aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* Update vendor/libarchive to git 5881c9021a85668bd945593f5ba43a0d22c53d71Martin Matuska2017-03-2045-2549/+4577
| | | | | | | | | | | | | | | | Vendor changes (FreeBSD-related): Break ACL read/write code into platform-specific source files Vendor bugfixes (FreeBSD-related): PR 867 (bsdcpio): show numeric uid/gid when names are not found PR 870 (seekable zip): accept files with valid ZIP64 EOCD headers PR 880 (pax): Fix handling of "size" pax header keyword PR 887 (crypto): Discard 3072 bytes instead of 1024 of first keystream OSS-Fuzz issue 806 (mtree): rework mtree_atol10 integer parser Unbreak static dependency on libbz2 Notes: svn path=/vendor/libarchive/dist/; revision=315633
* Update vendor/libarchive to git f4b9b3fe89b4acfef5e3a2283d3bc542315ddb57Martin Matuska2017-03-021-0/+32
| | | | | | | Fixes for test_options_fflags tar test Notes: svn path=/vendor/libarchive/dist/; revision=314570
* Update vendor/libarchive to git a15c7f7b496ba4cefbcaf6f8ac637db4f3009a58Martin Matuska2017-03-0239-617/+1578
| | | | | | | | Documentation, style, test suite changes and typo fixes. New bsdtar tests for --acls and --fflags options. Notes: svn path=/vendor/libarchive/dist/; revision=314567
* Update vendor/libarchive to git d6b1bb9f7ea7bc153b7356e8e345c9e48005821avendor/libarchive/3.3.1Martin Matuska2017-03-0254-11239/+1473
| | | | | | | | | | | | | | | | | | | Release 3.3.1 Notable vendor changes: PR #501: improvements in ACL path handling PR #724: fix hang when reading malformed cpio files PR #864: fix out of bounds read with malformed GNU tar archives Test suite improvements New options to bsdtar that enable or disable reading and/or writing of: Access Control Lists (--acls, --no-acls) Extended file flags (--fflags, --no-fflags) Extended attributes (--xattrs, --no-xattrs) Notes: svn path=/vendor/libarchive/dist/; revision=314565 svn path=/vendor/libarchive/3.3.1/; revision=314566; tag=vendor/libarchive/3.3.1
* Update vendor/libarchive to git 0edabbad1f44641c64fe9d0cbaed27ed93ab38c2Martin Matuska2017-02-1510-153/+188
| | | | | | | | | | | | Vendor changes: Make SCHILY.acl.ace header more compact (NFSv4 ACLs) Vendor bugfixes: zip reader integer parsing fix (OSS-Fuzz 556) spelling fixes (issue #863) Notes: svn path=/vendor/libarchive/dist/; revision=313781
* Update vendor/libarchive to git b3bd0b81a1a06909f766dea8be4072ef81de62b8Martin Matuska2017-02-105-109/+147
| | | | | | | | | | | Vendor bugfixes: cpio reader sanity fix (OSS-Fuzz 504) WARC reader sanity fixes (OSS-Fuzz 511, 526, 532, 552) mtree reader time parsing fix (OSS-Fuzz 538) XAR reader memleak fix (OSS-Fuzz 551) Notes: svn path=/vendor/libarchive/dist/; revision=313569
* Update vendor/libarchive to git d77b577b2d5aa259fca06313c4940e1e61ab1e0eMartin Matuska2017-02-0265-454/+2563
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Vendor changes (relevant to FreeBSD): - bugfixes, improvemens and optimizations in ACL code - NFSv4 ACLs can now be extracted from Solaris tar archives Security fixes: - cab reader: endless loop when parsing MSZIP signature (OSS-Fuzz 335) - LHA reader: heap-buffer-overflow in lha_read_file_header_1() (CVE-2017-5601) - LZ4 reader: null-pointer dereference in lz4_filter_read_legacy_stream() (OSS-Fuzz 453) - mtree reader: heap-buffer-overflow in detect_form() (OSS-Fuzz 421, 443) - WARC reader: heap-buffer-overflow in xstrpisotime() (OSS-Fuzz 382, 458) Memory leak fixes: - ACL support: free memory allocated by acl_get_qualifier() - disk writer: missing free in create_filesystem_object() - file reader: fd leak (Coverity 1016755) - gnutar writer: fix free in archive_write_gnutar_header() (Coverity 1016752) - iso 9660 reader: missing free in parse_file_info() (part. Coverity 1016754) - program reader: missing free in __archive_read_program() - program writer: missing free in __archive_write_program_free() - xar reader: missing free in xar_cleanup() - xar reader: missing frees in expat_xmlattr_setup() (Coverity 1229979-1229981) - xar writer: missing free in file_free() - zip reader: missing free in zip_read_locazip_read_local_file_header() Notes: svn path=/vendor/libarchive/dist/; revision=313071
* Update vendor/libarchive to git 22f2d190639e6bd496a3b82f70c01fba0d38b40aMartin Matuska2017-01-1035-97/+498
| | | | | | | | | | | | | | | Vendor changes: #691: Support for SCHILY.xattr extended attributes #854: Spelling fixes Multiple fixes in ACL code: - prefer acl_set_fd_np() to acl_set_fd() - if acl_set_fd_np() fails, do no fallback to acl_set_file() - do not warn if trying to write ACLs to a filesystem without ACL support - fix id handling in archive_acl_(from_to)_text*() for NFSv4 ACLs Notes: svn path=/vendor/libarchive/dist/; revision=311899
* Update vendor/libarchive to git ab94a813b0f64cbc1bcb952bf55424a2d9c7f1d9Martin Matuska2016-12-302-4/+9
| | | | | | | | Vendor bugfixes: Use __LA_DEPRECATED macro with functions deprecated in 379867e (r310796) Notes: svn path=/vendor/libarchive/dist/; revision=310869
* Update vendor/libarchive to git 2a2488a81599f9cd065a8254b16a6fd48d81c3b4Martin Matuska2016-12-3015-49/+50
| | | | | | | | | | Vendor bugfixes: PR #843: Fix memory leak of struct archive_entry in cpio/cpio.c PR #851: Spelling fixes Fix two protoypes in manual page archive_read_disk.3 Notes: svn path=/vendor/libarchive/dist/; revision=310798
* Update vendor/libarchive to git e8a9de5eaf3b79fc3d990d056343bb52c51c5ba4Martin Matuska2016-12-301-1/+1
| | | | | | | Fix style typo in tar.5 Notes: svn path=/vendor/libarchive/dist/; revision=310797
* Update vendor/libarchive to git to 379867ecb330b3a952fb7bfa7bffb7bbd5547205Martin Matuska2016-12-3027-1224/+3370
| | | | | | | | Vendor changes: PR #771: Add NFSv4 ACL support to pax and restricted pax Notes: svn path=/vendor/libarchive/dist/; revision=310796
* Update vendor/libarchive to git to 42a3408ac7df1e69bea9ea12b72e14f59f7400c0Martin Matuska2016-12-2721-80/+143
| | | | | | | | | | | | | | | | Vendor bugfixes: PR 844: Coverity bug fixes in tests PR 846: Spelling fixes PR 850: Fix issues with reading certain jar files PR 826: OpenSSL 1.1 support PR 830, 831, 833: Spelling fixes OSS-Fuzz 227, 230, 239: Fix possible memory leak in archive_read_free() OSS-Fuzz 237: Fix heap buffer overflow when reading invalid ar archives OSS-Fuzz 286: Bugfix in archive_strncat_l() Notes: svn path=/vendor/libarchive/dist/; revision=310622
* Add vendor/libarchive/dist files missing in r310115Martin Matuska2016-12-173-0/+244
| | | | Notes: svn path=/vendor/libarchive/dist/; revision=310184
* Update vendor/libarchive to git to 30528ed7a9f479f1c363ee8cfa1c5eb4c7d9be10Martin Matuska2016-12-1554-197/+231
| | | | | | | | | | | | Vendor bugfixes: PR 826: OpenSSL 1.1 support PR 830, 831, 833: Spelling fixes OSS-Fuzz 227, 230, 239: Fix possible memory leak in archive_read_free() OSS-Fuzz 237: Fix heap buffer overflow when reading invalid ar archives Notes: svn path=/vendor/libarchive/dist/; revision=310115
* Merge PR to address libarchive/test coverity issuesEnji Cooper2016-12-124-23/+36
| | | | | | | Obtained from: libarchive (f9e3de49fb294901374e0c8c6c2ceaeea7b6d6c0) Notes: svn path=/vendor/libarchive/dist/; revision=309865
* Merge PR to address tar/test coverity issuesEnji Cooper2016-12-1219-51/+97
| | | | | | | Obtained from: libarchive (fd0ea220635939ffe4b9ffb5cacaaa526a25b5ae) Notes: svn path=/vendor/libarchive/dist/; revision=309864
* Free p (the memory allocated via slurpfile) when done with the contentsEnji Cooper2016-12-124-3/+15
| | | | | | | | | | Reported by: Coverity CID: 1331631, 1331632, 1331633, 1331646 Obtained from: libarchive (ebe29c0ec3b1aaa424df9cf884721c6018c676f4) Notes: svn path=/vendor/libarchive/dist/; revision=309863
* Update vendor/libarchive to git ddb3954bfdb9a0a98d50fb1c50cbecb603d9adf0Martin Matuska2016-12-0626-58/+192
| | | | | | | | | | | | | | | | | Vendor bugfixes: libarchive #831: Spelling fixes libarchive #832: Relax sanity checks of number fields in tar header even more OSS-Fuzz #16: Fix possible hang in uudecode_filter_read() OSS-Fuzz #220: Reject an 'ar' filename table larger than 1GB or a filename larger than 1MB. Notes: svn path=/vendor/libarchive/dist/; revision=309587
* Update vendor/libarchive to git 53d73345410d69e68171f05facaf4523e38e72bbMartin Matuska2016-12-023-65/+48
| | | | | | | | | | Vendor bugfixes: Fix for heap-buffer-overflow in archive_le16dec() Fix for heap-buffer-overflow in uudecode_bidder_bid() Reworked fix for compatibility with archives created by Perl Archive::Tar Notes: svn path=/vendor/libarchive/dist/; revision=309403
* Update vendor/libarchive to git 2d2b3e928605f795515b03f060fd638c265b0778Martin Matuska2016-12-0112-31/+210
| | | | | | | | | | Small improvements, style fixes, bugfixes. Important vendor bugfixes: Restore compatibility with Perl Archive::Tar that was broken with #825 Notes: svn path=/vendor/libarchive/dist/; revision=309362
* Update vendor/libarchive to git 256e52f073765a4ddad1e86fd4d0eda2a18147bfMartin Matuska2016-11-2927-476/+1065
| | | | | | | | | Important vendor bugfixes (relevant to FreeBSD): #821: tar -P cannot extract hardlinks through symlinks #825: Add sanity check of tar "uid, "gid" and "mtime" fields Notes: svn path=/vendor/libarchive/dist/; revision=309299
* Update vendor/libarchive to git 629358182b04d7de2316bbd29708c58ddf797fd2vendor/libarchive/3.2.2Martin Matuska2016-10-2426-54/+481
| | | | | | | | Libarchive 3.2.2 Notes: svn path=/vendor/libarchive/dist/; revision=307859 svn path=/vendor/libarchive/3.2.2/; revision=307860; tag=vendor/libarchive/3.2.2
* Update vendor/libarchive to git e3bdbbf3475c3abf264e563c753a20972095665eMartin Matuska2016-10-1310-31/+127
| | | | | | | | Important vendor bugfixes (relevant to FreeBSD): #801: FreeBSD Coverity report: resource leak in libarchive/tar/test/main.c Notes: svn path=/vendor/libarchive/dist/; revision=307214
* Update vendor/libarchive to git 024be27d1b299c030e8841bed3002ee07ba9eedcMartin Matuska2016-10-0422-27/+227
| | | | | | | | | | | | | Important vendor bugfixes (relevant to FreeBSD): #747: Out of bounds read in mtree parser #761: heap-based buffer overflow in read_Header (7-zip) #784: Invalid file on bsdtar command line results in internal errors (1) PR: 213092 (1) Obtained from: https://github.com/libarchive/libarchive Notes: svn path=/vendor/libarchive/dist/; revision=306669
* Update vendor/libarchive to git c31379acc9009f5a3bafcfa33d7672a24b3f51f3Martin Matuska2016-09-149-152/+467
| | | | | | | | | | | | | | | | Vendor issues fixed (FreeBSD): PR #778: ACL error handling Issue #745: Symlink check prefix optimization is too aggressive Issue #746: Hard links with data can evade sandboxing restrictions This update fixes the vulnerability #3 and vulnerability #4 as reported in the "non-cryptanalytic attacks against FreeBSD update components". https://gist.github.com/anonymous/e48209b03f1dd9625a992717e7b89c4f Vulnerability #2 has already been fixed in r304866 Notes: svn path=/vendor/libarchive/dist/; revision=305816
* Update vendor/libarchive to git b4099917d6893ed77af24caff1156e044ebd4fa5Martin Matuska2016-09-0510-185/+466
| | | | | | | | | | | | Vendor issues fixed: PR #777: Multiple bugfixes for setup_acls() This fixes a bug that caused ACLs not to be read properly for files and directories inside subdirectories and as a result not being stored in tar archives. Notes: svn path=/vendor/libarchive/dist/; revision=305420
* Update vendor/libarchive to git 299c6bf136b9bc328b498505f24f87e732b73ff6Martin Matuska2016-08-265-18/+52
| | | | | | | | | | | | Vendor issues fixed: Issue #731: Reject tar entries >= INT64_MAX Issue #744 (part of Issue #743): Enforce sandbox with very long pathnames Issue #748: Zip decompression failure with highly-compressed data Issue #767: Buffer overflow printing a filename Issue #770: Be more careful about extra_length Notes: svn path=/vendor/libarchive/dist/; revision=304866
* Update vendor/libarchive to git 6a0d970f70102fe50ee9f1e51a2e4c048985e616Martin Matuska2016-08-1334-53/+576
| | | | | | | | | | | | Vendor issues fixed: Issue #744: Very long pathnames evade symlink checks Issue #748: libarchive can compress, but cannot decompress zip some files PR #750: ustar: fix out of bounds read on empty string ("") filename PR #755: fix use of acl_get_flagset_np() on FreeBSD Notes: svn path=/vendor/libarchive/dist/; revision=304060
* Update vendor/libarchive to git 084ef320b8fc62e3fd3acb762fe6175d48d7829cMartin Matuska2016-06-299-86/+76
| | | | | | | | | | | Vendor issues fixed: #686: Correctly grow buffer in archive_string_append_from_wcs_in_codepage() FreeBSD PR #204157: Fix test on filesystems without birthtime support PR: 204157 Notes: svn path=/vendor/libarchive/dist/; revision=302264
* Update vendor/libarchive to git f502a81fcd7c331204bf53cc40cbf966ebb28a42Martin Matuska2016-06-216-22/+36
| | | | Notes: svn path=/vendor/libarchive/dist/; revision=302056
* Add two missing test files in r302037vendor/libarchive/3.2.1Martin Matuska2016-06-212-0/+49
| | | | | Notes: svn path=/vendor/libarchive/dist/; revision=302038 svn path=/vendor/libarchive/3.2.1/; revision=302039; tag=vendor/libarchive/3.2.1
* Update vendor/libarchive to git 139d0576b51a253732a5ab1f66805dffbf8b00afMartin Matuska2016-06-2012-13/+39
| | | | | | | | | | | | | | | | tag v3.2.1 Fixed vendor issues: Issue 521: Properly check reading from lzss decompression buffer Issue 717: Fix integer overflow when computing location of volume descriptor Issue 718: Security fix TALOS-CAN-152 Issue 719: Security fix TALOS-CAN-154 Security: TALOS-CAN-152, TALOS-CAN-154 Notes: svn path=/vendor/libarchive/dist/; revision=302037
* Update vendor/libarchive to git d85976e7ff4a062e1de6e04dab7bb78e3344768fMartin Matuska2016-06-1823-144/+493
| | | | | | | | | | | | | Fixed vendor issues: Issue 553: Fix broken decryption for ZIP files Issue 657: Allow up to 8k for the test root directory name Issue 682: Correctly write gnutar filenames of exactly 512 bytes Issue 708: tar should fail if a named input file is missing PR 715: Fix libarchive/archive_read_support_format_mtree.c:1388:11: error: array subscript is above array bounds Notes: svn path=/vendor/libarchive/dist/; revision=302003
* Update vendor/libarchvie to git commit 860ec63Martin Matuska2016-05-162-0/+6
| | | | | | | Integrates my pull request #709 Notes: svn path=/vendor/libarchive/dist/; revision=299895
* Update vendor/libarchive/dist to git commit f48d99bMartin Matuska2016-05-124-9/+9
| | | | | | | Integrates my pull requests #701, #702 and #703 Notes: svn path=/vendor/libarchive/dist/; revision=299539
* Update vendor/libarchive/dist to git commit 61c56e5 (post 3.2.0)vendor/libarchive/3.2.0Martin Matuska2016-05-11436-5618/+65124
| | | | | Notes: svn path=/vendor/libarchive/dist/; revision=299425 svn path=/vendor/libarchive/3.2.0/; revision=299528; tag=vendor/libarchive/3.2.0
* Keep full libarchive distribution in vendor branch (prep for 3.2.0 update)Martin Matuska2016-05-1184-0/+20797
| | | | Notes: svn path=/vendor/libarchive/dist/; revision=299422
* Trim libarchive/dist using FREEBSD-XlistMartin Matuska2016-05-1082-20712/+0
| | | | Notes: svn path=/vendor/libarchive/dist/; revision=299390
* Apply upstream commit 6e06b1c8 (partial, by kientzle):Xin LI2016-02-231-2/+5
| | | | | | | | | | | | | | | | | Fix a potential crash issue discovered by Alexander Cherepanov: It seems bsdtar automatically handles stacked compression. This is a nice feature but it could be problematic when it's completely unlimited. Most clearly it's illustrated with quines: $ curl -sRO http://www.maximumcompression.com/selfgz.gz $ (ulimit -v 10000000 && bsdtar -tvf selfgz.gz) bsdtar: Error opening archive: Can't allocate data for gzip decompression Without ulimit, bsdtar will eat all available memory. This could also be a problem for other applications using libarchive. Notes: svn path=/vendor/libarchive/dist/; revision=295913
* Apply upstream changeset bf4f6ec64e:Bryan Drewery2015-07-285-3/+150
| | | | | | | Fix issue 356: properly skip a sparse file entry in a tar file. Notes: svn path=/vendor/libarchive/dist/; revision=285970
* Apply upstream changeset fa9e61:Bryan Drewery2015-07-281-1/+1
| | | | | | | | Fix --one-file-system to include the directory encountered rather than excluding it. Notes: svn path=/vendor/libarchive/dist/; revision=285968
* Apply upstream changeset 24f5de6:Xin LI2015-05-141-2/+8
| | | | | | | | | | | Set a proper error message if we hit end-of-file when trying to read a cpio header. Suggested by Issue #395, although the actual problem there seems to have been the same as Issue #394. Notes: svn path=/vendor/libarchive/dist/; revision=282930
* Apply upstream changeset e6c9668:Xin LI2015-05-141-0/+2
| | | | | | | | | | | Add a check to archive_read_filter_consume to reject any attempts to move the file pointer by a negative amount. Note: Either this or commit 3865cf2 provides a fix for Issue 394. Notes: svn path=/vendor/libarchive/dist/; revision=282928
* Apply upstream changeset 3865cf2:Xin LI2015-05-141-6/+6
| | | | | | | | | Issue 394: Segfault when reading malformed old-style cpio archives Root cause here was an implicit cast that resulted in reading very large file sizes as negative numbers. Notes: svn path=/vendor/libarchive/dist/; revision=282927
* Delete files accidentially left over in r248590 (libarchive 3.1.2)vendor/libarchive/3.1.2Martin Matuska2013-03-2111-2139/+0
| | | | | Notes: svn path=/vendor/libarchive/dist/; revision=248594 svn path=/vendor/libarchive/3.1.2/; revision=248615; tag=vendor/libarchive/3.1.2
* Update libarchive's vendor dist to version 3.1.2 from release branch.Martin Matuska2013-03-21410-3134/+43402
| | | | | | | | | | Git branch: release Git commit: 19f23e191f9d3e1dd2a518735046100419965804 Obtained from: https://github.com/libarchive/libarchive.git Notes: svn path=/vendor/libarchive/dist/; revision=248590
* Update libarchive's vendor dist to version 3.0.4 from release branch.vendor/libarchive/3.0.4Martin Matuska2012-07-27165-4624/+11302
| | | | | | | | | | | Git branch: release Git commit: 8076b31490c90aaf0edccecf760004c30bd95edc Obtained from: https://github.com/libarchive/libarchive.git Notes: svn path=/vendor/libarchive/dist/; revision=238825 svn path=/vendor/libarchive/3.0.4/; revision=238833; tag=vendor/libarchive/3.0.4
* Update libarchive's vendor dist to latest changes in release branch.Martin Matuska2012-02-2540-227/+961
| | | | | | | | | | Git branch: release Git commit: e2cc36190d7d733b3ac6744ec860d09776c9da02 Obtained from: https://github.com/libarchive/libarchive.git Notes: svn path=/vendor/libarchive/dist/; revision=232133
* Update libarchive's vendor dist to latest changes in release branch.Martin Matuska2012-02-0914-34/+46
| | | | | | | | | | | | Now all the gcc warnings I have reported upstream should be fixed. Git branch: release Git commit: 01580b4298a946fb31e822a083bf49e9f37809ac Obtained from: https://github.com/libarchive/libarchive.git Notes: svn path=/vendor/libarchive/dist/; revision=231297