ZhuningOS/cpio
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Initialize for cpio

Browse source
This commit is contained in:
zyppe 2024-02-04 22:08:11 +08:00
commit 3aa57bc9dd
22 changed files with 1731 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.cpio.metadata Normal file
View file

@ -0,0 +1 @@
5d5d55d2165a02c3d79b949daef64d6593d944451c5e7d2da64192df4c01943c cpio-2.13.tar.bz2

1
.gitignore vendored Normal file
View file

@ -0,0 +1 @@
cpio-2.13.tar.bz2

7
cpio-2.13.tar.bz2.sig Normal file
View file

@ -0,0 +1,7 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)
iEYEABECAAYFAl3CgW4ACgkQNgKwf1XQxzInuACdFx2CwRnphQ5Zka2zFicnNNCX
3z4AoIQeYZNDDyJoOzIYvKuNrFePJ4hG
=InYG
-----END PGP SIGNATURE-----

24
cpio-close_files_after_copy.patch Normal file
View file

@ -0,0 +1,24 @@
Index: src/copyin.c
===================================================================
--- src/copyin.c.orig
+++ src/copyin.c
@@ -1420,6 +1420,19 @@ process_copy_in ()
cpio_file_stat_free (&file_hdr);
+ if (tty_in)
+ {
+ fclose(tty_in);
+ }
+ if (tty_out)
+ {
+ fclose(tty_out);
+ }
+ if (rename_in)
+ {
+ fclose(rename_in);
+ }
+
if (append_flag)
return;

28
cpio-default_tape_dev.patch Normal file
View file

@ -0,0 +1,28 @@
Index: src/mt.c
===================================================================
--- src/mt.c.orig
+++ src/mt.c
@@ -225,11 +225,18 @@ parse_opt (int key, char *arg, struct ar
{
tapedev = getenv ("TAPE");
if (tapedev == NULL)
-#ifdef DEFTAPE /* From sys/mtio.h. */
- tapedev = DEFTAPE;
-#else
- error (MT_EXIT_INVOP, 0, _("no tape device specified"));
-#endif
+
+/* Suse doesn't have /dev/tape as link to /dev/nst0 any more.
+Instead it uses udev and creates different names in /dev/tape/by-id/ directory.
+If it is SCSI tape storage then it creates /dev/tape/by-id/scsi--nst
+If it is USB device then it creates something not predictibable:
+/dev/tape/by-id/scsi-*HP_blabla*{VENDOR_SPECIFIC}*-nst
+So let's use old behave which was /dev/nst0.
+bnc#355241
+*/
+/* #ifdef DEFTAPE * From sys/mtio.h. * */
+# define DEFSUSETAPE "/dev/nst0"
+ tapedev = DEFSUSETAPE;
}
break;

24
cpio-dev_number.patch Normal file
View file

@ -0,0 +1,24 @@
Index: src/copyin.c
===================================================================
--- src/copyin.c.orig
+++ src/copyin.c
@@ -1123,15 +1123,15 @@ read_in_binary (struct cpio_file_stat *f
swab_array ((char *) short_hdr, 13);
}
- file_hdr->c_dev_maj = major (short_hdr->c_dev);
- file_hdr->c_dev_min = minor (short_hdr->c_dev);
+ file_hdr->c_dev_maj = major ((unsigned short)short_hdr->c_dev);
+ file_hdr->c_dev_min = minor ((unsigned short)short_hdr->c_dev);
file_hdr->c_ino = short_hdr->c_ino;
file_hdr->c_mode = short_hdr->c_mode;
file_hdr->c_uid = short_hdr->c_uid;
file_hdr->c_gid = short_hdr->c_gid;
file_hdr->c_nlink = short_hdr->c_nlink;
- file_hdr->c_rdev_maj = major (short_hdr->c_rdev);
- file_hdr->c_rdev_min = minor (short_hdr->c_rdev);
+ file_hdr->c_rdev_maj = major ((unsigned short)short_hdr->c_rdev);
+ file_hdr->c_rdev_min = minor ((unsigned short)short_hdr->c_rdev);
file_hdr->c_mtime = (unsigned long) short_hdr->c_mtimes[0] << 16
| short_hdr->c_mtimes[1];
file_hdr->c_filesize = (unsigned long) short_hdr->c_filesizes[0] << 16

79
cpio-eof_tape_handling.patch Normal file
View file

@ -0,0 +1,79 @@
Index: src/util.c
===================================================================
--- src/util.c.orig
+++ src/util.c
@@ -203,8 +203,15 @@ tape_fill_input_buffer (int in_des, int
input_size = rmtread (in_des, input_buffer, num_bytes);
if (input_size == 0 && input_is_special)
{
- get_next_reel (in_des);
+ if (!tape_eof (in_des))
+ get_next_reel (in_des);
input_size = rmtread (in_des, input_buffer, num_bytes);
+ if (input_size == 0)
+ {
+ if (tape_eod (in_des))
+ get_next_reel (in_des);
+ input_size = rmtread (in_des, input_buffer, num_bytes);
+ }
}
if (input_size == SAFE_READ_ERROR)
error (PAXEXIT_FAILURE, errno, _("read error"));
@@ -366,8 +373,15 @@ tape_buffered_peek (char *peek_buf, int
{
if (input_is_special)
{
- get_next_reel (in_des);
+ if (!tape_eof (in_des))
+ get_next_reel (in_des);
tmp_input_size = rmtread (in_des, append_buf, io_block_size);
+ if (tmp_input_size == 0)
+ {
+ if (tape_eod (in_des))
+ get_next_reel (in_des);
+ tmp_input_size = rmtread (in_des, append_buf, io_block_size);
+ }
}
else
break;
@@ -829,6 +843,40 @@ tape_offline (int tape_des)
#endif
}
+int
+tape_eof( int tape_des)
+{
+ struct mtget status;
+
+ if (rmtioctl (tape_des, MTIOCGET, (char*)&status) == -1) {
+ error (1, errno, "Cannot get tape status");
+ return 0;
+ }
+
+ if (GMT_EOF(status.mt_gstat)) {
+ return 1;
+ }
+
+ return 0;
+}
+
+int
+tape_eod( int tape_des)
+{
+ struct mtget status;
+
+ if (rmtioctl (tape_des, MTIOCGET, (char*)&status) == -1) {
+ error (1, errno, "Cannot get tape status");
+ return 1;
+ }
+
+ if (GMT_EOD(status.mt_gstat)) {
+ return 1;
+ }
+
+ return 0;
+}
+
/* The file on file descriptor TAPE_DES is assumed to be magnetic tape
(or floppy disk or other device) and the end of the medium
has been reached. Ask the user for to mount a new "tape" to continue

13
cpio-fix_truncation_check.patch Normal file
View file

@ -0,0 +1,13 @@
Index: cpio-2.13/src/mt.c
===================================================================
--- cpio-2.13.orig/src/mt.c
+++ cpio-2.13/src/mt.c
@@ -208,7 +208,7 @@ parse_opt (int key, char *arg, struct ar
{
char *p;
long val = strtol (arg, &p, 0);
- if (*p || (count = val) != count)
+ if (*p || (count = val) != val)
error (MT_EXIT_INVOP, 0, _("invalid count value"));
}
break;

68
cpio-open_nonblock.patch Normal file
View file

@ -0,0 +1,68 @@
From: Alexey Svistunov <svalx@svalx.net>
Date: 2017-02-17 16:07:00 +0300
Subject: open device with O_NONBLOCK option
References: https://savannah.gnu.org/patch/?9263, bnc#94449
Upstream: submitted
When running the 2.6 kernel, "mt -f /dev/nst0 status" blocks if there is
no media in the drive. The same occurs for other commands.
When running the 2.4.24 kernel, "mt -f /dev/nst0 status" does not block
when there is no tape in the drive.
This behavior change is documented for the 2.6 kernel (see
kernel-source-2.6.3/Documentation/scsi/st.txt for the full doc):
If the open option O_NONBLOCK is used, open succeeds even if the
drive is not ready. If O_NONBLOCK is not used, the driver waits for
the drive to become ready. If this does not happen in ST_BLOCK_SECONDS
seconds, open fails with the errno value EIO. With O_NONBLOCK the
device can be opened for writing even if there is a write protected
tape in the drive (commands trying to write something return error if
attempted).
It appears that the use of O_NONBLOCK is safe with pre-2.6 kernels.
Suggest adding the use of O_NONBLOCK when opening the device. As it is,
for long-running commands such as "fsf", one cannot tell if the command is
progressing or if it's blocking waiting for media.
Index: src/mt.c
===================================================================
--- src/mt.c.orig
+++ src/mt.c
@@ -333,11 +333,11 @@ main (int argc, char **argv)
#ifdef MTERASE
case MTERASE:
#endif
- tapedesc = rmtopen (tapedev, O_WRONLY, 0, rsh_command_option);
+ tapedesc = rmtopen (tapedev, O_WRONLY | O_NONBLOCK, 0, rsh_command_option);
break;
default:
- tapedesc = rmtopen (tapedev, O_RDONLY, 0, rsh_command_option);
+ tapedesc = rmtopen (tapedev, O_RDONLY | O_NONBLOCK, 0, rsh_command_option);
}
if (tapedesc == -1)
Index: src/util.c
===================================================================
--- src/util.c.orig
+++ src/util.c
@@ -801,14 +801,14 @@ open_archive (char *file)
copy_in = process_copy_in;
if (copy_function == copy_in)
- fd = rmtopen (file, O_RDONLY | O_BINARY, MODE_RW, rsh_command_option);
+ fd = rmtopen (file, O_RDONLY | O_BINARY | O_NONBLOCK, MODE_RW, rsh_command_option);
else
{
if (!append_flag)
- fd = rmtopen (file, O_WRONLY | O_CREAT | O_TRUNC | O_BINARY, MODE_RW,
+ fd = rmtopen (file, O_WRONLY | O_CREAT | O_TRUNC | O_BINARY | O_NONBLOCK, MODE_RW,
rsh_command_option);
else
- fd = rmtopen (file, O_RDWR | O_BINARY, MODE_RW, rsh_command_option);
+ fd = rmtopen (file, O_RDWR | O_BINARY | O_NONBLOCK, MODE_RW, rsh_command_option);
}
return fd;

21
cpio-pattern-file-sigsegv.patch Normal file
View file

@ -0,0 +1,21 @@
Index: cpio-2.13/src/copyin.c
===================================================================
--- cpio-2.13.orig/src/copyin.c
+++ cpio-2.13/src/copyin.c
@@ -798,6 +798,8 @@ read_pattern_file ()
pattern_fp = fopen (pattern_file_name, "r");
if (pattern_fp == NULL)
open_fatal (pattern_file_name);
+ else
+ {
while (ds_fgetstr (pattern_fp, &pattern_name, '\n') != NULL)
{
if (new_num_patterns >= max_new_patterns)
@@ -812,6 +814,7 @@ read_pattern_file ()
}
if (ferror (pattern_fp) || fclose (pattern_fp) == EOF)
close_error (pattern_file_name);
+ }
for (i = 0; i < num_patterns; ++i)
new_save_patterns[i] = save_patterns[i];

91
cpio-revert-CVE-2015-1197-fix.patch Normal file
View file

@ -0,0 +1,91 @@
revert fix for CVE-2015-1197 as it causes shutdown issues
revert suggested as a workaround by upstream:
https://lists.gnu.org/archive/html/bug-cpio/2019-11/msg00016.html
--- b/src/copyin.c
+++ a/src/copyin.c
@@ -645,14 +645,13 @@
link_name = xstrdup (file_hdr->c_tar_linkname);
}
- cpio_safer_name_suffix (link_name, true, !no_abs_paths_flag, false);
-
res = UMASKED_SYMLINK (link_name, file_hdr->c_name,
file_hdr->c_mode);
if (res < 0 && create_dir_flag)
{
create_all_directories (file_hdr->c_name);
+ res = UMASKED_SYMLINK (link_name, file_hdr->c_name,
+ file_hdr->c_mode);
- res = UMASKED_SYMLINK (link_name, file_hdr->c_name, file_hdr->c_mode);
}
if (res < 0)
{
--- b/tests/CVE-2015-1197.at
+++ /dev/null
@@ -1,43 +0,0 @@
-# Process this file with autom4te to create testsuite. -*- Autotest -*-
-# Copyright (C) 2009-2019 Free Software Foundation, Inc.
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 3, or (at your option)
-# any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program. If not, see <http://www.gnu.org/licenses/>.
-
-AT_SETUP([CVE-2015-1197 (--no-absolute-filenames for symlinks)])
-AT_CHECK([
-tempdir=$(pwd)/tmp
-mkdir $tempdir
-touch $tempdir/file
-ln -s $tempdir dir
-AT_DATA([filelist],
-[dir
-dir/file
-])
-ln -s /tmp dir
-touch /tmp/file
-cpio -o < filelist > test.cpio
-rm dir /tmp/file
-cpio --no-absolute-filenames -iv < test.cpio
-],
-[2],
-[],
-[1 block
-cpio: Removing leading `/' from hard link targets
-dir
-cpio: dir/file: Cannot open: No such file or directory
-dir/file
-1 block
-])
-AT_CLEANUP
-
--- b/tests/Makefile.am
+++ a/tests/Makefile.am
@@ -56,9 +56,8 @@
symlink-long.at\
symlink-to-stdout.at\
version.at\
big-block-size.at\
- CVE-2015-1197.at\
CVE-2019-14866.at
TESTSUITE = $(srcdir)/testsuite
--- b/tests/testsuite.at
+++ a/tests/testsuite.at
@@ -43,6 +43,5 @@
m4_include([setstat04.at])
m4_include([setstat05.at])
m4_include([big-block-size.at])
-m4_include([CVE-2015-1197.at])
m4_include([CVE-2019-14866.at])

56
cpio-use_new_ascii_format.patch Normal file
View file

@ -0,0 +1,56 @@
Index: doc/cpio.info
===================================================================
--- doc/cpio.info.orig
+++ doc/cpio.info
@@ -226,7 +226,8 @@ option, e.g.:
'-B'
Set the I/O block size to 5120 bytes.
'-c'
- Use the old portable (ASCII) archive format.
+ Identical to "-H newc", use the new (SVR4) portable format.
+ If you wish the old portable (ASCII) archive format, use "-H odc" instead.
'-C NUMBER'
'--io-size=NUMBER'
Set the I/O block size to the given NUMBER of bytes.
@@ -307,7 +308,8 @@ option.
'-B'
Set the I/O block size to 5120 bytes.
'-c'
- Use the old portable (ASCII) archive format.
+ Identical to "-H newc", use the new (SVR4) portable format.
+ If you wish the old portable (ASCII) archive format, use "-H odc" instead.
'-C NUMBER'
'--io-size=NUMBER'
Set the I/O block size to the given NUMBER of bytes.
@@ -417,7 +419,8 @@ option.
'-B'
Set the I/O block size to 5120 bytes.
'-c'
- Use the old portable (ASCII) archive format.
+ Identical to "-H newc", use the new (SVR4) portable format.
+ If you wish the old portable (ASCII) archive format, use "-H odc" instead.
'-C NUMBER'
'--io-size=NUMBER'
Set the I/O block size to the given NUMBER of bytes.
@@ -565,7 +568,8 @@ option is valid.
'-c'
[*note copy-in::,*note copy-out::,*note copy-pass::]
- Use the old portable (ASCII) archive format.
+ Identical to "-H newc", use the new (SVR4) portable format.
+ If you wish the old portable (ASCII) archive format, use "-H odc" instead.
'-C IO-SIZE'
'--io-size=IO-SIZE'
Index: src/main.c
===================================================================
--- src/main.c.orig
+++ src/main.c
@@ -328,6 +328,7 @@ parse_opt (int key, char *arg, struct ar
case 'c': /* Use the old portable ASCII format. */
if (archive_format != arf_unknown)
USAGE_ERROR ((0, 0, _("Archive format multiply defined")));
+#define SVR4_COMPAT
#ifdef SVR4_COMPAT
archive_format = arf_newascii; /* -H newc. */
#else

22
cpio-use_sbin_rmt.patch Normal file
View file

@ -0,0 +1,22 @@
Index: lib/rtapelib.c
===================================================================
--- lib/rtapelib.c.orig
+++ lib/rtapelib.c
@@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software Foundation,
Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */
-/* The man page rmt(8) for /etc/rmt documents the remote mag tape protocol
+/* The man page rmt(8) for /sbin/rmt documents the remote mag tape protocol
which rdump and rrestore use. Unfortunately, the man page is *WRONG*.
The author of the routines I'm including originally wrote his code just
based on the man page, and it didn't work, so he went to the rdump source
@@ -267,7 +267,7 @@ get_status_off (int handle)
#if WITH_REXEC
-/* Execute /etc/rmt as user USER on remote system HOST using rexec.
+/* Execute /sbin/rmt as user USER on remote system HOST using rexec.
Return a file descriptor of a bidirectional socket for stdin and
stdout. If USER is zero, use the current username.

343
cpio.changes Normal file
View file

@ -0,0 +1,343 @@
* Mon Jan 29 2024 danilo.spinella@suse.com
- Fix cpio not working after the fix in bsc#1218571, fixes bsc#1219238
* fix-bsc1219238.patch
* Fri Jan 12 2024 danilo.spinella@suse.com
- Fix CVE-2023-7207, path traversal vulnerability (bsc#1218571)
* fix-CVE-2023-7207.patch
* Thu Oct 28 2021 danilo.spinella@suse.com
- Update keyring
* Wed Aug 18 2021 danilo.spinella@suse.com
- Fix regression in last update (bsc#1189465)
* fix-CVE-2021-38185_2.patch
* fix-CVE-2021-38185_3.patch
* Mon Aug 9 2021 danilo.spinella@suse.com
- Fix CVE-2021-38185 Remote code execution caused by an integer overflow in ds_fgetstr
(CVE-2021-38185, bsc#1189206)
* fix-CVE-2021-38185.patch
* Fri Oct 16 2020 lnussel@suse.de
- prepare usrmerge (boo#1029961)
* Fri Sep 11 2020 dmueller@suse.com
- add cpio-revert-CVE-2015-1197-fix.patch as recommended by upstream
to fix https://lists.gnu.org/archive/html/bug-cpio/2019-11/msg00016.html
* Sat Aug 15 2020 dmueller@suse.com
- update to 2.13:
* CVE-2015-1197, CVE-2016-2037, CVE-2019-14866
- remove patches (upstream):
cpio-2.12-out_of_bounds_write.patch, cpio-2.12-CVE-2019-14866.patch,
cpio-2.12-util.c_no_return_in_nonvoid_fnc.patch,
cpio-check_for_symlinks.patch
* Sun Mar 29 2020 kstreitova@suse.com
- starting with GCC 10, the default of '-fcommon' option will
change to '-fno-common'. Because cpio build fails with
'fno-common', add '-fcommon' option to optflags as a temporary
workaround for this problem till it's properly fixed [bsc#1160870]
* Mon Nov 4 2019 kstreitova@suse.com
- add cpio-2.12-CVE-2019-14866.patch to fix a security issue where
cpio does not properly validate the values written in the header
of a TAR file through the to_oct() function [bsc#1155199]
[CVE-2019-14866]
* Thu Sep 19 2019 lnussel@suse.de
- Do not recommend lang package. The lang package already has a
supplements.
* Wed Sep 26 2018 bwiedemann@suse.com
- Use gettextize --no-changelog to drop build date
to make package build reproducible (boo#1047218)
* Fri Sep 14 2018 mpluskal@suse.com
- Use URL to fetch keyring
- Do not force building with PIE, it is default now anyways
- Use https for URLs
- Install license
* Tue Apr 11 2017 kstreitova@suse.com
- modify cpio-2.12-out_of_bounds_write.patch to fix a regression
causing cpio to crash for tar and ustar archive types
[bsc#1028410]
* Mon Mar 27 2017 mpluskal@suse.com
- Use macro for configure and make install
- Use update-alternatives according to current documentation
- Enable testsuite
* Fri Mar 24 2017 svalx@svalx.net
- Enable mt building
- Separated cpio-mt subpackge
- Change recommend to own mt subpackge
- Remove cpio-mt.patch - those features available in original mt-st package
- Switch to use alternatives system for mt
- Disable rmt building: this binary fully identical to rmt from tar
- Change default rmt dir to /usr/bin
* Thu Mar 23 2017 kstreitova@suse.com
- cleanup with spec-cleaner
* Sat Mar 5 2016 mpluskal@suse.com
- Recommend mt_st as it is not hard dependency
* Thu Mar 3 2016 kstreitova@suse.com
- fix typos in the description
- add 'Require: mt_st' in order not to surprise users by the missing
'mt' binary
* Thu Mar 3 2016 svalx@svalx.net
- Disable mt building: this binary from mt_st package offers
advanced capabilities with the same functionality.
- Enable rmt building: 'dump' package no longer include it, besides
cpio code base for rmt is more fresh.
- Reflect those changes in the package description.
* Fri Feb 19 2016 kstreitova@suse.com
- add cpio-2.12-out_of_bounds_write.patch to fix an out of bounds
write in a way cpio parses certain cpio files [bsc#963448],
[CVE-2016-2037]
* Thu Oct 8 2015 kstreitova@suse.com
- update to 2.12
* Improved documentation
* Manpages are installed by make install
* New options for copy-out mode: --ignore-devno,
- -renumber-inodes, --device-independent, --reproducible
* update
* cpio-use_new_ascii_format.patch
* cpio-mt.patch
* cpio-eof_tape_handling.patch
* cpio-pattern-file-sigsegv.patch
* cpio-check_for_symlinks.patch
* remove (no longer needed)
* cpio-stdio.in.patch
* 0001-Fix-memory-overrun-on-reading-improperly-created-lin.patch
* add
* cpio-2.12-util.c_no_return_in_nonvoid_fnc.patch to add missing
return to the nonvoid get_inode_and_dev() function
- use spec-cleaner
* Mon Mar 16 2015 mpluskal@suse.com
- Add gpg signature
- Correct info scriplet dependencies
- Cleanup spec file with spec-cleaner
* Thu Jan 1 2015 meissner@suse.com
- build with PIE
* Mon Dec 1 2014 vcizek@suse.com
- fix an OOB write with cpio -i (bnc#907456) (CVE-2014-9112)
* added 0001-Fix-memory-overrun-on-reading-improperly-created-lin.patch
* Fri Aug 29 2014 jengelh@inai.de
- Improve on RPM group classification (cpio does not compress
on its own per se)
- Remove redundant %%clean section
* Thu Aug 21 2014 vcizek@suse.com
- drop cpio-dir_perm.patch
* no longer needed since 2.11
* it was dropped from Fedora too and only caused problems (bnc#889138)
* Tue Jul 29 2014 vcizek@suse.com
- fix a truncation check in mt
* added cpio-fix_truncation_check.patch
* Thu Jul 17 2014 vcizek@suse.com
- prevent cpio from extracting over a symlink (bnc#658010)
* added cpio-check_for_symlinks.patch
* Tue Jul 23 2013 vcizek@suse.com
- add a missing fix from SLE for bnc#830779 (original bug bnc#658031)
added paxutils-rtapelib_mtget.patch
* Thu Mar 21 2013 mmeister@suse.com
- Added url as source.
Please see http://en.opensuse.org/SourceUrls
* Wed Jul 18 2012 aj@suse.de
- Fix build with missing gets declaration (glibc 2.16)
* Thu Feb 2 2012 rschweikert@suse.com
- leave binary in /usr (UsrMerge project), link to binary from /bin
* Mon Jan 2 2012 vcizek@suse.cz
- added autoconf to BuildRequires
* Thu Dec 1 2011 coolo@suse.com
- add automake as buildrequire to avoid implicit dependency
* Sun Sep 18 2011 andrea.turrini@gmail.com
- fix typos in spec file
* Tue Nov 9 2010 puzel@novell.com
- disable-silent-rules
* Tue Aug 31 2010 aj@suse.de
- Recommend instead of require lang package since it's not mandatory.
* Tue Aug 10 2010 puzel@novell.com
- add cpio-pattern-file-sigsegv.patch (bnc#629860)
* Mon Jun 28 2010 jengelh@medozas.de
- use %%_smp_mflags
* Fri Mar 12 2010 mseben@novell.com
- updated to 2.11
* Fix mt build.
* In copy-in mode, if directory attributes do not permit writing to it,
setting them is delayed until the end of run. This allows to
correctly extract files in such directories.
* In copy-in mode, permissions of a directory are restored if it
appears in the file list after files in it (e.g. in listings
produced by find . -depth). This fixes debian bug #458079.
* Fix possible memory overflow in the rmt client code (CVE-2010-0624).
- deprecated heap_overflow_in_rtapelib.patch,chmodRaceC.patch and
include_fatal_c.patch
* Wed Mar 3 2010 mseben@novell.com
- added heap_overflow_in_rtapelib.patch fix possible heap overflow in
rtapelib.c (bnc#579475)
* Sat Dec 26 2009 jengelh@medozas.de
- enable parallel build
* Tue Nov 3 2009 coolo@novell.com
- updated patches to apply with fuzz=0
* Fri Oct 16 2009 rschweikert@novell.com
- close files after copy (bnc#543132)
(cpio-2.10-close_files_after_copy.patch)
* Mon Aug 10 2009 mseben@novell.com
- merged DAT160.patch with mt.patch
- added other tape density definitions from mt_st package (bnc#523357)
* Fri Jul 17 2009 rguenther@suse.de
- Drop rmt BuildRequires again
* Fri Jul 17 2009 mseben@suse.cz
- fix identification of the density code for DAT160 bnc#415166
* Mon Jun 22 2009 mseben@suse.cz
- updated to version 2.10
* Ensure record headers are properly packed (fix builds on ARM).
* Fix exit codes to reliably indicate success or failure of the operation.
* Fix large file support.
* Support MinGW builds.
* Minor bugfixes.
- deprecated : lfs_correction.patch,paxlib-owl-alloca.patch,
gcc4_3.patch,segfault_in_copyin.patch,doc_typo.patch,
m4_macro.patch,gnulib.patch, no_rmt.patch
- added include_fatal_c.patch : fix undefined ref in mt build
- configure stage : removed useless DEFAULT_RMT_DIR=/sbin, added
- -with-rmt="%%{_sysconfdir}/rmt" and --enable-mt
* Mon Aug 4 2008 lmichnovic@suse.cz
- changed default tape device for 'mt' command to /dev/nst0
/dev/tape is not symlink any more but directory handled by udev
(*default_tape_dev.patch) [bnc#355241]
* Fri Aug 1 2008 cthiel@suse.de
- specfile cleanup
* Fri Jul 18 2008 lmichnovic@suse.cz
- make possible device nodes with major number > 127 [rhb#450109]
(*dev_number.patch)
* Fri Jun 27 2008 schwab@suse.de
- Fix gnulib macro.
* Fri Apr 11 2008 lmichnovic@suse.cz
- adjusted eof-handling.patch to check for 'end-of-file' and
'end-of-data' marker when detecting reel change. [bnc#371077]
* Fri Apr 4 2008 lmichnovic@suse.cz
- adjusted cpio-2.9-dir_perm.patch acording Red Hat patch to fix
correct dir permissions after extraction in pass-through mode.
- fix for two tapes handling (eof_tape_handling.patch) [bnc#371077]
* Thu Mar 13 2008 lmichnovic@suse.cz
- lang subpackage split off
* Thu Mar 13 2008 lmichnovic@suse.cz
- applying upstream patch cpio-2.9-dir_perm.patch which fixes
incorrect directory permissions after archive extraction
* Thu Nov 29 2007 lmichnovic@suse.cz
- removed unused m4 macro gl_LONG_LONG (*m4_macro.patch)
* Wed Nov 7 2007 lmichnovic@suse.cz
- upstream fix of typo in documantation (*doc_typo.patch)
* Tue Oct 23 2007 lmichnovic@suse.cz
- rewrote code which uses overflow to copy string in structure and
gcc was complaining about it (*avoid_overflow_warning.patch)
* Mon Oct 1 2007 lmichnovic@suse.cz
- Fixed typo in copin.c causing segfault [#329744]
(*segfault_in_copyin.patch)
* Tue Sep 25 2007 lmichnovic@suse.cz
- fix for compiling with new gcc 4.3 (*gcc4_3.patch)
* Mon Aug 20 2007 lmichnovic@suse.cz
- fixed typo in paxlib-owl-alloca.patch [#301416]
* Fri Aug 17 2007 lmichnovic@suse.cz
- upstream fix: use of alloca can cause stack overflow
(paxlib-owl-alloca.patch)
* Tue Aug 14 2007 lmichnovic@suse.cz
- CAN-2005-1111 is not fixed completely in 2.9 (chmodRaceC.patch)
based on fedora patch
* Wed Jul 25 2007 lmichnovic@suse.cz
- fixed types of variables for LFS support (*lfs_correction.patch)
* Tue Jul 24 2007 lmichnovic@suse.cz
- adjusted *mt.patch to fix compression handling [#223494]
* Fri Jul 20 2007 lmichnovic@suse.cz
- update to version 2.9
- obsoletes *lstat.patch
* Licensed under the GPLv3.
* Bugfixes: Honor umask when creating intermediate directories,
not specified in the archive (debian bug #430053). (This bug
is only in version 2.8)
* 2.8:
* Option --owner can be used in copy-out mode, allowing
to uniformly override the ownership of the files being added
to the archive.
* Bugfixes:
- Symlinks were handled incorrectly in copy-out mode. (This
bug was only in version 2.7)
- Fix handling of large files. {obsoletes lfs.patch}
o Fix setting the file permissions in copy-out mode.
o Fix CAN-2005-1111 {obsoletes chmodRaceC.patch}
* 2.7:
* Improved error checking and diagnostics
* Fixed CAN-1999-1572 {obsoletes writeOutHeaderBufferOverflow.patch}
* Allow to use --sparse in both copy-in and copy-pass.
* Fix bug that eventually caused copying out the same
hard-linked file several times to archive.
* Fix several LFS-related issues. {obsoletes lfs.patch}
* Fix Debian bug #335580.
- obsoletes *dirTraversal.patch implemented with option
- -no-absolute-pathnames; option --absolute-pathnames is still possible
- obsoletes *checksum.patch, fix_umask.patch, sparse.patch
- using lang macro
* Thu Sep 21 2006 lmichnovic@suse.cz
- fixed typo in cpio-2.6.dif; renamed to *-mt.patch
- united suffix of patches
* Tue Sep 19 2006 schwab@suse.de
- Fix missing newline after mt status.
* Mon Jul 24 2006 rguenther@suse.de
- remove useless build-dependency on rsh.
* Wed Jan 25 2006 mls@suse.de
- converted neededforbuild to BuildRequires
* Tue Dec 6 2005 fehr@suse.de
- add cpio-2.6-chmodRaceC.patch and cpio-2.6-dirTraversal.patch to
fix bug #80226
- add cpio-2.6-writeOutHeaderBufferOverflow.patch to fix #133454
- add cpio-2.6-checksum.patch fix wrong checksum on 64bit archs
- add cpio-2.6-lfs.patch to support large files on 32bit archs
* Wed Aug 10 2005 fehr@suse.de
- fix call to setlocale to make multibyte characters work (#98902)
* Thu Jun 30 2005 fehr@suse.de
- open with O_NONBLOCK option (#94449)
* Wed May 4 2005 ro@suse.de
- properly detect lstat in configure
* Wed Apr 27 2005 snwint@suse.de
- fix '--sparse' option check
* Mon Apr 25 2005 fehr@suse.de
- update to cpio 2.6
* Mon Jan 24 2005 fehr@suse.de
- fix problem with cpio not respecting umask (#50054)
* Mon Jan 19 2004 ro@suse.de
- fix build as user
* Sun Jan 11 2004 adrian@suse.de
- add %%defattr
* Thu Apr 24 2003 ro@suse.de
- fix install_info --delete call and move from preun to postun
* Tue Apr 15 2003 coolo@suse.de
- use BuildRoot
* Fri Feb 7 2003 fehr@suse.de
- Use %%install_info macro
* Tue Sep 17 2002 ro@suse.de
- removed bogus self-provides
* Tue Aug 13 2002 mfabian@suse.de
- add cpio-2.5-i18n-0.1.patch received from
"Mitsuru Chinen" <CHINEN@jp.ibm.com>
The patch just adds a setlocale (LC_ALL, "").
* Sun Jul 28 2002 kukuk@suse.de
- remove unused tetex from neededforbuild
* Fri Jul 5 2002 fehr@suse.de
- update to new version 2.5
* Mon Dec 3 2001 fehr@suse.de
- make the -c switch comatible to SVR4 (and compatible to RedHat)
- fix the man page accordingly
- add rsh to #needfobuild to allow remote file access again (#12543)
* Sun Dec 3 2000 schwab@suse.de
- Fix a few bugs and typos.
* Tue Nov 28 2000 fehr@suse.de
- add compile options for LFS
* Mon Apr 17 2000 fehr@suse.de
- move cpio binary to /bin for compatibility with RedHat
* Fri Feb 25 2000 kukuk@suse.de
- remove Makefile.Linux
- use _infodir/_mandir
* Mon Sep 13 1999 bs@suse.de
- ran old prepare_spec on spec file to switch to new prepare_spec.
* Thu Sep 2 1999 fehr@suse.de
- Fix patch for broken header (cast to short instead of int)
* Wed Aug 4 1999 kukuk@suse.de
- Add patch for broken header in oldascii format
* Tue Sep 22 1998 ro@suse.de
- define _GNU_SOURCE for glibc where including getopt
* Tue Sep 1 1998 ro@suse.de
- fixed strdup-macro problem
* Thu Jun 5 1997 florian@suse.de
- go through the list of regex in a more suitable way (from ma@suse.de)
* Sun Apr 13 1997 florian@suse.de
- update to new version 2.4.2
- add Linux patches from RedHat
- add patches from gnu.utils.bugs

37
cpio.keyring Normal file
View file

@ -0,0 +1,37 @@
Member GPG keyring of cpio group.
Note that this keyring is not intended for checking releases of that group.
Use Group Release Keyring instead.
GPG keys of Sergey Poznyakoff <gray>
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.7 (GNU/Linux)
mQGiBDxhQHkRBACyhJxCLQvLs70IUZSlYVKAm+u1Oa4RyUo5/ctCcMm2KOcjui3z
xs+yUwlglo1n/de9NNJY98PJNLHniMVi5sPba8OKwYx9bilwuAWLgTsgfpX8UuuY
TANQmTybmrxjzxrGqN7eyjBT3utgbK3ACKDo/JUCgZMkdFu2c2i7186sDwCgo9pQ
ygxOOWEWBm70Rymdfvkon6EEAKY5h9nL1qYw46vM1+QY+vhyX2lHTD/E9QyFQv4L
driY3CerLAZ07yk5p8I6T31d7HEUt9DZcl0ZD99Y9IH84wWvms1xtnCuoLlP4ntw
FQ5ZUZtMY0AIVRtFbgkTDDLZsdanscqMu/LqnO2/QWjCQhaO/tcaIdPVgBIbCr28
fuBJA/9KA5vbQBd4WnNFLVJsr47irnJBYdR+OqPQAUFUcQPO1metR76UZ7+7LwtO
ldAjPN3RDJtRB8/JooHDNq+VCEzjs02JaBpQ+BCOzzqELnkoBPl26yHR56r4WbC5
+FH/QxEaicjVGxIF/Z9crzG/XUMXwieTNcM6HoGCnMboGqCM4bQjU2VyZ2V5IFBv
em55YWtvZmYgPGdyYXlAZ251Lm9yZy51YT6IXgQTEQIAHgUCQ/CVdwIbAwYLCQgH
AwIDFQIDAxYCAQIeAQIXgAAKCRA2ArB/VdDHMubqAJ9tq+C7VtEMexpRAq9jzcKo
5fZFywCeKtqljjB7nsCIKvZNOV1D4fn7HDm0MlNlcmdleSBQb3pueWFrb2ZmIChH
cmF5KSA8Z3JheUBtaXJkZGluLmZhcmxlcC5uZXQ+iFcEExECABcFAjxhQHkFCwcK
AwQDFQMCAxYCAQIXgAAKCRA2ArB/VdDHMg3iAKCVtLVewNzCDfjui1wTWmz73IcU
aQCcDjK4771A6G/z6qX5bDuK1yL/YeSIRgQSEQIABgUCP1tgaAAKCRCjCdZ5GaIl
R3GsAJ9IHf/Rl/2+eR03mdAe+AeSTaBfagCfUsLc7/wp+fb7Xo6lKQezvJzGBqu0
IFNlcmdleSBQb3pueWFrb2ZmIDxncmF5QGdudS5vcmc+iF4EExECAB4FAkPwlbUC
GwMGCwkIBwMCAxUCAwMWAgECHgECF4AACgkQNgKwf1XQxzJFSgCeNYJSs7nalOVI
MTJB3Ui6NvKL/nAAni1KxoLZr/+jG5iAnhuuL+ijq54GuQENBDxhQHwQBAD3qEph
UOWRg9C8hSJpZ9Zo8F+hXnF6mvMWuy76R+yHqg4H5CPWSH116lOKl5xpGeXdOOzM
5OxGgdEChb+jLoszM9rc3HQfcKAQmFMd03Iay4/5jMAS+vNgCfDV98nj6gU0Y3ku
UdTkyMPDObQWv1ginAnkoOVXb7nAVW/X5n8izwADBQP8CPuRROj2FC+w2tTXDgaJ
am9PEm1coHRJAoHef1nBZfOAOZLjRD10wBg2m8q2EUJ4/mr/1D0whTINThJkvmZk
RGVkuNILeC3X5dMQ1AX4fIOOnVObWVrlg5etH8ichIOYOUOqCx/cuV9F6Apg9PE6
vcFqmh4BoOlb0qOaIdzN1sWIRgQYEQIABgUCPGFAfAAKCRA2ArB/VdDHMlPgAKCM
9FxutfWWvZqNKW5up6GnB4y6WwCeN5k4mxck975PULOk8jq/ZqLGvnQ=
=5lxD
-----END PGP PUBLIC KEY BLOCK-----

155
cpio.spec Normal file
View file

@ -0,0 +1,155 @@
#
# spec file for package cpio
#
# Copyright (c) 2022-2023 ZhuningOS
#
Name: cpio
Version: 2.13
Release: 150400.3.6.1
Summary: A Backup and Archiving Utility
License: GPL-3.0-only
Group: Productivity/Archiving/Backup
URL: https://www.gnu.org/software/cpio/cpio.html
Source0: https://ftp.gnu.org/gnu/%{name}/%{name}-%{version}.tar.bz2
Source1: https://ftp.gnu.org/gnu/%{name}/%{name}-%{version}.tar.bz2.sig
Source2: https://savannah.gnu.org/project/memberlist-gpgkeys.php?group=%{name}&download=1#/%{name}.keyring
Patch2: cpio-use_new_ascii_format.patch
Patch4: cpio-use_sbin_rmt.patch
#PATCH-FIX-UPSTREAM cpio-2.12 cpio-open_nonblock.patch bnc#94449,
#https://savannah.gnu.org/patch/?9263 -- open device with O_NONBLOCK option
Patch5: cpio-open_nonblock.patch
Patch15: cpio-eof_tape_handling.patch
# make posibble to have device nodes with major number > 127
# Red Hat Bugzilla #450109
Patch17: cpio-dev_number.patch
Patch18: cpio-default_tape_dev.patch
#PATCH-FIX-UPSTREAM cpio-2.10-close_files_after_copy.patch
Patch20: cpio-close_files_after_copy.patch
Patch21: cpio-pattern-file-sigsegv.patch
Patch23: paxutils-rtapelib_mtget.patch
# see https://lists.gnu.org/archive/html/bug-cpio/2019-11/msg00016.html
Patch24: cpio-revert-CVE-2015-1197-fix.patch
Patch25: cpio-fix_truncation_check.patch
# PATCH-FIX-UPSTREAM danilo.spinella@suse.com bsc#1189206
# Remote code execution caused by an integer overflow in ds_fgetstr
Patch26: fix-CVE-2021-38185.patch
Patch27: fix-CVE-2021-38185_2.patch
Patch28: fix-CVE-2021-38185_3.patch
# PATCH-FIX-UPSTREAM danilo.spinella@suse.com bsc#1218571
# Path traversal vulnerability
Patch29: fix-CVE-2023-7207.patch
# PATCH-FIX-UPSTREAM danilo.spinella@suse.com bsc#1219238
# Fix cpio not working anymore
Patch30: fix-bsc1219238.patch
BuildRequires: autoconf
BuildRequires: automake
#Requires(post): %{xinstall_info_prereq}
#Requires(preun): %{xinstall_info_prereq}
Recommends: %{name}-mt = %{version}
Recommends: rmt
%description
GNU cpio is a program to manage archives of files. Cpio copies files
into or out of a cpio or tar archive. An archive is a file that contains
other files plus information about them, such as their pathname, owner,
time stamps, and access permissions. The archive can be another file on
the disk, a magnetic tape, or a pipe.
%package mt
Summary: Tape drive control utility
Group: Productivity/Archiving/Backup
Requires: %{name} = %{version}
Requires(post): update-alternatives
Requires(postun):update-alternatives
Provides: mt
%description mt
This package includes the 'mt', a local tape drive control program.
%lang_package
%prep
%setup -q
%patch2
%patch4
%patch5
%patch15
%patch17
%patch18
%patch20
###
%patch21 -p1
%patch23 -p1
%patch24 -p1
%patch25 -p1
%patch26 -p1
%patch27 -p1
%patch28 -p1
%patch29 -p1
%patch30 -p1
%build
gettextize -f --no-changelog
autoreconf -fiv
export CFLAGS="%{optflags} -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -fcommon"
%configure \
--with-rmt="%{_bindir}/rmt" \
--enable-mt \
--disable-silent-rules \
--program-transform-name='s/^mt$/gnumt/'
make %{?_smp_mflags}
%install
mkdir -p %{buildroot}/{usr/bin,bin}
%make_install
mkdir -p %{buildroot}%{_sysconfdir}/alternatives
ln -sf %{_sysconfdir}/alternatives/mt %{buildroot}%{_bindir}/mt
ln -sf %{_sysconfdir}/alternatives/mt.1%{ext_man} %{buildroot}%{_mandir}/man1/mt.1%{ext_man}
%if !0%{?usrmerged}
ln -sf %{_bindir}/cpio %{buildroot}/bin
%endif
%find_lang %{name}
%check
make %{?_smp_mflags} check
%post mt
%{_sbindir}/update-alternatives --force \
--install %{_bindir}/mt mt %{_bindir}/gnumt 10 \
--slave %{_mandir}/man1/mt.1%{ext_man} mt.1%{ext_man} %{_mandir}/man1/gnumt.1%{ext_man}
%post
%install_info --info-dir=%{_infodir} %{_infodir}/%{name}.info%{ext_info}
%preun
%install_info_delete --info-dir=%{_infodir} %{_infodir}/%{name}.info%{ext_info}
%postun mt
if [ ! -f %{_bindir}/gnumt ] ; then
"%{_sbindir}/update-alternatives" --remove mt %{_bindir}/gnumt
fi
%files
%license COPYING
%doc NEWS ChangeLog
%if !0%{?usrmerged}
/bin/cpio
%endif
%{_bindir}/cpio
%{_infodir}/cpio.info%{?ext_info}
%{_mandir}/man1/cpio.1%{?ext_man}
%files mt
%ghost %{_bindir}/mt
%{_bindir}/gnumt
%ghost %{_mandir}/man1/mt.1%{ext_man}
%{_mandir}/man1/gnumt.1%{?ext_man}
%ghost %{_sysconfdir}/alternatives/mt
%ghost %{_sysconfdir}/alternatives/mt.1%{ext_man}
%files lang -f %{name}.lang
%changelog

446
fix-CVE-2021-38185.patch Normal file
View file

@ -0,0 +1,446 @@
From dd96882877721703e19272fe25034560b794061b Mon Sep 17 00:00:00 2001
From: Sergey Poznyakoff <gray@gnu.org>
Date: Sat, 7 Aug 2021 12:52:21 +0300
Subject: Rewrite dynamic string support.
* src/dstring.c (ds_init): Take a single argument.
(ds_free): New function.
(ds_resize): Take a single argument. Use x2nrealloc to expand
the storage.
(ds_reset,ds_append,ds_concat,ds_endswith): New function.
(ds_fgetstr): Rewrite. In particular, this fixes integer overflow.
* src/dstring.h (dynamic_string): Keep both the allocated length
(ds_size) and index of the next free byte in the string (ds_idx).
(ds_init,ds_resize): Change signature.
(ds_len): New macro.
(ds_free,ds_reset,ds_append,ds_concat,ds_endswith): New protos.
* src/copyin.c: Use new ds_ functions.
* src/copyout.c: Likewise.
* src/copypass.c: Likewise.
* src/util.c: Likewise.
---
src/copyin.c | 40 +++++++++++++-------------
src/copyout.c | 16 ++++-------
src/copypass.c | 34 +++++++++++------------
src/dstring.c | 88 ++++++++++++++++++++++++++++++++++++++++++----------------
src/dstring.h | 31 ++++++++++-----------
src/util.c | 6 ++--
6 files changed, 123 insertions(+), 92 deletions(-)
Index: cpio-2.13/src/copyin.c
===================================================================
--- cpio-2.13.orig/src/copyin.c
+++ cpio-2.13/src/copyin.c
@@ -55,11 +55,12 @@ query_rename(struct cpio_file_stat* file
char *str_res; /* Result for string function. */
static dynamic_string new_name; /* New file name for rename option. */
static int initialized_new_name = false;
+
if (!initialized_new_name)
- {
- ds_init (&new_name, 128);
- initialized_new_name = true;
- }
+ {
+ ds_init (&new_name);
+ initialized_new_name = true;
+ }
if (rename_flag)
{
@@ -778,21 +779,20 @@ long_format (struct cpio_file_stat *file
already in `save_patterns' (from the command line) are preserved. */
static void
-read_pattern_file ()
+read_pattern_file (void)
{
- int max_new_patterns;
- char **new_save_patterns;
- int new_num_patterns;
+ char **new_save_patterns = NULL;
+ size_t max_new_patterns;
+ size_t new_num_patterns;
int i;
- dynamic_string pattern_name;
+ dynamic_string pattern_name = DYNAMIC_STRING_INITIALIZER;
FILE *pattern_fp;
if (num_patterns < 0)
num_patterns = 0;
- max_new_patterns = 1 + num_patterns;
- new_save_patterns = (char **) xmalloc (max_new_patterns * sizeof (char *));
new_num_patterns = num_patterns;
- ds_init (&pattern_name, 128);
+ max_new_patterns = num_patterns;
+ new_save_patterns = xcalloc (max_new_patterns, sizeof (new_save_patterns[0]));
pattern_fp = fopen (pattern_file_name, "r");
if (pattern_fp == NULL)
@@ -801,16 +801,16 @@ read_pattern_file ()
{
while (ds_fgetstr (pattern_fp, &pattern_name, '\n') != NULL)
{
- if (new_num_patterns >= max_new_patterns)
- {
- max_new_patterns += 1;
- new_save_patterns = (char **)
- xrealloc ((char *) new_save_patterns,
- max_new_patterns * sizeof (char *));
- }
+ if (new_num_patterns == max_new_patterns)
+ new_save_patterns = x2nrealloc (new_save_patterns,
+ &max_new_patterns,
+ sizeof (new_save_patterns[0]));
new_save_patterns[new_num_patterns] = xstrdup (pattern_name.ds_string);
++new_num_patterns;
}
+
+ ds_free (&pattern_name);
+
if (ferror (pattern_fp) || fclose (pattern_fp) == EOF)
close_error (pattern_file_name);
}
Index: cpio-2.13/src/copyout.c
===================================================================
--- cpio-2.13.orig/src/copyout.c
+++ cpio-2.13/src/copyout.c
@@ -594,9 +594,10 @@ assign_string (char **pvar, char *value)
The format of the header depends on the compatibility (-c) flag. */
void
-process_copy_out ()
+process_copy_out (void)
{
- dynamic_string input_name; /* Name of file read from stdin. */
+ dynamic_string input_name = DYNAMIC_STRING_INITIALIZER;
+ /* Name of file read from stdin. */
struct stat file_stat; /* Stat record for file. */
struct cpio_file_stat file_hdr = CPIO_FILE_STAT_INITIALIZER;
/* Output header information. */
@@ -605,7 +606,6 @@ process_copy_out ()
char *orig_file_name = NULL;
/* Initialize the copy out. */
- ds_init (&input_name, 128);
file_hdr.c_magic = 070707;
/* Check whether the output file might be a tape. */
@@ -657,14 +657,9 @@ process_copy_out ()
{
if (file_hdr.c_mode & CP_IFDIR)
{
- int len = strlen (input_name.ds_string);
/* Make sure the name ends with a slash */
- if (input_name.ds_string[len-1] != '/')
- {
- ds_resize (&input_name, len + 2);
- input_name.ds_string[len] = '/';
- input_name.ds_string[len+1] = 0;
- }
+ if (!ds_endswith (&input_name, '/'))
+ ds_append (&input_name, '/');
}
}
@@ -875,6 +870,7 @@ process_copy_out ()
(unsigned long) blocks), (unsigned long) blocks);
}
cpio_file_stat_free (&file_hdr);
+ ds_free (&input_name);
}
Index: cpio-2.13/src/copypass.c
===================================================================
--- cpio-2.13.orig/src/copypass.c
+++ cpio-2.13/src/copypass.c
@@ -48,10 +48,12 @@ set_copypass_perms (int fd, const char *
If `link_flag', link instead of copying. */
void
-process_copy_pass ()
+process_copy_pass (void)
{
- dynamic_string input_name; /* Name of file from stdin. */
- dynamic_string output_name; /* Name of new file. */
+ dynamic_string input_name = DYNAMIC_STRING_INITIALIZER;
+ /* Name of file from stdin. */
+ dynamic_string output_name = DYNAMIC_STRING_INITIALIZER;
+ /* Name of new file. */
size_t dirname_len; /* Length of `directory_name'. */
int res; /* Result of functions. */
char *slash; /* For moving past slashes in input name. */
@@ -65,25 +67,18 @@ process_copy_pass ()
created files */
/* Initialize the copy pass. */
- ds_init (&input_name, 128);
dirname_len = strlen (directory_name);
if (change_directory_option && !ISSLASH (directory_name[0]))
{
char *pwd = xgetcwd ();
-
- dirname_len += strlen (pwd) + 1;
- ds_init (&output_name, dirname_len + 2);
- strcpy (output_name.ds_string, pwd);
- strcat (output_name.ds_string, "/");
- strcat (output_name.ds_string, directory_name);
- }
- else
- {
- ds_init (&output_name, dirname_len + 2);
- strcpy (output_name.ds_string, directory_name);
+
+ ds_concat (&output_name, pwd);
+ ds_append (&output_name, '/');
}
- output_name.ds_string[dirname_len] = '/';
+ ds_concat (&output_name, directory_name);
+ ds_append (&output_name, '/');
+ dirname_len = ds_len (&output_name);
output_is_seekable = true;
change_dir ();
@@ -116,8 +111,8 @@ process_copy_pass ()
/* Make the name of the new file. */
for (slash = input_name.ds_string; *slash == '/'; ++slash)
;
- ds_resize (&output_name, dirname_len + strlen (slash) + 2);
- strcpy (output_name.ds_string + dirname_len + 1, slash);
+ ds_reset (&output_name, dirname_len);
+ ds_concat (&output_name, slash);
existing_dir = false;
if (lstat (output_name.ds_string, &out_file_stat) == 0)
@@ -333,6 +328,9 @@ process_copy_pass ()
(unsigned long) blocks),
(unsigned long) blocks);
}
+
+ ds_free (&input_name);
+ ds_free (&output_name);
}
/* Try and create a hard link from FILE_NAME to another file
Index: cpio-2.13/src/dstring.c
===================================================================
--- cpio-2.13.orig/src/dstring.c
+++ cpio-2.13/src/dstring.c
@@ -20,8 +20,8 @@
#if defined(HAVE_CONFIG_H)
# include <config.h>
#endif
-
#include <stdio.h>
+#include <stdlib.h>
#if defined(HAVE_STRING_H) || defined(STDC_HEADERS)
#include <string.h>
#else
@@ -33,24 +33,41 @@
/* Initialiaze dynamic string STRING with space for SIZE characters. */
void
-ds_init (dynamic_string *string, int size)
+ds_init (dynamic_string *string)
+{
+ memset (string, 0, sizeof *string);
+}
+
+/* Free the dynamic string storage. */
+
+void
+ds_free (dynamic_string *string)
{
- string->ds_length = size;
- string->ds_string = (char *) xmalloc (size);
+ free (string->ds_string);
}
-/* Expand dynamic string STRING, if necessary, to hold SIZE characters. */
+/* Expand dynamic string STRING, if necessary. */
void
-ds_resize (dynamic_string *string, int size)
+ds_resize (dynamic_string *string)
{
- if (size > string->ds_length)
+ if (string->ds_idx == string->ds_size)
{
- string->ds_length = size;
- string->ds_string = (char *) xrealloc ((char *) string->ds_string, size);
+ string->ds_string = x2nrealloc (string->ds_string, &string->ds_size,
+ 1);
}
}
+/* Reset the index of the dynamic string S to LEN. */
+
+void
+ds_reset (dynamic_string *s, size_t len)
+{
+ while (len > s->ds_size)
+ ds_resize (s);
+ s->ds_idx = len;
+}
+
/* Dynamic string S gets a string terminated by the EOS character
(which is removed) from file F. S will increase
in size during the function if the string from F is longer than
@@ -61,34 +78,50 @@ ds_resize (dynamic_string *string, int s
char *
ds_fgetstr (FILE *f, dynamic_string *s, char eos)
{
- int insize; /* Amount needed for line. */
- int strsize; /* Amount allocated for S. */
int next_ch;
/* Initialize. */
- insize = 0;
- strsize = s->ds_length;
+ s->ds_idx = 0;
/* Read the input string. */
- next_ch = getc (f);
- while (next_ch != eos && next_ch != EOF)
+ while ((next_ch = getc (f)) != eos && next_ch != EOF)
{
- if (insize >= strsize - 1)
- {
- ds_resize (s, strsize * 2 + 2);
- strsize = s->ds_length;
- }
- s->ds_string[insize++] = next_ch;
- next_ch = getc (f);
+ ds_resize (s);
+ s->ds_string[s->ds_idx++] = next_ch;
}
- s->ds_string[insize++] = '\0';
+ ds_resize (s);
+ s->ds_string[s->ds_idx] = '\0';
- if (insize == 1 && next_ch == EOF)
+ if (s->ds_idx == 0 && next_ch == EOF)
return NULL;
else
return s->ds_string;
}
+void
+ds_append (dynamic_string *s, int c)
+{
+ ds_resize (s);
+ s->ds_string[s->ds_idx] = c;
+ if (c)
+ {
+ s->ds_idx++;
+ ds_resize (s);
+ s->ds_string[s->ds_idx] = 0;
+ }
+}
+
+void
+ds_concat (dynamic_string *s, char const *str)
+{
+ size_t len = strlen (str);
+ while (len + 1 > s->ds_size)
+ ds_resize (s);
+ memcpy (s->ds_string + s->ds_idx, str, len);
+ s->ds_idx += len;
+ s->ds_string[s->ds_idx] = 0;
+}
+
char *
ds_fgets (FILE *f, dynamic_string *s)
{
@@ -100,3 +133,10 @@ ds_fgetname (FILE *f, dynamic_string *s)
{
return ds_fgetstr (f, s, '\0');
}
+
+/* Return true if the dynamic string S ends with character C. */
+int
+ds_endswith (dynamic_string *s, int c)
+{
+ return (s->ds_idx > 0 && s->ds_string[s->ds_idx - 1] == c);
+}
Index: cpio-2.13/src/dstring.h
===================================================================
--- cpio-2.13.orig/src/dstring.h
+++ cpio-2.13/src/dstring.h
@@ -17,10 +17,6 @@
Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
Boston, MA 02110-1301 USA. */
-#ifndef NULL
-#define NULL 0
-#endif
-
/* A dynamic string consists of record that records the size of an
allocated string and the pointer to that string. The actual string
is a normal zero byte terminated string that can be used with the
@@ -30,22 +26,25 @@
typedef struct
{
- int ds_length; /* Actual amount of storage allocated. */
- char *ds_string; /* String. */
+ size_t ds_size; /* Actual amount of storage allocated. */
+ size_t ds_idx; /* Index of the next free byte in the string. */
+ char *ds_string; /* String storage. */
} dynamic_string;
+#define DYNAMIC_STRING_INITIALIZER { 0, 0, NULL }
-/* Macros that look similar to the original string functions.
- WARNING: These macros work only on pointers to dynamic string records.
- If used with a real record, an "&" must be used to get the pointer. */
-#define ds_strlen(s) strlen ((s)->ds_string)
-#define ds_strcmp(s1, s2) strcmp ((s1)->ds_string, (s2)->ds_string)
-#define ds_strncmp(s1, s2, n) strncmp ((s1)->ds_string, (s2)->ds_string, n)
-#define ds_index(s, c) index ((s)->ds_string, c)
-#define ds_rindex(s, c) rindex ((s)->ds_string, c)
+void ds_init (dynamic_string *string);
+void ds_free (dynamic_string *string);
+void ds_reset (dynamic_string *s, size_t len);
-void ds_init (dynamic_string *string, int size);
-void ds_resize (dynamic_string *string, int size);
+/* All functions below guarantee that s->ds_string[s->ds_idx] == '\0' */
char *ds_fgetname (FILE *f, dynamic_string *s);
char *ds_fgets (FILE *f, dynamic_string *s);
char *ds_fgetstr (FILE *f, dynamic_string *s, char eos);
+void ds_append (dynamic_string *s, int c);
+void ds_concat (dynamic_string *s, char const *str);
+
+#define ds_len(s) ((s)->ds_idx)
+
+int ds_endswith (dynamic_string *s, int c);
+
Index: cpio-2.13/src/util.c
===================================================================
--- cpio-2.13.orig/src/util.c
+++ cpio-2.13/src/util.c
@@ -894,11 +894,9 @@ get_next_reel (int tape_des)
FILE *tty_out; /* File for interacting with user. */
int old_tape_des;
char *next_archive_name;
- dynamic_string new_name;
+ dynamic_string new_name = DYNAMIC_STRING_INITIALIZER;
char *str_res;
- ds_init (&new_name, 128);
-
/* Open files for interactive communication. */
tty_in = fopen (TTY_NAME, "r");
if (tty_in == NULL)
@@ -973,7 +971,7 @@ get_next_reel (int tape_des)
error (PAXEXIT_FAILURE, 0, _("internal error: tape descriptor changed from %d to %d"),
old_tape_des, tape_des);
- free (new_name.ds_string);
+ ds_free (&new_name);
fclose (tty_in);
fclose (tty_out);
}

36
fix-CVE-2021-38185_2.patch Normal file
View file

@ -0,0 +1,36 @@
From dfc801c44a93bed7b3951905b188823d6a0432c8 Mon Sep 17 00:00:00 2001
From: Sergey Poznyakoff <gray@gnu.org>
Date: Wed, 11 Aug 2021 18:10:38 +0300
Subject: Fix previous commit
* src/dstring.c (ds_reset,ds_concat): Don't call ds_resize in a
loop.
---
src/dstring.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/dstring.c b/src/dstring.c
index 692d3e7..b7e0bb5 100644
--- a/src/dstring.c
+++ b/src/dstring.c
@@ -64,7 +64,7 @@ void
ds_reset (dynamic_string *s, size_t len)
{
while (len > s->ds_size)
- ds_resize (s);
+ s->ds_string = x2nrealloc (s->ds_string, &s->ds_size, 1);
s->ds_idx = len;
}
@@ -116,7 +116,7 @@ ds_concat (dynamic_string *s, char const *str)
{
size_t len = strlen (str);
while (len + 1 > s->ds_size)
- ds_resize (s);
+ s->ds_string = x2nrealloc (s->ds_string, &s->ds_size, 1);
memcpy (s->ds_string + s->ds_idx, str, len);
s->ds_idx += len;
s->ds_string[s->ds_idx] = 0;
--
cgit v1.2.1

13
fix-CVE-2021-38185_3.patch Normal file
View file

@ -0,0 +1,13 @@
Index: cpio-2.13/src/dstring.c
===================================================================
--- cpio-2.13.orig/src/dstring.c
+++ cpio-2.13/src/dstring.c
@@ -115,7 +115,7 @@ void
ds_concat (dynamic_string *s, char const *str)
{
size_t len = strlen (str);
- while (len + 1 > s->ds_size)
+ while (len + s->ds_idx + 1 > s->ds_size)
s->ds_string = x2nrealloc (s->ds_string, &s->ds_size, 1);
memcpy (s->ds_string + s->ds_idx, str, len);
s->ds_idx += len;

223
fix-CVE-2023-7207.patch Normal file
View file

@ -0,0 +1,223 @@
From 376d663340a9dc91c91a5849e5713f07571c1628 Mon Sep 17 00:00:00 2001
From: Sergey Poznyakoff <gray@gnu.org>
Date: Thu, 27 Apr 2023 15:14:23 +0300
Subject: Fix 45b0ee2b407913c533f7ded8d6f8cbeec16ff6ca.
The commit in question brought in more problems than solutions. To
properly fix the issue, use symlink placeholders, modelled after
delayed symlinks in tar.
* src/copyin.c (symlink_placeholder)
(replace_symlink_placeholders): New functions.
(copyin_link): Create symlink placeholder if --no-absolute-filenames
was given.
(process_copy_in): Replace placeholders after extraction.
* tests/CVE-2015-1197.at: Update. Don't use /tmp.
---
src/copyin.c | 173 ++++++++++++++++++++++++++++++++++++++++++-------
tests/CVE-2015-1197.at | 7 +-
2 files changed, 153 insertions(+), 27 deletions(-)
Index: cpio-2.13/src/copyin.c
===================================================================
--- cpio-2.13.orig/src/copyin.c
+++ cpio-2.13/src/copyin.c
@@ -31,6 +31,7 @@
#ifndef FNM_PATHNAME
# include <fnmatch.h>
#endif
+#include <hash.h>
#ifndef HAVE_LCHOWN
# define lchown(f,u,g) 0
@@ -621,6 +622,136 @@ copyin_device (struct cpio_file_stat* fi
file_hdr->c_mtime);
}
+struct delayed_link
+ {
+ /* The device and inode number of the placeholder. */
+ dev_t dev;
+ ino_t ino;
+
+ /* The desired link metadata. */
+ mode_t mode;
+ uid_t uid;
+ gid_t gid;
+ time_t mtime;
+
+ /* Link source and target names. */
+ char *source;
+ char target[1];
+ };
+
+static Hash_table *delayed_link_table;
+
+static size_t
+dl_hash (void const *entry, size_t table_size)
+{
+ struct delayed_link const *dl = entry;
+ uintmax_t n = dl->dev;
+ int nshift = (sizeof (n) - sizeof (dl->dev)) * CHAR_BIT;
+ if (0 < nshift)
+ n <<= nshift;
+ n ^= dl->ino;
+ return n % table_size;
+}
+
+static bool
+dl_compare (void const *a, void const *b)
+{
+ struct delayed_link const *da = a, *db = b;
+ return (da->dev == db->dev) & (da->ino == db->ino);
+}
+
+static int
+symlink_placeholder (char *oldpath, char *newpath, struct cpio_file_stat *file_stat)
+{
+ int fd = open (newpath, O_WRONLY | O_CREAT | O_EXCL, 0);
+ struct stat st;
+ struct delayed_link *p;
+ size_t newlen = strlen (newpath);
+
+ if (fd < 0)
+ {
+ open_error (newpath);
+ return -1;
+ }
+
+ if (fstat (fd, &st) != 0)
+ {
+ stat_error (newpath);
+ close (fd);
+ return -1;
+ }
+
+ close (fd);
+
+ p = xmalloc (sizeof (*p) + strlen (oldpath) + newlen + 1);
+ p->dev = st.st_dev;
+ p->ino = st.st_ino;
+
+ p->mode = file_stat->c_mode;
+ p->uid = file_stat->c_uid;
+ p->gid = file_stat->c_gid;
+ p->mtime = file_stat->c_mtime;
+
+ strcpy (p->target, newpath);
+ p->source = p->target + newlen + 1;
+ strcpy (p->source, oldpath);
+
+ if (!((delayed_link_table
+ || (delayed_link_table = hash_initialize (0, 0, dl_hash,
+ dl_compare, free)))
+ && hash_insert (delayed_link_table, p)))
+ xalloc_die ();
+
+ return 0;
+}
+
+static void
+replace_symlink_placeholders (void)
+{
+ struct delayed_link *dl;
+
+ if (!delayed_link_table)
+ return;
+ for (dl = hash_get_first (delayed_link_table);
+ dl;
+ dl = hash_get_next (delayed_link_table, dl))
+ {
+ struct stat st;
+
+ /* Make sure the placeholder file is still there. If not,
+ don't create a link, as the placeholder was probably
+ removed by a later extraction. */
+ if (lstat (dl->target, &st) == 0
+ && st.st_dev == dl->dev
+ && st.st_ino == dl->ino)
+ {
+ if (unlink (dl->target))
+ unlink_error (dl->target);
+ else
+ {
+ int res = UMASKED_SYMLINK (dl->source, dl->target, dl->mode);
+ if (res < 0 && create_dir_flag)
+ {
+ create_all_directories (dl->target);
+ res = UMASKED_SYMLINK (dl->source, dl->target, dl->mode);
+ }
+ if (res < 0)
+ symlink_error (dl->source, dl->target);
+ else if (!no_chown_flag)
+ {
+ uid_t uid = set_owner_flag ? set_owner : dl->uid;
+ gid_t gid = set_group_flag ? set_group : dl->gid;
+ if (lchown (dl->target, uid, gid) < 0 && errno != EPERM)
+ chown_error_details (dl->target, uid, gid);
+ }
+ }
+ }
+ }
+
+ hash_free (delayed_link_table);
+ delayed_link_table = NULL;
+}
+
static void
copyin_link (struct cpio_file_stat *file_hdr, int in_file_des)
{
@@ -646,28 +777,26 @@ copyin_link (struct cpio_file_stat *file
link_name = xstrdup (file_hdr->c_tar_linkname);
}
- res = UMASKED_SYMLINK (link_name, file_hdr->c_name,
- file_hdr->c_mode);
- if (res < 0 && create_dir_flag)
+ if (no_abs_paths_flag)
+ symlink_placeholder (link_name, file_hdr->c_name, file_hdr);
+ else
{
- create_all_directories (file_hdr->c_name);
res = UMASKED_SYMLINK (link_name, file_hdr->c_name,
file_hdr->c_mode);
- }
- if (res < 0)
- {
- error (0, errno, _("%s: Cannot symlink to %s"),
- quotearg_colon (link_name), quote_n (1, file_hdr->c_name));
- free (link_name);
- return;
- }
- if (!no_chown_flag)
- {
- uid_t uid = set_owner_flag ? set_owner : file_hdr->c_uid;
- gid_t gid = set_group_flag ? set_group : file_hdr->c_gid;
- if ((lchown (file_hdr->c_name, uid, gid) < 0)
- && errno != EPERM)
- chown_error_details (file_hdr->c_name, uid, gid);
+ if (res < 0 && create_dir_flag)
+ {
+ create_all_directories (file_hdr->c_name);
+ res = UMASKED_SYMLINK (link_name, file_hdr->c_name, file_hdr->c_mode);
+ }
+ if (res < 0)
+ symlink_error (link_name, file_hdr->c_name);
+ else if (!no_chown_flag)
+ {
+ uid_t uid = set_owner_flag ? set_owner : file_hdr->c_uid;
+ gid_t gid = set_group_flag ? set_group : file_hdr->c_gid;
+ if (lchown (file_hdr->c_name, uid, gid) < 0 && errno != EPERM)
+ chown_error_details (file_hdr->c_name, uid, gid);
+ }
}
free (link_name);
}
@@ -1418,6 +1547,7 @@ process_copy_in ()
if (dot_flag)
fputc ('\n', stderr);
+ replace_symlink_placeholders ();
apply_delayed_set_stat ();
cpio_file_stat_free (&file_hdr);

30
fix-bsc1219238.patch Normal file
View file

@ -0,0 +1,30 @@
From e3cc782c610729de7622a274e532817c18262a9d Mon Sep 17 00:00:00 2001
From: Sergey Poznyakoff <gray@gnu.org>
Date: Thu, 18 May 2023 09:00:12 +0300
Subject: Fix operation of --no-absolute-filenames --make-directories
* src/copyin.c (symlink_placeholder): Try to create leading
directories if unable to create placeholder.
---
src/copyin.c | 6 ++++++
1 file changed, 6 insertions(+)
Index: cpio-2.13/src/copyin.c
===================================================================
--- cpio-2.13.orig/src/copyin.c
+++ cpio-2.13/src/copyin.c
@@ -667,7 +667,13 @@ symlink_placeholder (char *oldpath, char
struct stat st;
struct delayed_link *p;
size_t newlen = strlen (newpath);
-
+
+ if (fd < 0 && create_dir_flag)
+ {
+ create_all_directories (newpath);
+ fd = open (newpath, O_WRONLY | O_CREAT | O_EXCL, 0);
+ }
+
if (fd < 0)
{
open_error (newpath);

13
paxutils-rtapelib_mtget.patch Normal file
View file

@ -0,0 +1,13 @@
Index: cpio-2.13/lib/rtapelib.c
===================================================================
--- cpio-2.13.orig/lib/rtapelib.c
+++ cpio-2.13/lib/rtapelib.c
@@ -711,7 +711,7 @@ rmt_ioctl__ (int handle, int operation,
|| (status = get_status (handle), status == -1))
return -1;
- if (status > sizeof (struct mtop))
+ if (status > sizeof (struct mtget))
{
errno = EOVERFLOW;
return -1;