svn commit: r299896 - in head/contrib/libarchive: cpio libarchive

Martin Matuska mm at FreeBSD.org
Mon May 16 05:01:46 UTC 2016 

Author: mm
Date: Mon May 16 05:01:44 2016
New Revision: 299896
URL: https://svnweb.freebsd.org/changeset/base/299896

Log:
  Revert r299576 and MFV r299895:
  
  Revert r299576:
  Fix broken cpio behavior.
  
  MFV r299895:
  Update to vendor git commit 860ec63.
  
  MFC after:	3 weeks (together with libarchive 3.2.0)
  Fix broken cpio behavior in pass-through mode with vendor code.
  > Description of fields to fill in above:                     76 columns --|
  > PR:                       If and which Problem Report is related.
  > Submitted by:             If someone else sent in the change.
  > Reported by:              If someone else reported the issue.
  > Reviewed by:              If someone else reviewed your modification.
  > Approved by:              If you needed approval for this commit.
  > Obtained from:            If the change is from a third party.
  > MFC after:                N [day[s]|week[s]|month[s]].  Request a reminder email.
  > MFH:                      Ports tree branch name.  Request approval for merge.
  > Relnotes:                 Set to 'yes' for mention in release notes.
  > Security:                 Vulnerability reference (one per line) or description.
  > Sponsored by:             If the change was sponsored by an organization.
  > Differential Revision:    https://reviews.freebsd.org/D### (*full* phabric URL needed).
  > Empty fields above will be automatically removed.
  
  _M   libarchive
  _M   libarchive/cpio
  M    libarchive/cpio/bsdcpio.1
  M    libarchive/cpio/cpio.c
  _M   libarchive/libarchive
  M    libarchive/libarchive/archive_read_support_format_cpio.c

Modified:
  head/contrib/libarchive/cpio/bsdcpio.1
  head/contrib/libarchive/cpio/cpio.c
  head/contrib/libarchive/libarchive/archive_read_support_format_cpio.c
Directory Properties:
  head/contrib/libarchive/   (props changed)
  head/contrib/libarchive/cpio/   (props changed)
  head/contrib/libarchive/libarchive/   (props changed)

Modified: head/contrib/libarchive/cpio/bsdcpio.1
==============================================================================
--- head/contrib/libarchive/cpio/bsdcpio.1	Mon May 16 04:47:32 2016	(r299895)
+++ head/contrib/libarchive/cpio/bsdcpio.1	Mon May 16 05:01:44 2016	(r299896)
@@ -156,7 +156,8 @@ See above for description.
 .It Fl Fl insecure
 (i and p mode only)
 Disable security checks during extraction or copying.
-This allows extraction via symbolic links and path names containing
+This allows extraction via symbolic links, absolute paths,
+and path names containing
 .Sq ..
 in the name.
 .It Fl J , Fl Fl xz

Modified: head/contrib/libarchive/cpio/cpio.c
==============================================================================
--- head/contrib/libarchive/cpio/cpio.c	Mon May 16 04:47:32 2016	(r299895)
+++ head/contrib/libarchive/cpio/cpio.c	Mon May 16 05:01:44 2016	(r299896)
@@ -171,6 +171,7 @@ main(int argc, char *argv[])
 	cpio->extract_flags |= ARCHIVE_EXTRACT_NO_OVERWRITE_NEWER;
 	cpio->extract_flags |= ARCHIVE_EXTRACT_SECURE_SYMLINKS;
 	cpio->extract_flags |= ARCHIVE_EXTRACT_SECURE_NODOTDOT;
+	cpio->extract_flags |= ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS;
 	cpio->extract_flags |= ARCHIVE_EXTRACT_PERM;
 	cpio->extract_flags |= ARCHIVE_EXTRACT_FFLAGS;
 	cpio->extract_flags |= ARCHIVE_EXTRACT_ACL;
@@ -256,6 +257,7 @@ main(int argc, char *argv[])
 		case OPTION_INSECURE:
 			cpio->extract_flags &= ~ARCHIVE_EXTRACT_SECURE_SYMLINKS;
 			cpio->extract_flags &= ~ARCHIVE_EXTRACT_SECURE_NODOTDOT;
+			cpio->extract_flags &= ~ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS;
 			break;
 		case 'L': /* GNU cpio */
 			cpio->option_follow_links = 1;
@@ -293,6 +295,7 @@ main(int argc, char *argv[])
 				    "Cannot use both -p and -%c", cpio->mode);
 			cpio->mode = opt;
 			cpio->extract_flags &= ~ARCHIVE_EXTRACT_SECURE_NODOTDOT;
+			cpio->extract_flags &= ~ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS;
 			break;
 		case OPTION_PASSPHRASE:
 			cpio->passphrase = cpio->argument;

Modified: head/contrib/libarchive/libarchive/archive_read_support_format_cpio.c
==============================================================================
--- head/contrib/libarchive/libarchive/archive_read_support_format_cpio.c	Mon May 16 04:47:32 2016	(r299895)
+++ head/contrib/libarchive/libarchive/archive_read_support_format_cpio.c	Mon May 16 05:01:44 2016	(r299896)
@@ -401,6 +401,11 @@ archive_read_format_cpio_read_header(str
 
 	/* If this is a symlink, read the link contents. */
 	if (archive_entry_filetype(entry) == AE_IFLNK) {
+		if (cpio->entry_bytes_remaining > 1024 * 1024) {
+			archive_set_error(&a->archive, ENOMEM,
+			    "Rejecting malformed cpio archive: symlink contents exceed 1 megabyte");
+			return (ARCHIVE_FATAL);
+		}
 		h = __archive_read_ahead(a,
 			(size_t)cpio->entry_bytes_remaining, NULL);
 		if (h == NULL)

More information about the svn-src-head mailing list