ZhuningOS/gzip
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Initialize for gzip

Browse source
This commit is contained in:
zyppe 2024-02-07 23:17:56 +08:00
commit 9552601852
17 changed files with 2467 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.gitignore vendored Normal file
View file

@ -0,0 +1 @@
gzip-1.10.tar.xz

1
.gzip.metadata Normal file
View file

@ -0,0 +1 @@
9cc89b610eb2b70739cb716a9bc07b4bfdda7355b53c5b2100eb60a02136c24e gzip-1.10.tar.xz

160
bsc1198062-2.patch Normal file
View file

@ -0,0 +1,160 @@
From 9d3248751178939713a39115cf68ec8a11506cc9 Mon Sep 17 00:00:00 2001
From: Paul Eggert <eggert@cs.ucla.edu>
Date: Tue, 5 Apr 2022 15:16:33 -0700
Subject: [PATCH 7/7] zgrep: fix "binary file matches" mislabeling
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Problem reported by Jim Avera (Bug#31280).
This became more of an issue when GNU grep 3.5 (2020) started sending
"binary file matches" diagnostics to stderr instead of to stdout.
* tests/Makefile.am (TESTS): Add zgrep-binary.
* tests/zgrep-binary: New test.
* zgrep.in (args): New var, to accumulate args separately
from grep command, so we can prepend args if need be.
Most uses of 'grep' changed to use 'args' instead, or also.
(with_filename): Set to 1 if more than one file and -h not given;
this simplifies later code.
(gnuish_grep): New var; evaluates to true if grep supports
-H and --label options, as is true for GNU and FreeBSD grep.
Append -H to 'grep' if outputting file names with GNUish grep,
and use --label with GNUish grep unless reading from stdin,
as thats safer and more efficient than relabeling with 'sed'.
---
NEWS | 3 +++
tests/Makefile.am | 1 +
tests/zgrep-binary | 30 ++++++++++++++++++++++++++++++
zgrep.in | 28 +++++++++++++++++++---------
4 files changed, 53 insertions(+), 9 deletions(-)
create mode 100755 tests/zgrep-binary
Index: gzip-1.10/tests/Makefile.am
===================================================================
--- gzip-1.10.orig/tests/Makefile.am
+++ gzip-1.10/tests/Makefile.am
@@ -35,6 +35,7 @@ TESTS = \
zdiff \
zgrep-f \
zgrep-abuse \
+ zgrep-binary \
zgrep-context \
zgrep-signal \
znew-k
Index: gzip-1.10/tests/zgrep-binary
===================================================================
--- /dev/null
+++ gzip-1.10/tests/zgrep-binary
@@ -0,0 +1,30 @@
+#!/bin/sh
+# 'zgrep PATTERN FILE' would output "(standard input): binary file matches"
+# without mentioning FILE. Fixed in gzip-1.12.
+
+# Copyright (C) 2022 Free Software Foundation, Inc.
+
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <https://www.gnu.org/licenses/>.
+# limit so don't run it by default.
+
+. "${srcdir=.}/init.sh"; path_prepend_ ..
+
+fail=0
+
+unset GREP_OPTIONS
+
+printf 'foo\0\n' >f || framework_failure_
+LC_ALL=C zgrep foo f >out 2>err && grep '(standard input)' out err && fail=1
+
+Exit $fail
Index: gzip-1.10/zgrep.in
===================================================================
--- gzip-1.10.orig/zgrep.in
+++ gzip-1.10/zgrep.in
@@ -23,6 +23,7 @@
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
grep='${GREP-'\''@GREP@'\''}'
+args=
version='zgrep (gzip) @VERSION@
Copyright (C) 2010-2018 Free Software Foundation, Inc.
@@ -178,7 +179,7 @@ while test $# -ne 0; do
option="'$option'";;
esac
- grep="$grep $option$optarg"
+ args="$args $option$optarg"
done
eval "set -- $operands "'${1+"$@"}'
@@ -186,15 +187,23 @@ eval "set -- $operands "'${1+"$@"}'
if test $have_pat -eq 0; then
case ${1?"missing pattern; try \`$0 --help' for help"} in
(*\'*)
- grep="$grep -- '"$(printf '%s\n' "$1" | LC_ALL=C sed "$escape");;
+ args="$args -- '"$(printf '%s\n' "$1" | LC_ALL=C sed "$escape");;
(*)
- grep="$grep -- '$1'";;
+ args="$args -- '$1'";;
esac
shift
fi
if test $# -eq 0; then
set -- -
+elif test 1 -lt $# && test $no_filename -eq 0; then
+ with_filename=1
+fi
+
+l_e=$(eval "(echo e | $grep -H --label=l e) 2>/dev/null") && test "$l_e" = l:e
+gnuish_grep="test $? -eq 0"
+if $gnuish_grep && test $with_filename -eq 1; then
+ grep="$grep -H"
fi
exec 3>&1
@@ -221,9 +230,9 @@ do
exec 5>&1
($uncompress -cdfq -- "$i" 5>&-; echo $? >&5) 3>&- |
if test $files_with_matches -eq 1; then
- eval "$grep" >/dev/null && { printf '%s\n' "$i" || exit 2; }
+ eval "$grep$args" >/dev/null && { printf '%s\n' "$i" || exit 2; }
elif test $files_without_matches -eq 1; then
- eval "$grep" >/dev/null || {
+ eval "$grep$args" >/dev/null || {
r=$?
if test $r -eq 1; then
printf '%s\n' "$i" || r=2
@@ -231,9 +240,10 @@ do
test 256 -le $r && r=$(expr 128 + $r % 128)
exit $r
}
- elif test $with_filename -eq 0 &&
- { test $# -eq 1 || test $no_filename -eq 1; }; then
- eval "$grep"
+ elif $gnuish_grep && test "$i" != -; then
+ eval "$grep --label \"\$i\"$args"
+ elif $gnuish_grep || test $with_filename -eq 0; then
+ eval "$grep$args"
else
case $i in
(*'
@@ -247,7 +257,7 @@ do
# Fail if grep or sed fails.
r=$(
exec 4>&1
- (eval "$grep" 4>&-; echo $? >&4) 3>&- |
+ (eval "$grep$args" 4>&-; echo $? >&4) 3>&- |
LC_ALL=C sed "$sed_script" >&3 4>&-
) || { r=$?; test $r -lt 2 && r=2; }
test 256 -le $r && r=$(expr 128 + $r % 128)

407
bsc1198062.patch Normal file
View file

@ -0,0 +1,407 @@
From 53f56145cc4fc9f14060c0a022f502c210d175a7 Mon Sep 17 00:00:00 2001
From: Lasse Collin <lasse.collin@tukaani.org>
Date: Mon, 28 Mar 2022 09:35:27 -0700
Subject: [PATCH 1/6] zgrep: avoid exploit via multi-newline file names
* zgrep.in: The issue with the old code is that with multiple
newlines, the N-command will read the second line of input,
then the s-commands will be skipped because it's not the end
of the file yet, then a new sed cycle starts and the pattern
space is printed and emptied. So only the last line or two get
escaped. This patch makes sed read all lines into the pattern
space and then do the escaping.
This vulnerability was discovered by:
cleemy desu wayo working with Trend Micro Zero Day Initiative
---
zgrep.in | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/zgrep.in b/zgrep.in
index 345dae3..bdf7da2 100644
--- a/zgrep.in
+++ b/zgrep.in
@@ -222,9 +222,13 @@ do
'* | *'&'* | *'\'* | *'|'*)
i=$(printf '%s\n' "$i" |
sed '
- $!N
- $s/[&\|]/\\&/g
- $s/\n/\\n/g
+ :start
+ $!{
+ N
+ b start
+ }
+ s/[&\|]/\\&/g
+ s/\n/\\n/g
');;
esac
sed_script="s|^|$i:|"
--
2.35.1.677.gabf474a5dd
From 9973b95d1ea12c3372805074f152bec66d81a9b4 Mon Sep 17 00:00:00 2001
From: Jim Meyering <meyering@fb.com>
Date: Mon, 28 Mar 2022 09:35:27 -0700
Subject: [PATCH 2/6] zgrep: add NEWS and tests for this exploitable bug
* tests/zgrep-abuse: New file, based on PoC by cleemy desu wayo.
* tests/Makefile.am (TESTS): Add it.
* NEWS: Mention the exploit.
The bug appears to have been present since the beginning.
---
NEWS | 3 +++
tests/Makefile.am | 1 +
tests/zgrep-abuse | 43 +++++++++++++++++++++++++++++++++++++++++++
3 files changed, 47 insertions(+)
create mode 100755 tests/zgrep-abuse
diff --git a/tests/Makefile.am b/tests/Makefile.am
index d09672e..5f148d6 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -36,6 +36,7 @@ TESTS = \
z-suffix \
zdiff \
zgrep-f \
+ zgrep-abuse \
zgrep-context \
zgrep-signal \
znew-k
diff --git a/tests/zgrep-abuse b/tests/zgrep-abuse
new file mode 100755
index 0000000..f1d6699
--- /dev/null
+++ b/tests/zgrep-abuse
@@ -0,0 +1,43 @@
+#!/bin/sh
+# Show how zgrep applied to a crafted file name may overwrite
+# a selected file with chosen content. Fixed in gzip-1.12.
+
+# Copyright (C) 2022 Free Software Foundation, Inc.
+
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <https://www.gnu.org/licenses/>.
+# limit so don't run it by default.
+
+. "${srcdir=.}/init.sh"; path_prepend_ ..
+
+f=z
+echo test > $f || framework_failure_
+gzip $f || framework_failure_
+cp $f.gz 'zfile_crafted|
+p
+1s|.*|hacked1|
+1w hacked
+etouch .\x2fhacked2
+d
+#
+#' || framework_failure_
+
+fail=0
+
+zgrep test z*
+
+# Before, each of these would be created.
+test -f hacked && fail=1
+test -f hacked2 && fail=1
+
+Exit $fail
--
2.35.1.677.gabf474a5dd
From 7801e55ae389b24dfda1d29bf7cadb434472c8dd Mon Sep 17 00:00:00 2001
From: Paul Eggert <eggert@cs.ucla.edu>
Date: Mon, 28 Mar 2022 09:35:27 -0700
Subject: [PATCH 3/6] zgrep: port to POSIX sed
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
* zgrep.in (res): When escaping the file name do not rely on GNU
seds extension to POSIX with respect to s/.../\n/. Instead, use
features that should also work with AIX and/or Solaris sed. This is
simpler anyway, and would have prevented the recently-fixed bug.
---
zgrep.in | 15 ++++-----------
1 file changed, 4 insertions(+), 11 deletions(-)
diff --git a/zgrep.in b/zgrep.in
index bdf7da2..6a16dd1 100644
--- a/zgrep.in
+++ b/zgrep.in
@@ -220,18 +220,11 @@ do
case $i in
(*'
'* | *'&'* | *'\'* | *'|'*)
- i=$(printf '%s\n' "$i" |
- sed '
- :start
- $!{
- N
- b start
- }
- s/[&\|]/\\&/g
- s/\n/\\n/g
- ');;
+ icolon=$(printf '%s\n' "$i:" |
+ sed -e 's/[&\|]/\\&/g' -e '$!s/$/\\/');;
+ (*) icolon="$i:";;
esac
- sed_script="s|^|$i:|"
+ sed_script="s|^|$icolon|"
# Fail if grep or sed fails.
r=$(
--
2.35.1.677.gabf474a5dd
From ce2bf56a5e3e1814c08513c2d4141a50041e1ae4 Mon Sep 17 00:00:00 2001
From: Paul Eggert <eggert@cs.ucla.edu>
Date: Mon, 28 Mar 2022 09:35:27 -0700
Subject: [PATCH 4/6] gzip: mention when fixed bugs were introduced
---
NEWS | 2 ++
1 file changed, 2 insertions(+)
--
2.35.1.677.gabf474a5dd
From 42641236d0bb239768794eec93a86c42cbfc2f6a Mon Sep 17 00:00:00 2001
From: Paul Eggert <eggert@cs.ucla.edu>
Date: Mon, 28 Mar 2022 09:35:27 -0700
Subject: [PATCH 5/6] gzexe: optimize out a grep
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
* gzexe.in: Avoid an unnecessary invocation of grep,
by using sed instead. Also, look only for at-most-3-digit numbers,
for consistency with the rest of the script.
---
gzexe.in | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/gzexe.in b/gzexe.in
index 04b06a9..1a691e0 100644
--- a/gzexe.in
+++ b/gzexe.in
@@ -91,10 +91,11 @@ for i do
continue
fi
if test $decomp -eq 0; then
- if sed -e 1d -e 2q "$file" | grep "^skip=[0-9][0-9]*$" >/dev/null; then
+ case `sed -n -e 1d -e '/^skip=[0-9][0-9]*$/p' -e 2q "$file"` in
+ skip=[0-9] | skip=[0-9][0-9] | skip=[0-9][0-9][0-9])
printf >&2 '%s\n' "$0: $i is already gzexe'd"
- continue
- fi
+ continue;;
+ esac
fi
if test -u "$file"; then
printf >&2 '%s\n' "$0: $i has setuid permission, unchanged"
--
2.35.1.677.gabf474a5dd
From 526466454cef8dbfcf552e16a171a44f181c8ca0 Mon Sep 17 00:00:00 2001
From: Paul Eggert <eggert@cs.ucla.edu>
Date: Mon, 28 Mar 2022 09:35:27 -0700
Subject: [PATCH 6/6] maint: use C locale more often
* gzexe.in, zdiff.in, zgrep.in:
Run expr and sed in the C locale when it might help to avoid
undefined behavior on non-GNU platforms.
* sample/zfile, znew.in: Run in the C locale, for simplicity and
to avoid undefined behavior on non-GNU platforms.
---
gzexe.in | 4 ++--
sample/zfile | 3 +++
zdiff.in | 4 ++--
zgrep.in | 29 +++++++++++++++++------------
znew.in | 3 +++
5 files changed, 27 insertions(+), 16 deletions(-)
diff --git a/gzexe.in b/gzexe.in
index 1a691e0..5fc7204 100644
--- a/gzexe.in
+++ b/gzexe.in
@@ -91,7 +91,7 @@ for i do
continue
fi
if test $decomp -eq 0; then
- case `sed -n -e 1d -e '/^skip=[0-9][0-9]*$/p' -e 2q "$file"` in
+ case `LC_ALL=C sed -n -e 1d -e '/^skip=[0-9][0-9]*$/p' -e 2q "$file"` in
skip=[0-9] | skip=[0-9][0-9] | skip=[0-9][0-9][0-9])
printf >&2 '%s\n' "$0: $i is already gzexe'd"
continue;;
@@ -203,7 +203,7 @@ EOF
else
# decompression
skip=44
- skip_line=`sed -e 1d -e 2q "$file"`
+ skip_line=`LC_ALL=C sed -e 1d -e 2q "$file"`
case $skip_line in
skip=[0-9] | skip=[0-9][0-9] | skip=[0-9][0-9][0-9])
eval "$skip_line";;
diff --git a/sample/zfile b/sample/zfile
index 6b4514c..d6e7a59 100755
--- a/sample/zfile
+++ b/sample/zfile
@@ -1,5 +1,8 @@
#!/bin/sh
+LC_ALL=C
+export LC_ALL
+
if test $# = 0; then
echo 'zfile: file(1) for programs which may be compressed with gzexe'
echo usage: `basename $0` files...
diff --git a/zdiff.in b/zdiff.in
index 012024e..eb4752b 100644
--- a/zdiff.in
+++ b/zdiff.in
@@ -59,7 +59,7 @@ do
--h*) printf '%s\n' "$usage" || exit 2; exit;;
--v*) printf '%s\n' "$version" || exit 2; exit;;
--) shift; break;;
- -*\'*) cmp="$cmp '"`printf '%sX\n' "$1" | sed "$escape"`;;
+ -*\'*) cmp="$cmp '"`printf '%sX\n' "$1" | LC_ALL=C sed "$escape"`;;
-?*) cmp="$cmp '$1'";;
*) break;;
esac
@@ -103,7 +103,7 @@ case $file2 in
if test $# -eq 1; then
case $1 in
*[-.]gz* | *[-.][zZ] | *.t[ga]z)
- FILE=`expr "X$1" : 'X\(.*\)[-.][zZtga]*$'`
+ FILE=`LC_ALL=C expr "X$1" : 'X\(.*\)[-.][zZtga]*$'`
gzip_status=$(
exec 4>&1
(gzip -cd -- "$1" 4>&-; echo $? >&4) 3>&- | eval "$cmp" - '"$FILE"' >&3
diff --git a/zgrep.in b/zgrep.in
index 6a16dd1..2cb2426 100644
--- a/zgrep.in
+++ b/zgrep.in
@@ -64,30 +64,33 @@ while test $# -ne 0; do
case $option in
(-[0123456789EFGHIKLPRTUVZabchilnoqrsuvwxyz]*[!0123456789]*)
- arg2=-\'$(expr "X$option" : 'X-.[0-9]*\(.*\)' | sed "$escape")
+ arg2=-\'$(LC_ALL=C expr "X$option" : 'X-.[0-9]*\(.*\)' |
+ LC_ALL=C sed "$escape")
eval "set -- $arg2 "'${1+"$@"}'
- option=$(expr "X$option" : 'X\(-.[0-9]*\)');;
+ option=$(LC_ALL=C expr "X$option" : 'X\(-.[0-9]*\)');;
(--binary-*=* | --[lm]a*=* | --reg*=*)
;;
(-[ABCDXdefm] | binary-* | --file | --[lm]a* | --reg*)
case ${1?"$option option requires an argument"} in
(*\'*)
- optarg=" '"$(printf '%s\n' "$1" | sed "$escape");;
+ optarg=" '"$(printf '%s\n' "$1" | LC_ALL=C sed "$escape");;
(*)
optarg=" '$1'";;
esac
shift;;
(-f?*\'*)
- optarg=" '"$(expr "X$option" : 'X-f\(.*\)' | sed "$escape")
+ optarg=" '"$(LC_ALL=C expr "X$option" : 'X-f\(.*\)' |
+ LC_ALL=C sed "$escape")
option=-f;;
(-f?*)
- optarg=" '"$(expr "X$option" : 'X-f\(.*\)')\'
+ optarg=" '"$(LC_ALL=C expr "X$option" : 'X-f\(.*\)')\'
option=-f;;
(--file=*\'*)
- optarg=" '"$(expr "X$option" : 'X--file=\(.*\)' | sed "$escape")
+ optarg=" '"$(LC_ALL=C expr "X$option" : 'X--file=\(.*\)' |
+ LC_ALL=C sed "$escape")
option=--file;;
(--file=*)
- optarg=" '"$(expr "X$option" : 'X--file=\(.*\)')\'
+ optarg=" '"$(LC_ALL=C expr "X$option" : 'X--file=\(.*\)')\'
option=--file;;
(--)
break;;
@@ -96,7 +99,8 @@ while test $# -ne 0; do
(*)
case $option in
(*\'*)
- operands="$operands '"$(printf '%s\n' "$option" | sed "$escape");;
+ operands="$operands '"$(printf '%s\n' "$option" | LC_ALL=C sed "$escape")
+ ;;
(*)
operands="$operands '$option'";;
esac
@@ -169,7 +173,7 @@ while test $# -ne 0; do
case $option in
(*\'?*)
- option=\'$(printf '%s\n' "$option" | sed "$escape");;
+ option=\'$(printf '%s\n' "$option" | LC_ALL=C sed "$escape");;
(*)
option="'$option'";;
esac
@@ -182,7 +186,7 @@ eval "set -- $operands "'${1+"$@"}'
if test $have_pat -eq 0; then
case ${1?"missing pattern; try \`$0 --help' for help"} in
(*\'*)
- grep="$grep -- '"$(printf '%s\n' "$1" | sed "$escape");;
+ grep="$grep -- '"$(printf '%s\n' "$1" | LC_ALL=C sed "$escape");;
(*)
grep="$grep -- '$1'";;
esac
@@ -221,7 +225,7 @@ do
(*'
'* | *'&'* | *'\'* | *'|'*)
icolon=$(printf '%s\n' "$i:" |
- sed -e 's/[&\|]/\\&/g' -e '$!s/$/\\/');;
+ LC_ALL=C sed -e 's/[&\|]/\\&/g' -e '$!s/$/\\/');;
(*) icolon="$i:";;
esac
sed_script="s|^|$icolon|"
@@ -229,7 +233,8 @@ do
# Fail if grep or sed fails.
r=$(
exec 4>&1
- (eval "$grep" 4>&-; echo $? >&4) 3>&- | sed "$sed_script" >&3 4>&-
+ (eval "$grep" 4>&-; echo $? >&4) 3>&- |
+ LC_ALL=C sed "$sed_script" >&3 4>&-
) || { r=$?; test $r -lt 2 && r=2; }
test 256 -le $r && r=$(expr 128 + $r % 128)
exit $r
diff --git a/znew.in b/znew.in
index 45d0764..ea76a22 100644
--- a/znew.in
+++ b/znew.in
@@ -18,6 +18,9 @@
# with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+LC_ALL=C
+export LC_ALL
+
version="znew (gzip) @VERSION@
Copyright (C) 2010-2018 Free Software Foundation, Inc.
This is free software. You may redistribute copies of it under the terms of
--
2.35.1.677.gabf474a5dd

76
gzip-1.10-fix-DFLTCC-segfault.patch Normal file
View file

@ -0,0 +1,76 @@
From be0a534ba2b6e77da289de8da79e70843b1028cc Mon Sep 17 00:00:00 2001
From: Ilya Leoshkevich <iii@linux.ibm.com>
Date: Thu, 24 Sep 2020 00:08:56 +0200
Subject: Fix DFLTCC segfault when compressing or decompressing two files
The value in total_in global variable from processing the first file
affected processing of the second file. Fix by making total_in local.
---
dfltcc.c | 14 ++++++++------
1 file changed, 8 insertions(+), 6 deletions(-)
diff --git a/dfltcc.c b/dfltcc.c
index 86aa56e..3a5b92d 100644
--- a/dfltcc.c
+++ b/dfltcc.c
@@ -242,10 +242,8 @@ dfltcc_gdht (struct dfltcc_param_v0 *param)
dfltcc (DFLTCC_GDHT, param, NULL, NULL, &next_in, &avail_in, NULL);
}
-static off_t total_in;
-
static dfltcc_cc
-dfltcc_cmpr_xpnd (struct dfltcc_param_v0 *param, int fn)
+dfltcc_cmpr_xpnd (struct dfltcc_param_v0 *param, int fn, off_t *total_in)
{
uch *next_out = outbuf + outcnt;
size_t avail_out = OUTBUFSIZ - outcnt;
@@ -257,7 +255,7 @@ dfltcc_cmpr_xpnd (struct dfltcc_param_v0 *param, int fn)
window);
off_t consumed_in = next_in - (inbuf + inptr);
inptr += consumed_in;
- total_in += consumed_in;
+ *total_in += consumed_in;
outcnt += ((OUTBUFSIZ - outcnt) - avail_out);
return cc;
}
@@ -349,6 +347,7 @@ dfltcc_deflate (int pack_level)
union aligned_dfltcc_param_v0 ctx_v0;
struct dfltcc_param_v0 *param = init_param (&ctx_v0);
+ off_t total_in = 0;
/* Compress ifd into ofd in a loop. */
while (true)
@@ -398,7 +397,8 @@ dfltcc_deflate (int pack_level)
}
/* Compress inbuf into outbuf. */
- while (dfltcc_cmpr_xpnd (param, DFLTCC_CMPR) == DFLTCC_CC_AGAIN)
+ while (dfltcc_cmpr_xpnd (param, DFLTCC_CMPR, &total_in)
+ == DFLTCC_CC_AGAIN)
;
/* Unmask the input data. */
@@ -427,6 +427,7 @@ dfltcc_inflate (void)
union aligned_dfltcc_param_v0 ctx_v0;
struct dfltcc_param_v0 *param = init_param (&ctx_v0);
+ off_t total_in = 0;
/* Decompress ifd into ofd in a loop. */
while (true)
@@ -446,7 +447,8 @@ dfltcc_inflate (void)
/* Decompress inbuf into outbuf. */
dfltcc_cc cc;
- while ((cc = dfltcc_cmpr_xpnd (param, DFLTCC_XPND)) == DFLTCC_CC_AGAIN)
+ while ((cc = dfltcc_cmpr_xpnd (param, DFLTCC_XPND, &total_in))
+ == DFLTCC_CC_AGAIN)
;
if (cc == DFLTCC_CC_OK)
{
--
cgit v1.2.1

26
gzip-1.10-fix_count_of_lines_to_skip.patch Normal file
View file

@ -0,0 +1,26 @@
From 38ae6a4ed36a7c86609a6a595add4298d9c202bc Mon Sep 17 00:00:00 2001
From: Paul Eggert <eggert@cs.ucla.edu>
Date: Tue, 26 Mar 2019 19:44:43 -0700
Subject: gzexe: fix count of lines to skip
Problem reported by Jakub Martisko (Bug#35002).
* gzexe.in (skip): Bump from 44 to 49.
---
gzexe.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/gzexe.in b/gzexe.in
index 8fca8c8..832cd07 100644
--- a/gzexe.in
+++ b/gzexe.in
@@ -145,7 +145,7 @@ for i do
if test $decomp -eq 0; then
(cat <<'EOF' &&
#!/bin/sh
-skip=44
+skip=49
tab=' '
nl='
--
cgit v1.2.1

1042
gzip-1.10-ibm_dfltcc_support.patch Normal file
View file

File diff suppressed because it is too large Load diff

16
gzip-1.10.tar.xz.sig Normal file
View file

@ -0,0 +1,16 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEFV0/xQDINEhtHupnf9n8ywAL7u4FAlwoWScACgkQf9n8ywAL
7u5k8w/9GZSHRagqimmB5Gh7qu4yEtM8gByvidpTFbJlkxz0+hy/7ETNqmIEy38a
89idBNFseW2WlH9A2aw4beP1s288k71AubnWp347OFMACCw/1pUmAdq8UsR3gxMS
G0jLEGVOIy8sUcrNTCqramNfQEZSZFFtC8jAPy4t9kYQRRXHqmHBQJKa7FxteA+x
3JXtHSV6AYOC3iBXCZffipi44r5eEh4fVSakWK8IzzYlYdwzHZ541CT/tMg+iWgf
BPEXV4BF9xwTYzwac8UkG8Cx/OPFnUumSITK8EOLsHa+sorItGmXI84L9UBp9SiC
tzJsOvmoXffDcO565sbfnA6kpA9siQCJ0MGWwalUULwvSufRxlxSDlCcyNiyL7Ki
S1bXaO594EfmBPetvllsQ0EMvrtPk2WL1Oan+5V0Ljkq8CBTvbIXrVNO/PWlAicK
6JzR30LSLSHa3eVtRd3Eiozu+VlJdrbmm5f6+ZCley3nTtAvyQ8WJUMPwHupIfiF
Ov1aqD6w+Qn26GrJcPR/Q6+zc2JGpCMTo9u+24l/mQNfJOZxh99YxV58d6gN7TqN
iGiJOuN8fnUhhrcOrqpC7WoA1awfz8HSHZTeoXkSBrkEYyxPTQKZTpN9lhtZe7TY
Khjj1y00zT75THuhBQQLJGOwGqmc9b5bCCjcC6QT7OSlUVv4W10=
=/Dx0
-----END PGP SIGNATURE-----

359
gzip.changes Normal file
View file

@ -0,0 +1,359 @@
* Thu May 5 2022 danilo.spinella@suse.com
- Add support to zstd in zgrep, fixes bsc#1198922
* xz_lzma.patch -> xz_lzma_zstd.patch
* Thu Apr 7 2022 danilo.spinella@suse.com
- Fix escaping of malicious filenames (CVE-2022-1271 bsc#1198062)
* bsc1198062.patch
* bsc1198062-2.patch
* Tue Apr 13 2021 pgajdos@suse.com
- fix DFLTCC segfault [bsc#1177047]
- added patches
fix https://git.savannah.gnu.org/cgit/gzip.git/commit/?id=be0a534ba2b6e77da289de8da79e70843b1028cc
+ gzip-1.10-fix-DFLTCC-segfault.patch
* Thu Mar 4 2021 kstreitova@suse.com
- gzip.spec: move %%patch10 from the ifarch condition (mistake)
* Wed Jan 27 2021 kstreitova@suse.com
- add gzip-1.10-fix_count_of_lines_to_skip.patch to fix count
of lines to skip [bsc#1180713]
* Wed Sep 2 2020 kstreitova@suse.com
- Enable DFLTCC compression for s390x for levels 1-6 (i. e. to make
it used by default) by adding -DDFLTCC_LEVEL_MASK=0x7e to CLFAGS.
[jsc#SLE-13775]
* Tue Aug 27 2019 kstreitova@suse.com
- refresh gzip-1.10-ibm_dfltcc_support.patch to fix three data
corruption issues [bsc#1145276] [jsc#SLE-5818] [jsc#SLE-8914]
* Thu Jun 6 2019 kstreitova@suse.com
- add gzip-1.10-ibm_dfltcc_support.patch [jsc#SLE-5818] [jsc#SLE-8914]
* it adds support for DFLTCC (hardware-accelerated deflation)
for s390x arch
* enable it via "--enable-dfltcc" option
* Sun Dec 30 2018 astieger@suse.com
- gzip 1.10:
* Compressed gzip output no longer contains the current time as
a timestamp when the input is not a regular file. Instead, the
output contains a null (zero) timestamp. This makes gzip's
behavior more reproducible when used as part of a pipeline.
* A use of uninitialized memory on some malformed inputs has been
fixed.
* A few theoretical race conditions in signal handers have been
fixed.
- drop upstreamed patches:
* gnulib-libio.patch
* gzip-1.8-deprecate_netstat.patch
* Wed Aug 1 2018 schwab@suse.de
- gnulib-libio.patch: Update gnulib for libio.h removal
* Thu Feb 22 2018 fvogt@suse.com
- Use %%license (boo#1082318)
* Fri Jan 12 2018 meissner@suse.com
- license is GPL-3.0+
* Thu Jan 11 2018 kbabioch@suse.com
- Update to 1.9
* Fix suffix handling
* Fix bug when handling pack format while decompressing
* Fix time handling bug
* Improve exit code handling for shell scripts
- remove gzip-1.8-fix_unpack_EOB_check.patch as it is included
upstream now
- refresh manpage-no-date.patch
- spec file cleanups
* Tue Jan 2 2018 kstreitova@suse.com
- add gzip-1.8-deprecate_netstat.patch to get rid of deprecated
'netstat -n' command in tests/init.sh script
* Fri Dec 1 2017 kstreitova@suse.com
- add gzip-1.8-fix_unpack_EOB_check.patch to fix mishandling of
leading zeros in the end-of-block code [bsc#1067891]
* Wed May 31 2017 bwiedemann@suse.com
- Make build reproducible in spite of gcc profile based optimizations
(boo#1040589)
* Tue May 30 2017 src@posteo.de
- changing the way how gcc profiling is generating to have a reproducible
build
* Tue Apr 11 2017 kstreitova@suse.com
- define %%{_buildshell} to /bin/bash as we newly rely on bash
features like {1..9}
* Thu Mar 23 2017 kstreitova@suse.com
- cleanup with spec-cleaner
- use loop with a range instead of a number list
* Wed Apr 27 2016 mpluskal@suse.com
- Update to 1.8
* gzip -l no longer falsely reports a write error when writing to
a pipe.
* Port to Oracle Solaris Studio 12 on x86-64.
* When configuring gzip, ./configure DEFS='...-DNO_ASM...' now
suppresses assembler again.
- Small spec file cleanup
* Tue Mar 29 2016 tchvatal@suse.com
- Version update to release 1.7:
* gzip now accepts the --synchronous option
* gzip now accepts the --rsyncable option
* The GZIP environment variable is now obsolescent
* Installed programs like 'zgrep' now use the PATH environment variable as
usual to find subsidiary programs like 'gzip' and 'grep'
- Remove obsolete patch tempfile.diff
- Remove upstreamed patch gzip-rsyncable.diff
- Rebase manpage-no-date.patch to apply to 1.7 version
* Tue Mar 29 2016 tchvatal@suse.com
- Rename reproducible.patch to something actually explanatory:
* manpage-no-date.patch
* Sun Mar 20 2016 bwiedemann@suse.com
- Add reproducible.patch to fix build-compare
* Fri Dec 19 2014 meissner@suse.com
- build with PIE
* Mon May 12 2014 vdziewiecki@suse.com
- Remove unneeded update-alternatives requirement (bnc#876129)
- Clean spec
* Thu Sep 26 2013 schwab@suse.de
- Don't install twice
* Tue Jul 30 2013 sweet_f_a@gmx.de
- add the correct project URL
* Tue Jul 9 2013 schwab@suse.de
- Override broken configure checks
* Mon Jun 10 2013 jengelh@inai.de
- Update to new upstream release 1.6
* The "--keep" (-k) option was added to not delete input files,
similar to other tools such as xz, lzip, and bzip2.
* A decompression issue with certain invalid data in the "pack"
format was fixed.
* An incorrect overwrite when compiled with optimization was fixed.
* zgrep's handling of multi-digit context options was fixed.
* zmore now acts more like "more".
- More robust make install call
- Provide files for signature verification (we do not actually do
it because gzip is part of the bootstrap cycle; but if you have
gpg-offline listed as Support or in ~/.oscrc, it will be done)
* Thu Mar 28 2013 mmeister@suse.com
- Added url as source.
Please see http://en.opensuse.org/SourceUrls
* Tue Jan 29 2013 vdziewiecki@suse.com
- Add support for xz and lzma (bnc#799561 - zgrep silently fails on
LZMA compressed files) - xz_lzma.patch
* Tue Oct 16 2012 vcizek@suse.com
- update to 1.5
- gzip -cdf mishandles some concatenated input streams: test it
- gzip -cdf now handles concatenation of gzip'd and uncompressed data
- gzip: fix a data-loss bug when decompressing with --suffix=''
- gzip: fix nondeterministic compression results
- fix "znew -K" to work without use of compress utility
- Decode FHCRC flag properly, as per Internet RFC 1952.
- zgrep: fix parsing of -Eh options
- zgrep: terminate gracefully when a pipeline is interrupted by a signal
- zgrep: fix shell portability bug with -f; fix mishandling of "-e -"
- zless: decompress stdin too, if less 429 or later
- dropped gzip-stdio.in.patch, refreshed others
* Tue Jul 17 2012 aj@suse.de
- Fix build with missing gets declaration (glibc 2.16)
* Tue Feb 7 2012 rschweikert@suse.com
- keep binaries in /usr tree (UsrMerge project)
* Sat Nov 13 2010 cristian.rodriguez@opensuse.org
- disable silent rules.
* Sun Sep 19 2010 vuntz@opensuse.org
- Update to version 1.4:
+ gzip -d could segfault and/or clobber the stack, possibly
leading to arbitrary code execution. This affects x86_64 but
not 32-bit systems. This fixes CVE-2010-0001. See also
rh#554418.
+ gzip -d would fail with a CRC error for some valid inputs.
So far, the only valid input known to exhibit this failure was
compressed "from FAT filesystem (MS-DOS, OS/2, NT)". In
addition, to trigger the failure, your memcpy implementation
must copy in the "reverse" order.
- Drop gzip-CVE-2010-0001.diff: fixed upstream.
- Remove AutoReqProv: it's default now.
- Use %%configure, %%makeinstall, and %%{_bindir}.
- Update zdiff.diff: some of the patch is upstream now. It's
unclear to me if the rest is still needed :/ So leaving it.
- Rebase zgrep.diff.
* Mon Jun 28 2010 jengelh@medozas.de
- use %%_smp_mflags
* Tue Jan 19 2010 mseben@novell.com
- updated to 1.3.13
- gzip interprets an argument of "-" as indicating stdin, but when
"-" is not the first name on the command line, it doesn't work.
- remove useless if-before-free tests
- remove useless casts to avoid "make syntax-check" failures
- avoid spurious warnings from clang
- avoid a leak on a error path
- don't misinterpret a failing test as successful
- avoid creating an undersized buffer for the hufts table
A malformed input file can cause gzip to crash with a segmentation
violation or hang in an endless loop.
- avoid silent data loss e.g., on NFS, due to unchecked close of stdout
- build require automake-1.11 and produce xz-compressed tarballs, too
- deprecated futimens.diff and CVE-2009-2624.diff
* Thu Jan 14 2010 mseben@novell.com
- added gzip-CVE-2009-2624.diff and gzip-CVE-2010-0001.diff : fix
possible denial of service and arbitrary code execution
* Sun Dec 6 2009 jengelh@medozas.de
- enabled parallel make
* Tue Mar 10 2009 sf@suse.de
- added doc files (README, TODO, ...) (bnc #414305)
* Wed Jan 7 2009 schwab@suse.de
- Fixup rsyncable patch.
* Thu May 8 2008 schwab@suse.de
- Fix zdiff with two compressed files.
* Sun May 20 2007 schwab@suse.de
- Fix compiling with glibc 2.6.
* Sat Apr 14 2007 schwab@suse.de
- Update to gzip 1.3.12.
* znew now uses $TMPDIR (default /tmp) instead of always using /tmp.
* Tue Mar 27 2007 dmueller@suse.de
- reenable profile feedback
- remove hardcoded -mcpu=pentiumpro for x86
* Tue Feb 6 2007 schwab@suse.de
- Update to gzip 1.3.11.
* As per the GNU coding standards, the behavior of gzip and its
companion executables no longer depend on the name used to invoke them.
For example, 'gzip' and 'gunzip' are no longer hard links;
instead, 'gunzip' is now a small program that invokes 'gzip -d'.
* zdiff now checks for subsidiary gzip failures, and works around
bugs in IRIX 6 sh, Tru64 4.0F ksh, and Solaris 8 bash.
* Mon Jan 8 2007 schwab@suse.de
- Update to gzip 1.3.10.
* gzip -c and zcat now work on special files, files with special mode bits,
and files with multiple hard links.
* gzip -q now exits with status 2 (not 1) when SIGPIPE is received.
* zcmp and zdiff did not work in the usual case, due to a typo.
* zgrep has many bugs fixed with argument handling, special characters,
and exit status.
* zless no longer mishandles $%%=~ in file names.
* Fri Dec 15 2006 schwab@suse.de
- Update to gzip 1.3.9.
* No major changes; only porting fixes.
* Tue Dec 12 2006 schwab@suse.de
- Update to gzip 1.3.8.
* Fix some gzip problems:
- A security fix from Debian 1.3.5-5 was inadvertently omitted.
- The assembler is now invoked with --noexecstack if supported,
so that gzip can better resist stack-smashing attacks.
* Thu Dec 7 2006 schwab@suse.de
- Update to gzip 1.3.7.
* Fix some gzip problems:
- Refuse to compress setuid or setgid files, or files with the sticky bit.
- Fix more race conditions in setting file permissions and owner,
removing output files, following symbolic links, and dealing with
special files.
- Remove most of the code working around ENAMETOOLONG deficiencies.
Systems with those deficiencies are long-dead, and the workarounds
had race conditions on modern hosts.
- Catch CPU time and file size limit signals, too.
- Check for read errors when closing files.
- Fix a core dump caused by a stray abort mistakenly introduced in 1.3.6.
* Fix some gzexe problems:
- Improve resistance to denial-of-service attacks.
- Fix some quoting and escaping bugs.
- Do not assume /tmp is sticky (though it should be!).
- Do not assume the working directory can be written.
- Rely on PATH in the generated executable, as the man page says.
- Don't assume IFS is sane.
- Exit with signal's status, if signaled.
* Mon Dec 4 2006 schwab@suse.de
- Update to gzip 1.3.6.
* Fix some race conditions in setting file time stamps, permissions, and owner.
* Fix some race conditions in signal handling.
* When gzip exits due to a signal, it exits with the signal's status, not 1.
* gzip now restores file time stamps to the resolution supported by the
time-setting primitives of the operating system, typically 1 microsecond.
Formerly it restored them only to the nearest second.
* gzip -r no longer attempts to reset the last-access times of directories
it reads, as this messes up when other processes are reading the directories.
* The options --version and --help now work on all gzip-installed executables,
and now use a format similar to other GNU programs.
* The manual is now distributed under the terms of the GNU Free
Documentation License without invariant sections or cover texts.
* Port to current versions of Autoconf, Automake, and Gnulib.
* Wed Sep 13 2006 schwab@suse.de
- Verify hash tables when unpacking [#202365].
* Mon Mar 13 2006 schwab@suse.de
- Add rsyncable patch [#155442].
* Wed Jan 25 2006 mls@suse.de
- converted neededforbuild to BuildRequires
* Fri Nov 11 2005 pth@suse.de
- Don't obsolete compress.
* Mon Oct 31 2005 dmueller@suse.de
- build with non-executable stack
* Tue Jul 26 2005 schwab@suse.de
- Ignore directory part on saved file name [#79292].
* Tue Apr 19 2005 kukuk@suse.de
- Remove uncompress symlink [#78331]
* Thu Mar 24 2005 werner@suse.de
- Add support for bzip2 and simply pager options to zmore
* Mon May 3 2004 schwab@suse.de
- Fix quoting issues in zgrep [#39329].
* Fri Feb 27 2004 schwab@suse.de
- Add %%defattr.
* Tue Dec 2 2003 pthomas@suse.de
- Remove the patch for tail syntax as it's wrong and unnecessary.
* Thu Sep 18 2003 mmj@suse.de
- Fix tail syntax in gzexe [#31229]
* Thu Aug 28 2003 kukuk@suse.de
- Make sure we have no hardlinks from /bin to /usr/bin [Bug #29522]
* Tue Jun 17 2003 pthomas@suse.de
- Update to 1.3.5
- gzip now removes any output symlink before writing output file.
- zgrep etc. scripts now port to POSIX 1003.1-2001 hosts.
- zforce no longer assumes 14-byte file name length limit.
- zless is now implemented using less and LESSOPEN, not zmore and PAGER.
- assembly-language speedups reenabled; were mistakenly disabled in 1.3.
- Less output is lost when decompressing a truncated file.
- zgrep now supports --, -H, -h, -L, -l, -C, -d, -m and their long
equivalents.
* Wed Jun 4 2003 jh@suse.de
- Enable profile feedback
* Thu Apr 24 2003 ro@suse.de
- fix install_info --delete call and move from preun to postun
* Tue Apr 15 2003 coolo@suse.de
- use BuildRoot
* Sat Feb 8 2003 kukuk@suse.de
- Readded prereq for install-info, else we cannot install info
pages
- Add dir entry to info page
* Sat Feb 8 2003 ro@suse.de
- removed prereq for texinfo to avoid prereq-cycle
* Fri Feb 7 2003 ro@suse.de
- added install_info macros
* Wed Jan 29 2003 kukuk@suse.de
- Remove mimencode requires, it is optional
* Tue Dec 17 2002 werner@suse.de
- The `:' line of zgrep will be removed by configure
- zgrep requzires mimencode from metamail
* Tue Sep 17 2002 ro@suse.de
- removed bogus self-provides
* Thu Mar 14 2002 kukuk@suse.de
- Add uncompress compat link
* Wed Feb 6 2002 coolo@suse.de
- use %%suse_update_config
* Thu Jan 24 2002 okir@suse.de
- fixed tempfile race in zdiff (current code used bash noclobber
which is inherently racey)
* Wed Jun 6 2001 werner@suse.de
- Make zgrep knowing about bzip2
* Tue Apr 3 2001 uli@suse.de
- fixed for gcc >2.96
* Tue Mar 27 2001 bk@suse.de
- use i686 insn scheduling on i386 and strip binaries(performance)
- make tmpfiles in gzexe secure and improve znew tempdir creation
- remove unnessary expr use and fix gzip output checking in zforce
- add simple tests if gzip/gunzip work
* Mon Nov 27 2000 aj@suse.de
- Update to gzip 1.3.
* Wed Aug 23 2000 werner@suse.de
- Security changes for the znew script
* Mon May 1 2000 kukuk@suse.de
- LSB-FHS requires /bin/gunzip and /bin/zcat to /bin/gzip
* Tue Apr 18 2000 kukuk@suse.de
- Add /bin/zcat (required by FHS 2.1)
* Fri Feb 25 2000 schwab@suse.de
- cleanup spec file, get rid of Makefile.Linux
- define _GNU_SOURCE for basename declaration
- /usr/man -> /usr/share/man
- add gzip.info to file list
* Mon Sep 13 1999 bs@suse.de
- ran old prepare_spec on spec file to switch to new prepare_spec.
* Fri Mar 6 1998 florian@suse.de
- fixed security bug posted on Dez 27 to bugtraq
* Thu Jan 8 1998 bs@suse.de
- fixed "double" /bin/gzip & /usr/bin/gzip
* Thu Apr 24 1997 bs@suse.de
- added symlink /bin/gunzip
* Sun Apr 13 1997 florian@suse.de
- add bug-fixes from gnu.utils.bugs

72
gzip.keyring Normal file
View file

@ -0,0 +1,72 @@
pub 4096R/000BEEEE 2010-06-14
uid Jim Meyering <jim@meyering.net>
uid Jim Meyering <meyering@fb.com>
uid Jim Meyering <meyering@gnu.org>
uid [ opphevet] Jim Meyering <meyering@redhat.com>
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2.0.19 (GNU/Linux)
mQINBEwWvdkBEACyOXTiLBZ5MFNM6jmm83ui3MqW0/eD8TcAI4gt0gwOvd/jXerI
ros8dRVook7FBoNiFSiJSMVOiNPUMfv5h5wZm0bje33qTJPL7IanSKXtk/I7Za1G
EJfEnfgZI/d4EIV8wrl0WI1lPEteTgRJbo76zfLIUOHpynVC2Wm5gALJ4oeJIS0A
hYSzbFmHD9dFI7m3sO/HmbhxTiMISy0FbmoqE/cpo8ZX6eahND2UrS2oGNC0Ok8/
nN8XLPPsikx35FKx6bDTfoAK/svx6PK1sSPfAdoZFZ5Jy6Ti4zubebUD+5I8+bOn
6R9I7P0HerCTqMBLnf9LJHTPhTk8fHEwlAeH+WfpEmN9/4YORb84WY97tFbVK4f/
icEjnYBc0Ozl4qMGI1g/1R5Q9Z8qxLGsW9tNWyIfAf+2BhLA08RfA0wxmEf2Gnfp
J379s5c0U8xLZegOGRF1tOAEIC+5wRKFN/qU9zpLbUZIGrB+ysVeTlDuCDnTnyUe
WBQeRnfItl4taEN0/axNGB/NuHvxShyzxez/flbyqKwsxc35/a2OCbwmADeUh+ct
sYUGZya/GuXfejWbCuaqZLLkP6Ed9k4+LY+ww6jA7uNPRXpCYoXFo2WN9OaIqfb/
RDk6zW708qbxvcWKe6j9f8R0lPMYdtUzZhyxZxeZ0/2BdDyXAj1Wvnw1UwARAQAB
tB5KaW0gTWV5ZXJpbmcgPG1leWVyaW5nQGZiLmNvbT6JAjcEEwECACEFAlDwG/0C
Gy8FCwkIBwMFFQoJCAsFFgMCAQACHgECF4AACgkQf9n8ywAL7u75Ag/+IzQ1hoL/
qwCsVjhFdi2WloZ3+HREC1aeyAKiOduQijWg3dd4YZQeMGFHMgIqaHHOxWAijJP/
Qi5Y/k5cotE/gUSPX2lEldF+bA1ZpzgZbOiqfjpTFmsy8nXAeDRLusc8Tn/+vQVa
l9ZzcfG21CUEZaDLk+8OFpj8poqczPMsNpmsuy7CjK8TRIoHMVJk+h/P1AYaQpQw
qRg8+/Fzn1AnnNcVnRTE13lcfrG9EmCfF1A+Auy9BsPe2j0LlZHhXGOrK2JGUGO6
er+yQLy1STsRFw0b/jVp3hbsT8qcLxYx+Ekhli4OeF1pXZRlvbKHQcguuRgBdFtF
nnpcWkHyAVUP4Mpwf3eZRcQnbdDIf42VdAVoh8DKHc3Fxr+NABlj+851SuKoNn4/
liAOxBku4Za6flHM7EMPLgpkzoB934s1HNNTrfPS6f+9G+C1p7kWuGl/lBq0pWho
t1v8ojQci2UHnxQu+RY4PTpBH2TwqwolpxZERG/pFADsw/peoTgTNdeY059amgvZ
mKk29krXgV4OW083GTM2UTtnrycNvLF4d93EcIZX3Rot0uxYg6g0Btu1ifRJFmzi
XflYoBnIc//971j2Ty7oM1xq+lUiG1oCYKwfbc4ewFjMrLfqtlO/OV2T2spm9cVy
w3e78u3DDEUaTxa4oKt2W2B/XTJb4fx0VCi0H0ppbSBNZXllcmluZyA8amltQG1l
eWVyaW5nLm5ldD6JAjoEEwEIACQCGy8FCwkIBwMFFQoJCAsFFgIDAQACHgECF4AF
AkwXdFQCGQEACgkQf9n8ywAL7u6hfQ/+J5VFGee4r5JF3M+ImCzLmidwRk7Ah2Gu
a1Xv8MvH05kSxUGXp83a3F3Zgo60sRzQ569EBjhCu2Hewz3p3nfWgYqnkKuCIOhg
7oq7dirEaFatdTHgN7tuACI2m60ncdgQa9S13tmmEy407iZqYQJNtLFDe/r6Fcf6
cDFnjiIsVdk1WPyw3gLs/gjgh+MmyQRtotULAHFPSuq1v2SdE3umaillGH9gSfoa
U8PUdnKRgyaOHA7mC0EHdgHk8Fte+5ZtpbAnWJL7IlZw5ul6br4q3Ry/5UL9GbbR
/ma9AMAYEt42NMhLLnaOHbiVC7iyNqSoVsoLY8VFWprHxd3xe+WtzdEMSLqd6lvm
CF9B+IAsLvvQaas2v+FtOKuDDRcWMFm/ulyPxa5ewSabgB/xhr1n2KROBJuyGXuI
BCzj2XTt2mCjfs6aMV7COoLiDoVDrc3SjM7SIUvndgemQ7dCGmWEAJsRHHU1KW7X
H3ycYi2waiFPL16hTaUGi0sjIR50OOMbzA/JBwUj1rocK5OM1RbdZk4vu1GQwZuD
BGsVvL6eciXPFEWrJNbdqaCYiSKVGByPVUUgLC6qPcVYezCOcdJTrBae9Y+me8B4
K8hNAU3t/fGlOFxt8Ka5daoPLHbyw9EWo9QNWEHlTOhqhB3w04YJBwrxeI07uRm0
UhqufTRftUG0H0ppbSBNZXllcmluZyA8bWV5ZXJpbmdAZ251Lm9yZz6JAjcEEwEI
ACEFAkwXc5MCGy8FCwkIBwMFFQoJCAsFFgIDAQACHgECF4AACgkQf9n8ywAL7u7d
Xg//TD0dsvwMl5gGSJspUHz08vwcM9zp2fldabi1GMC0q73nYnoUH9wHLVcPJ77C
Rqh+9lyvd230hnHPPbMksg/L6YetnVAo0NUz8pxx1hZBw8fJDvl4NxTgs8FbwtxL
/ZnAs/RHzEEiECbWWnxaEWYuZAGD4S8u6fnzNfPCYbf/dCEdO4O+FIumPoJCJF9o
rHd3rvtB+P41YKaY1+K8lM02BoY3fXRwbCvX1Rn965/BtIJiUDJLxEXUk2Gq6pZ9
zPcHKQjHcGs+2zS/Z6wmhuTEhFmpCw0jIt9rzMs5i5JOB0eqLtKD9C6tURA1KK1e
XUvE4X8F7kaXkfPXhLzdLZskTt0kbNr+YU5AZtEDWplaw71t376JKOyn7yLqYLJL
R0KMmn1DpU4kFSMK+zufLGo0gmp0054hwBqM0q8V69AhfJQB/AV9MnpJ4h23N1kI
RxfYMThZr29PBFR0xkq6hOW7sfbZmQDL8j6NaMKWVJx7cFDzMkXXGozuBltjFGa+
q0Vf9QpDGiMPXIUz9elRZQ/pPP6ha6pycpElp9LJ9DumBAtG2bimhhlEXNP0L7H5
TQefDCgmfVY2DuyxbPP5knAmvEW4pEXd+UZ+epsRve5mu8yAHp+vznGM+SuBp1sG
UL5VmkFtNnpXhW6hco2s3egz7hZOlsH+L8BbAmw5E+tGfP60IkppbSBNZXllcmlu
ZyA8bWV5ZXJpbmdAcmVkaGF0LmNvbT6JAh8EMAEIAAkFAlCBOrICHSAACgkQf9n8
ywAL7u7aJQ/+IJqpTT55uVMvnvVGsSnSGEm0Fbirbra3yncsV/9DF5iNpYj3deCf
A4YdKLrcn+F7sep+62rMtk+Pwik1rbU98bbcd/rH0Zg92ePlS2gingyi166XkQs8
Vgx1WsUH9gGA/vRmtSdso4Gbod1ucmePliMxIxDF3a7zRte9T8GuYFW/cD/yozHi
JrL2k7nVor6+YbIvePToEP/p0XLGeYUn2iZ1XCEp9na2Odw7/g9Z/78aJAXsCvWN
MVXYbKv67lx+4p2u5kwg34gOpnoBfFVMDy+xQYYRM8XrOrcRMnUlBNdFDYue7EB+
E65PfKfzPaTLPBI2eeeyrBg72H9PG9IY5TDFdvm2KCO7GMnd4Kjg9h9d+r1kfZAX
zXHpzkHMpxarvNoAovaxAr8Xh0lP5PwlMA0GkZXpSTXImYrobwLeR2sowGbwXazq
ozsroO7LGwaI8cRcGmXtCMQR+iS/c2gp80tzKazP+7ao+C/AZr67gzrnJY5uO000
Vd5lRaTG1T11feTbAhnxFSmQUE5TnUIOfss2dCCO6CMqcrlac6QTYEolgWRBN/Fo
3zAVAPpbXsqY+OEPnHwwWJeCv9ZprW36PRIjktfw4igP38wTimZ0onI4j0SlKLIT
V1KlGZVpG2onBn/Ly5HGepqZd7VbRQTruLXpWEpn56YN+vtrthw1wcM=
=Q4hV
-----END PGP PUBLIC KEY BLOCK-----

159
gzip.spec Normal file
View file

@ -0,0 +1,159 @@
#
# spec file for package gzip
#
# Copyright (c) 2022-2023 ZhuningOS
#
%define _buildshell /bin/bash
Name: gzip
Version: 1.10
Release: 150200.10.1
Summary: GNU Zip Compression Utilities
License: GPL-3.0-or-later
Group: Productivity/Archiving/Compression
URL: http://www.gnu.org/software/gzip/
Source: http://ftp.gnu.org/gnu/%{name}/%{name}-%{version}.tar.xz
Source2: http://ftp.gnu.org/gnu/%{name}/%{name}-%{version}.tar.xz.sig
Source3: %{name}.keyring
Patch0: zgrep.diff
Patch2: zmore.diff
Patch3: non-exec-stack.diff
Patch6: zdiff.diff
# PATCH FIX OPENSUSE BNC#799561 - zgrep silently fails on LZMA compressed files
# PATCH-FIX-SUSE bsc#1198922 - add support for zstd files as well
Patch7: xz_lzma_zstd.patch
Patch8: manpage-no-date.patch
Patch9: gzip-1.10-ibm_dfltcc_support.patch
Patch10: gzip-1.10-fix_count_of_lines_to_skip.patch
# https://git.savannah.gnu.org/cgit/gzip.git/commit/?id=be0a534ba2b6e77da289de8da79e70843b1028cc
Patch11: gzip-1.10-fix-DFLTCC-segfault.patch
# PATCH-FIX-SECURITY bsc#1198062 danilo.spinella@suse.com
Patch12: bsc1198062.patch
Patch13: bsc1198062-2.patch
BuildRequires: autoconf
BuildRequires: automake
BuildRequires: makeinfo
BuildRequires: xz
Requires(post): %{install_info_prereq}
Requires(preun): %{install_info_prereq}
%description
Gzip reduces the size of the named files using Lempel-Ziv coding LZ77.
Whenever possible, each file is replaced by one with the extension .gz,
while keeping the same ownership modes and access and modification
times.
%prep
%setup -q
%patch0
%patch2 -p1
%patch3
%patch6
%patch7 -p1
%patch8 -p1
%ifarch s390x
%patch9 -p1
%endif
%patch10 -p1
%ifarch s390x
%patch11 -p1
%endif
%patch12 -p1
%patch13 -p1
%build
export CFLAGS="%{optflags} -fomit-frame-pointer \
-W -Wall -Wno-unused-parameter -Wstrict-prototypes -Wpointer-arith -fPIE"
export LDFLAGS="-pie"
# added because of gzip-1.10-ibm_dfltcc_support.patch [jsc#SLE-5818]
autoreconf -f -i
%ifarch s390x
export CFLAGS="$CFLAGS -DDFLTCC_LEVEL_MASK=0x7e"
%endif
%configure --disable-silent-rules \
gl_cv_func_printf_directive_n=yes \
gl_cv_func_printf_infinite_long_double=yes \
%ifarch s390x
--enable-dfltcc \
%endif
profile_gzip()
{
tmpfile=$(mktemp)
trap "rm -f $tmpfile $tmpfile.gz" EXIT
xz -cd %{SOURCE0} > $tmpfile
time ./gzip < $tmpfile > $tmpfile.gz
time ./gzip -d < $tmpfile.gz > /dev/null
}
%if %{do_profiling}
make %{?_smp_mflags} CFLAGS="$CFLAGS -fprofile-generate" LDFLAGS="-pie"
profile_gzip
make clean %{?_smp_mflags}
make %{?_smp_mflags} CFLAGS="$CFLAGS -fprofile-use" LDFLAGS="-pie"
%else
make %{?_smp_mflags} LDFLAGS="-pie"
%endif
%check
for i in {1..9}; do
for f in build-aux/texinfo.tex /bin/bash; do
basef=${f##*/}
time ./gzip -$i < $f > $basef.gz
./gzip --test $basef.gz
./gzip -d < $basef.gz > $basef.test$i
cmp $f $basef.test$i
done
done
%install
%make_install
#UsrMerge
mkdir -p %{buildroot}/bin
ln -sf %{_bindir}/gzip %{_bindir}/gunzip %{_bindir}/zcat %{buildroot}/bin
#EndUsrMerge
ln -sf zmore %{buildroot}%{_bindir}/zless
ln -sf zmore.1 %{buildroot}%{_mandir}/man1/zless.1
%post
%install_info --info-dir=%{_infodir} %{_infodir}/%{name}.info%{ext_info}
%preun
%install_info_delete --info-dir=%{_infodir} %{_infodir}/%{name}.info%{ext_info}
%files
%license COPYING
%doc README AUTHORS ChangeLog TODO NEWS THANKS
#UsrMerge
/bin/gunzip
/bin/gzip
/bin/zcat
#EndUsrMerge
%{_bindir}/gunzip
%{_bindir}/gzexe
%{_bindir}/gzip
%{_bindir}/uncompress
%{_bindir}/zcat
%{_bindir}/zcmp
%{_bindir}/zdiff
%{_bindir}/zegrep
%{_bindir}/zfgrep
%{_bindir}/zforce
%{_bindir}/zgrep
%{_bindir}/zless
%{_bindir}/zmore
%{_bindir}/znew
%{_infodir}/gzip.info%{?ext_info}
%{_mandir}/man1/gunzip.1%{?ext_man}
%{_mandir}/man1/gzexe.1%{?ext_man}
%{_mandir}/man1/gzip.1%{?ext_man}
%{_mandir}/man1/zcat.1%{?ext_man}
%{_mandir}/man1/zcmp.1%{?ext_man}
%{_mandir}/man1/zdiff.1%{?ext_man}
%{_mandir}/man1/zforce.1%{?ext_man}
%{_mandir}/man1/zgrep.1%{?ext_man}
%{_mandir}/man1/zless.1%{?ext_man}
%{_mandir}/man1/zmore.1%{?ext_man}
%{_mandir}/man1/znew.1%{?ext_man}
%changelog

21
manpage-no-date.patch Normal file
View file

@ -0,0 +1,21 @@
Index: gzip-1.9/doc/gzip.texi
===================================================================
--- gzip-1.9.orig/doc/gzip.texi
+++ gzip-1.9/doc/gzip.texi
@@ -9,7 +9,7 @@
@c %**end of header
@copying
This manual is for GNU Gzip
-(version @value{VERSION}, @value{UPDATED}),
+(version @value{VERSION}),
and documents commands for compressing and decompressing data.
Copyright @copyright{} 1998-1999, 2001-2002, 2006-2007, 2009-2018 Free Software
@@ -47,7 +47,6 @@ Free Documentation License''.
@title GNU gzip
@subtitle The data compression program
@subtitle for Gzip version @value{VERSION}
-@subtitle @value{UPDATED}
@author by Jean-loup Gailly
@page

9
non-exec-stack.diff Normal file
View file

@ -0,0 +1,9 @@
Index: lib/match.c
===================================================================
--- lib/match.c.orig
+++ lib/match.c
@@ -770,3 +770,4 @@ match_init:
# endif /* __ia64__ */
#endif /* mc68000 || mc68020 */
#endif /* i386 || _I386 */
+ .section .note.GNU-stack,"",@progbits

33
xz_lzma_zstd.patch Normal file
View file

@ -0,0 +1,33 @@
Index: gzip-1.10/zgrep.1
===================================================================
--- gzip-1.10.orig/zgrep.1
+++ gzip-1.10/zgrep.1
@@ -11,7 +11,7 @@ The
.I Zgrep
invokes
.I grep
-on compressed or gzipped files.
+on compressed, xz'ed, lzma'ed, zstd'ed, bzip2'ed or gzipped files.
All options specified are passed directly to
.IR grep .
If no file is specified, then the standard input is decompressed
Index: gzip-1.10/zgrep.in
===================================================================
--- gzip-1.10.orig/zgrep.in
+++ gzip-1.10/zgrep.in
@@ -215,6 +215,15 @@ do
*.bz2)
uncompress=bzip2
;;
+ *.xz)
+ uncompress=xz
+ ;;
+ *.lzma)
+ uncompress=lzma
+ ;;
+ *.zst)
+ uncompress=zstd
+ ;;
*)
uncompress=gzip
;;

17
zdiff.diff Normal file
View file

@ -0,0 +1,17 @@
Index: zdiff.in
===================================================================
--- zdiff.in.orig 2012-01-01 09:53:58.000000000 +0100
+++ zdiff.in 2012-10-16 13:40:46.854905141 +0200
@@ -105,9 +105,9 @@ elif test $# -eq 2; then
5<&0
then
gzip_status=$(
- exec 4>&1
- (gzip -cdfq -- "$1" 4>&-; echo $? >&4) 3>&- |
- ( (gzip -cdfq -- "$2" 4>&-; echo $? >&4) 3>&- 5<&- </dev/null |
+ exec 4>&1 6<&0
+ (gzip -cdfq -- "$1" 4>&-; echo $? >&4) 3>&- 6<&- |
+ ( (gzip -cdfq -- "$2" 4>&- 0<&6 6<&-; echo $? >&4) 3>&- 5<&- </dev/null |
eval "$cmp" /dev/fd/5 - >&3) 5<&0
)
cmp_status=$?

24
zgrep.diff Normal file
View file

@ -0,0 +1,24 @@
Index: zgrep.in
===================================================================
--- zgrep.in.orig 2012-01-01 09:53:58.000000000 +0100
+++ zgrep.in 2012-10-16 13:22:26.304769138 +0200
@@ -174,10 +174,18 @@ res=0
for i
do
+ case $i in
+ *.bz2)
+ uncompress=bzip2
+ ;;
+ *)
+ uncompress=gzip
+ ;;
+ esac
# Fail if gzip or grep (or sed) fails.
gzip_status=$(
exec 5>&1
- (gzip -cdfq -- "$i" 5>&-; echo $? >&5) 3>&- |
+ ($uncompress -cdfq -- "$i" 5>&-; echo $? >&5) 3>&- |
if test $files_with_matches -eq 1; then
eval "$grep" >/dev/null && { printf '%s\n' "$i" || exit 2; }
elif test $files_without_matches -eq 1; then

44
zmore.diff Normal file
View file

@ -0,0 +1,44 @@
---
zmore.in | 25 ++++++++++++++++++++++++-
1 file changed, 24 insertions(+), 1 deletion(-)
Index: gzip-1.6/zmore.in
===================================================================
--- gzip-1.6.orig/zmore.in
+++ gzip-1.6/zmore.in
@@ -44,6 +44,29 @@ case $1 in
exit 1;;
esac
+opt=
+pager ()
+{
+ eval ${PAGER-more} \$opt
+ cat > /dev/null
+}
+
+while :; do
+ case $1 in
+ --)
+ shift
+ break
+ ;;
+ [-+]*)
+ opt="$opt $1"
+ shift
+ ;;
+ *)
+ break
+ ;;
+ esac
+done
+
if test $# = 0; then
if test -t 0; then
printf >&2 '%s\n' "$0: missing operands; try '$0 --help' for help"
@@ -57,4 +80,4 @@ do
test $# -lt 2 ||
printf '::::::::::::::\n%s\n::::::::::::::\n' "$FILE" || break
gzip -cdfq -- "$FILE"
-done 2>&1 | eval ${PAGER-more}
+done 2>&1 | pager