
- switch(rsrc->compression) {
- case 0: /* No compression. */
-+ if (rsrc->uncompressed_size != rsrc->compressed_size) {
-+ archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,
-+ "Malformed OS X metadata entry: inconsistent size");
-+ return (ARCHIVE_FATAL);
-+ }
- #ifdef HAVE_ZLIB_H
- case 8: /* Deflate compression. */
- #endif
-@@ -2798,6 +2803,12 @@ zip_read_mac_metadata(struct archive_read *a, struct archive_entry *entry,
- (intmax_t)rsrc->uncompressed_size);
- return (ARCHIVE_WARN);
- }
-+ if (rsrc->compressed_size > (4 * 1024 * 1024)) {
-+ archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,
-+ "Mac metadata is too large: %jd > 4M bytes",
-+ (intmax_t)rsrc->compressed_size);
-+ return (ARCHIVE_WARN);
-+ }
-
- metadata = malloc((size_t)rsrc->uncompressed_size);
- if (metadata == NULL) {
-@@ -2836,6 +2847,8 @@ zip_read_mac_metadata(struct archive_read *a, struct archive_entry *entry,
- bytes_avail = remaining_bytes;
- switch(rsrc->compression) {
- case 0: /* No compression. */
-+ if ((size_t)bytes_avail > metadata_bytes)
-+ bytes_avail = metadata_bytes;
- memcpy(mp, p, bytes_avail);
- bytes_used = (size_t)bytes_avail;
- metadata_bytes -= bytes_used;
diff --git a/gnu/packages/patches/libarchive-bsdtar-test.patch b/gnu/packages/patches/libarchive-bsdtar-test.patch
deleted file mode 100644
index 6a533a9a07..0000000000
--- a/gnu/packages/patches/libarchive-bsdtar-test.patch
+++ /dev/null
@@ -1,74 +0,0 @@
-commit b539b2e597b566fe3c4b49cb61c9eef83e5e052d
-Author: Pavel Raiskup <praiskup@redhat.com>
-Date: Thu Jun 27 16:01:30 2013 +0200
-
- Use ustar format in the test_option_b test
-
- .. because the ustar archive does not store SELinux context. As the default
- format for bsdtar is "restricted pax" (trying to store xattrs and other
- things by default), the test failed on Fedora because our files have by
- default SELinux context set. This results in additional data in tested
- archive ~> and the test failed because the archive was unexpectedly big:
-
- tar/test/test_option_b.c:41: File archive1.tar has size 3072, expected 2048
-
- Reviewed by Konrad Kleine <konrad.wilhelm.kleine@gmail.com>
-
-diff --git a/tar/test/test_option_b.c b/tar/test/test_option_b.c
-index be2ae65..6fea474 100644
---- a/tar/test/test_option_b.c
-+++ b/tar/test/test_option_b.c
-@@ -25,8 +25,14 @@
- #include "test.h"
- __FBSDID("$FreeBSD$");
-
-+#define USTAR_OPT " --format=ustar"
-+
- DEFINE_TEST(test_option_b)
- {
-+ char *testprog_ustar = malloc(strlen(testprog) + sizeof(USTAR_OPT) + 1);
-+ strcpy(testprog_ustar, testprog);
-+ strcat(testprog_ustar, USTAR_OPT);
-+
- assertMakeFile("file1", 0644, "file1");
- if (systemf("cat file1 > test_cat.out 2> test_cat.err") != 0) {
- skipping("Platform doesn't have cat");
-@@ -36,7 +42,7 @@ DEFINE_TEST(test_option_b)
- /*
- * Bsdtar does not pad if the output is going directly to a disk file.
- */
-- assertEqualInt(0, systemf("%s -cf archive1.tar file1 >test1.out 2>test1.err", testprog));
-+ assertEqualInt(0, systemf("%s -cf archive1.tar file1 >test1.out 2>test1.err", testprog_ustar));
- failure("bsdtar does not pad archives written directly to regular files");
- assertFileSize("archive1.tar", 2048);
- assertEmptyFile("test1.out");
-@@ -46,24 +52,24 @@ DEFINE_TEST(test_option_b)
- * Bsdtar does pad to the block size if the output is going to a socket.
- */
- /* Default is -b 20 */
-- assertEqualInt(0, systemf("%s -cf - file1 2>test2.err | cat >archive2.tar ", testprog));
-+ assertEqualInt(0, systemf("%s -cf - file1 2>test2.err | cat >archive2.tar ", testprog_ustar));
- failure("bsdtar does pad archives written to pipes");
- assertFileSize("archive2.tar", 10240);
- assertEmptyFile("test2.err");
-
-- assertEqualInt(0, systemf("%s -cf - -b 20 file1 2>test3.err | cat >archive3.tar ", testprog));
-+ assertEqualInt(0, systemf("%s -cf - -b 20 file1 2>test3.err | cat >archive3.tar ", testprog_ustar));
- assertFileSize("archive3.tar", 10240);
- assertEmptyFile("test3.err");
-
-- assertEqualInt(0, systemf("%s -cf - -b 10 file1 2>test4.err | cat >archive4.tar ", testprog));
-+ assertEqualInt(0, systemf("%s -cf - -b 10 file1 2>test4.err | cat >archive4.tar ", testprog_ustar));
- assertFileSize("archive4.tar", 5120);
- assertEmptyFile("test4.err");
-
-- assertEqualInt(0, systemf("%s -cf - -b 1 file1 2>test5.err | cat >archive5.tar ", testprog));
-+ assertEqualInt(0, systemf("%s -cf - -b 1 file1 2>test5.err | cat >archive5.tar ", testprog_ustar));
- assertFileSize("archive5.tar", 2048);
- assertEmptyFile("test5.err");
-
-- assertEqualInt(0, systemf("%s -cf - -b 8192 file1 2>test6.err | cat >archive6.tar ", testprog));
-+ assertEqualInt(0, systemf("%s -cf - -b 8192 file1 2>test6.err | cat >archive6.tar ", testprog_ustar));
- assertFileSize("archive6.tar", 4194304);
- assertEmptyFile("test6.err");
-
diff --git a/gnu/packages/patches/libarchive-fix-lzo-test-case.patch b/gnu/packages/patches/libarchive-fix-lzo-test-case.patch
deleted file mode 100644
index ffdc0db922..0000000000
--- a/gnu/packages/patches/libarchive-fix-lzo-test-case.patch
+++ /dev/null
@@ -1,83 +0,0 @@
-Description: This patch fixes test cases for LZO write support in various
- architectures, such as armhf. Writing a certain amount of files would
- cause the LZO compressor level 9 to produce a bigger archive than the
- default compressor level.
-Author: Andres Mejia <amejia@debian.org>
-
---- a/libarchive/test/test_write_filter_lzop.c
-+++ b/libarchive/test/test_write_filter_lzop.c
-@@ -39,7 +39,7 @@
- size_t buffsize, datasize;
- char path[16];
- size_t used1, used2;
-- int i, r, use_prog = 0;
-+ int i, r, use_prog = 0, filecount;
-
- assert((a = archive_write_new()) != NULL);
- r = archive_write_add_filter_lzop(a);
-@@ -58,9 +58,10 @@
-
- datasize = 10000;
- assert(NULL != (data = (char *)calloc(1, datasize)));
-+ filecount = 10;
-
- /*
-- * Write a 100 files and read them all back.
-+ * Write a filecount files and read them all back.
- */
- assert((a = archive_write_new()) != NULL);
- assertEqualIntA(a, ARCHIVE_OK, archive_write_set_format_ustar(a));
-@@ -77,7 +78,7 @@
- assert((ae = archive_entry_new()) != NULL);
- archive_entry_set_filetype(ae, AE_IFREG);
- archive_entry_set_size(ae, datasize);
-- for (i = 0; i < 100; i++) {
-+ for (i = 0; i < filecount; i++) {
- sprintf(path, "file%03d", i);
- archive_entry_copy_pathname(ae, path);
- assertEqualIntA(a, ARCHIVE_OK, archive_write_header(a, ae));
-@@ -97,7 +98,7 @@
- } else {
- assertEqualIntA(a, ARCHIVE_OK,
- archive_read_open_memory(a, buff, used1));
-- for (i = 0; i < 100; i++) {
-+ for (i = 0; i < filecount; i++) {
- sprintf(path, "file%03d", i);
- if (!assertEqualInt(ARCHIVE_OK,
- archive_read_next_header(a, &ae)))
-@@ -133,7 +134,7 @@
- archive_write_set_options(a, "lzop:compression-level=9"));
- assertEqualIntA(a, ARCHIVE_OK,
- archive_write_open_memory(a, buff, buffsize, &used2));
-- for (i = 0; i < 100; i++) {
-+ for (i = 0; i < filecount; i++) {
- sprintf(path, "file%03d", i);
- assert((ae = archive_entry_new()) != NULL);
- archive_entry_copy_pathname(ae, path);
-@@ -161,7 +162,7 @@
- archive_read_support_filter_all(a));
- assertEqualIntA(a, ARCHIVE_OK,
- archive_read_open_memory(a, buff, used2));
-- for (i = 0; i < 100; i++) {
-+ for (i = 0; i < filecount; i++) {
- sprintf(path, "file%03d", i);
- if (!assertEqualInt(ARCHIVE_OK,
- archive_read_next_header(a, &ae)))
-@@ -186,7 +187,7 @@
- archive_write_set_filter_option(a, NULL, "compression-level", "1"));
- assertEqualIntA(a, ARCHIVE_OK,
- archive_write_open_memory(a, buff, buffsize, &used2));
-- for (i = 0; i < 100; i++) {
-+ for (i = 0; i < filecount; i++) {
- sprintf(path, "file%03d", i);
- assert((ae = archive_entry_new()) != NULL);
- archive_entry_copy_pathname(ae, path);
-@@ -216,7 +217,7 @@
- } else {
- assertEqualIntA(a, ARCHIVE_OK,
- archive_read_open_memory(a, buff, used2));
-- for (i = 0; i < 100; i++) {
-+ for (i = 0; i < filecount; i++) {
- sprintf(path, "file%03d", i);
- if (!assertEqualInt(ARCHIVE_OK,
- archive_read_next_header(a, &ae)))
diff --git a/gnu/packages/patches/libarchive-mtree-filename-length-fix.patch b/gnu/packages/patches/libarchive-mtree-filename-length-fix.patch
deleted file mode 100644
index ad94592c05..0000000000
--- a/gnu/packages/patches/libarchive-mtree-filename-length-fix.patch
+++ /dev/null
@@ -1,18 +0,0 @@
-Description: Patch to fix filename length calculation when writing mtree archives.
-Author: Dave Reisner <dreisner@archlinux.org>
-Origin: upstream
-
---- a/libarchive/archive_write_set_format_mtree.c
-+++ b/libarchive/archive_write_set_format_mtree.c
-@@ -1855,9 +1855,9 @@
- return (ret);
- }
-
-- /* Make a basename from dirname and slash */
-+ /* Make a basename from file->parentdir.s and slash */
- *slash = '\0';
-- file->parentdir.length = slash - dirname;
-+ file->parentdir.length = slash - file->parentdir.s;
- archive_strcpy(&(file->basename), slash + 1);
- return (ret);
- }