Skip to content
Snippets Groups Projects
Commit 01c7bf1b authored by Damian Alvarez's avatar Damian Alvarez
Browse files

Merge branch 'sa-CMake+Rust2023' into '2023' 

{GCCcore} CMake and Rust

See merge request software-team/easybuild!1360
parents 382b78f9 f028b199
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
Showing
with 1691 additions and 0 deletions
Golden_Repo/b/bzip2/bzip2-1.0.8-GCCcore-11.3.0.eb 0 → 100644
+ 27
0
View file @ 01c7bf1b
name = 'bzip2'
version = '1.0.8'
homepage = 'https://sourceware.org/bzip2'
description = """
bzip2 is a freely available, patent free, high-quality data compressor. It
typically compresses files to within 10% to 15% of the best available
techniques (the PPM family of statistical compressors), whilst being around
twice as fast at compression and six times faster at decompression.
"""
toolchain = {'name': 'GCCcore', 'version': '11.3.0'}
toolchainopts = {'pic': True}
source_urls = ['https://sourceware.org/pub/%(name)s/']
sources = [SOURCE_TAR_GZ]
patches = ['bzip2-%(version)s-pkgconfig.patch']
checksums = [
'ab5a03176ee106d3f0fa90e381da478ddae405918153cca248e682cd0c4a2269', # bzip2-1.0.8.tar.gz
'9299e8ee4d014ea973777b6ea90661fe329dfa991f822add4c763ea9ddb9aab1', # bzip2-1.0.8-pkgconfig.patch
]
builddependencies = [
('binutils', '2.38'),
]
moduleclass = 'tools'
Golden_Repo/b/bzip2/bzip2-1.0.8-pkgconfig.patch 0 → 100644
+ 33
0
View file @ 01c7bf1b
#- Adds a pkgconfig/bzip2.pc file
#
# author: Jiri Furst <jiri.furst@gmail.com>
# inspired by OpenSUSE patch by Stanislav Brabec <sbrabec@suse.cz>, see
# http://ftp.suse.com/pub/people/sbrabec/bzip2/
diff -Nau bzip2-1.0.8.orig/bzip2.pc.in bzip2-1.0.6/bzip2.pc.in
--- bzip2-1.0.8.orig/bzip2.pc.in 1970-01-01 01:00:00.000000000 +0100
+++ bzip2-1.0.8/bzip2.pc.in 2019-05-01 11:47:29.795517973 +0200
@@ -0,0 +1,11 @@
+exec_prefix=${prefix}
+bindir=${exec_prefix}/bin
+libdir=${exec_prefix}/lib
+includedir=${prefix}/include
+
+Name: bzip2
+Description: Lossless, block-sorting data compression
+Version: 1.0.8
+Libs: -L${libdir} -lbz2
+Cflags: -I${includedir}
+
diff -Nau bzip2-1.0.8.orig/Makefile bzip2-1.0.6/Makefile
--- bzip2-1.0.8.orig/Makefile 2019-05-01 11:28:04.788206974 +0200
+++ bzip2-1.0.8/Makefile 2019-05-01 11:46:20.911324226 +0200
@@ -107,6 +107,9 @@
echo ".so man1/bzgrep.1" > $(PREFIX)/man/man1/bzfgrep.1
echo ".so man1/bzmore.1" > $(PREFIX)/man/man1/bzless.1
echo ".so man1/bzdiff.1" > $(PREFIX)/man/man1/bzcmp.1
+ if ( test ! -d $(PREFIX)/lib/pkgconfig ) ; then mkdir -p $(PREFIX)/lib/pkgconfig ; fi
+ echo "prefix=$(PREFIX)" > $(PREFIX)/lib/pkgconfig/bzip2.pc
+ cat bzip2.pc.in >> $(PREFIX)/lib/pkgconfig/bzip2.pc
clean:
rm -f *.o libbz2.a bzip2 bzip2recover \
Golden_Repo/c/CMake/CMake-3.23.1-GCCcore-11.3.0.eb 0 → 100644
+ 30
0
View file @ 01c7bf1b
name = 'CMake'
version = '3.23.1'
homepage = 'https://www.cmake.org'
description = """
CMake, the cross-platform, open-source build system. CMake is a family of
tools designed to build, test and package software.
"""
toolchain = {'name': 'GCCcore', 'version': '11.3.0'}
source_urls = ['https://www.cmake.org/files/v%(version_major_minor)s']
sources = [SOURCELOWER_TAR_GZ]
checksums = ['33fd10a8ec687a4d0d5b42473f10459bb92b3ae7def2b745dc10b192760869f3']
builddependencies = [
('binutils', '2.38'),
]
dependencies = [
('ncurses', '6.3'),
('zlib', '1.2.12'),
('bzip2', '1.0.8'),
('cURL', '7.83.0'),
('libarchive', '3.6.1'),
('OpenSSL', '1.1', '', True),
]
moduleclass = 'devel'
Golden_Repo/c/cURL/cURL-7.83.0-GCCcore-11.3.0.eb 0 → 100644
+ 43
0
View file @ 01c7bf1b
easyblock = 'ConfigureMake'
name = 'cURL'
version = '7.83.0'
homepage = 'https://curl.haxx.se'
description = """
libcurl is a free and easy-to-use client-side URL transfer library,
supporting DICT, FILE, FTP, FTPS, Gopher, HTTP, HTTPS, IMAP, IMAPS, LDAP,
LDAPS, POP3, POP3S, RTMP, RTSP, SCP, SFTP, SMTP, SMTPS, Telnet and TFTP.
libcurl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP
form based upload, proxies, cookies, user+password authentication (Basic,
Digest, NTLM, Negotiate, Kerberos), file transfer resume, http proxy tunneling
and more.
"""
toolchain = {'name': 'GCCcore', 'version': '11.3.0'}
source_urls = ['https://curl.haxx.se/download/']
sources = [SOURCELOWER_TAR_GZ]
checksums = ['c0e64302a33d2fb79e0fc4e674260a22941e92ee2f11b894bf94d32b8f5531af']
builddependencies = [
('binutils', '2.38'),
]
dependencies = [
('zlib', '1.2.12'),
('OpenSSL', '1.1', '', True),
]
configopts = '--with-zlib '
configopts += '--with-ssl=$EBROOTOPENSSL '
modextravars = {'CURL_INCLUDES': '%(installdir)s/include'}
sanity_check_paths = {
'files': ['bin/curl', 'lib/libcurl.a', 'lib/libcurl.%s' % SHLIB_EXT],
'dirs': ['lib/pkgconfig', 'include/curl'],
}
moduleclass = 'tools'
Golden_Repo/g/GMP/GMP-6.2.1-GCCcore-11.3.0.eb 0 → 100644
+ 40
0
View file @ 01c7bf1b
easyblock = 'ConfigureMake'
name = 'GMP'
version = '6.2.1'
homepage = 'https://gmplib.org/'
description = """
GMP is a free library for arbitrary precision arithmetic, operating on signed
integers, rational numbers, and floating point numbers.
"""
toolchain = {'name': 'GCCcore', 'version': '11.3.0'}
toolchainopts = {'precise': True, 'pic': True}
source_urls = ['https://ftp.gnu.org/gnu/%(namelower)s']
sources = [SOURCELOWER_TAR_BZ2]
checksums = ['eae9326beb4158c386e39a356818031bd28f3124cf915f8c5b1dc4c7a36b4d7c']
builddependencies = [
('Autotools', '20220317'),
('binutils', '2.38'),
]
# enable C++ interface
configopts = '--enable-cxx'
# copy libgmp.so* to <installdir>/lib to make sure that it is picked up by tests
# when EasyBuild is configured with --rpath, and clean up afterwards (let 'make install' do its job)
pretestopts = "mkdir -p %%(installdir)s/lib && cp -a .libs/libgmp.%s* %%(installdir)s/lib && " % SHLIB_EXT
testopts = " && rm -r %(installdir)s/lib"
runtest = 'check'
sanity_check_paths = {
'files': ['lib/lib%s.%s' % (l, e) for l in ['gmp', 'gmpxx'] for e in [SHLIB_EXT, 'a']] +
['include/gmp.h', 'include/gmpxx.h'],
'dirs': ['share'],
}
moduleclass = 'math'
Golden_Repo/g/git/git-2.36.0-GCCcore-11.3.0-nodocs.eb 0 → 100644
+ 47
0
View file @ 01c7bf1b
##
# Author: Robert Mijakovic <robert.mijakovic@lxp.lu>
##
# updated to 2.33.1
# J. Sassmannshausen / GSTT
easyblock = 'ConfigureMake'
name = 'git'
version = '2.36.0'
versionsuffix = '-nodocs'
homepage = 'https://git-scm.com/'
description = """Git is a free and open source distributed version control system designed
to handle everything from small to very large projects with speed and efficiency."""
toolchain = {'name': 'GCCcore', 'version': '11.3.0'}
source_urls = ['https://github.com/git/git/archive']
sources = ['v%(version)s.tar.gz']
checksums = ['59dbc158dce293798570166fe7acfe225514f2868bc2d6e25c1a5a00c4ac0888']
builddependencies = [
('binutils', '2.38'),
('Autotools', '20220317'),
]
dependencies = [
('cURL', '7.83.0'),
('expat', '2.4.8'),
('gettext', '0.21'),
('Perl', '5.34.1'),
('OpenSSL', '1.1', '', True),
]
preconfigopts = 'make configure && '
# Work around git build system bug. If LIBS contains -lpthread, then configure
# will not append -lpthread to LDFLAGS, but Makefile ignores LIBS.
configopts = "--with-perl=${EBROOTPERL}/bin/perl --enable-pthreads='-lpthread'"
sanity_check_paths = {
'files': ['bin/git'],
'dirs': ['libexec/git-core', 'share'],
}
moduleclass = 'tools'
Golden_Repo/l/libarchive/libarchive-3.6.1-GCCcore-11.3.0.eb 0 → 100644
+ 33
0
View file @ 01c7bf1b
easyblock = 'ConfigureMake'
name = 'libarchive'
version = '3.6.1'
homepage = 'https://www.libarchive.org/'
description = """
Multi-format archive and compression library
"""
toolchain = {'name': 'GCCcore', 'version': '11.3.0'}
source_urls = ['https://www.libarchive.org/downloads/']
sources = [SOURCE_TAR_GZ]
checksums = ['c676146577d989189940f1959d9e3980d28513d74eedfbc6b7f15ea45fe54ee2']
builddependencies = [
('binutils', '2.38'),
]
dependencies = [
('zlib', '1.2.12'),
('XZ', '5.2.5'),
('OpenSSL', '1.1', '', True),
]
sanity_check_paths = {
'files': ['include/archive.h', 'lib/libarchive.%s' % SHLIB_EXT],
'dirs': ['bin', 'share/man/man3'],
}
moduleclass = 'tools'
Golden_Repo/l/libffi/libffi-3.4.2-GCCcore-11.3.0.eb 0 → 100644
+ 29
0
View file @ 01c7bf1b
easyblock = 'ConfigureMake'
name = 'libffi'
version = '3.4.2'
homepage = 'https://sourceware.org/libffi/'
description = """The libffi library provides a portable, high level programming interface to
various calling conventions. This allows a programmer to call any function
specified by a call interface description at run-time."""
toolchain = {'name': 'GCCcore', 'version': '11.3.0'}
toolchainopts = {'pic': True}
source_urls = ['https://github.com/libffi/libffi/releases/download/v3.4.2/']
sources = [SOURCELOWER_TAR_GZ]
checksums = ['540fb721619a6aba3bdeef7d940d8e9e0e6d2c193595bc243241b77ff9e93620']
builddependencies = [
('binutils', '2.38'),
]
configopts = '--disable-exec-static-tramp '
sanity_check_paths = {
'files': ['lib/libffi.a', 'lib/libffi.%s' % SHLIB_EXT],
'dirs': ['include', 'share'],
}
moduleclass = 'lib'
Golden_Repo/r/Rust/Rust-1.60.0-GCCcore-11.3.0.eb 0 → 100644
+ 58
0
View file @ 01c7bf1b
easyblock = 'ConfigureMake'
name = 'Rust'
version = '1.60.0'
homepage = 'https://www.rust-lang.org'
description = """Rust is a systems programming language that runs blazingly fast, prevents segfaults,
and guarantees thread safety."""
toolchain = {'name': 'GCCcore', 'version': '11.3.0'}
source_urls = ['https://static.rust-lang.org/dist/']
sources = ['rustc-%(version)s-src.tar.gz']
patches = ['Rust-1.60_sysroot-fix-interpreter.patch']
checksums = [
'20ca826d1cf674daf8e22c4f8c4b9743af07973211c839b85839742314c838b7', # rustc-1.60.0-src.tar.gz
'b59ed4c2591fc9098277299be21dd6752654f6f193d8652b7d21cb0fa0dd8716', # Rust-1.60_sysroot-fix-interpreter.patch
]
builddependencies = [
('binutils', '2.38'),
('CMake', '3.23.1'),
('Python', '3.10.4', '-bare'),
('pkgconf', '1.8.0'),
]
dependencies = [
('OpenSSL', '1.1', '', True),
]
configopts = "--enable-extended --sysconfdir=%(installdir)s/etc "
# avoid build dependency on Ninja, which requires Python,
# since Rust is a build dependency for cryptography that is included with Python
configopts += "--set=llvm.ninja=false "
# Use ./x.py to bootstrap so that options like -j N are correctly passed through
# see: https://rustc-dev-guide.rust-lang.org/building/how-to-build-and-run.html#what-is-xpy
# (ConfigureMake already adds `-j %(parallel)s` to the `build_cmd`)
build_cmd = "./x.py build"
install_cmd = "./x.py install -j %(parallel)s"
# avoid failure when home directory is an NFS mount,
# see https://github.com/rust-lang/cargo/issues/6652
prebuildopts = "export CARGO_HOME=%(builddir)s/cargo && "
preinstallopts = prebuildopts
sanity_check_paths = {
'files': ['bin/cargo', 'bin/rustc', 'bin/rustdoc'],
'dirs': ['lib/rustlib', 'share/doc', 'share/man'],
}
sanity_check_commands = [
"cargo --version",
"rustc --version",
]
moduleclass = 'lang'
Golden_Repo/r/Rust/Rust-1.60_sysroot-fix-interpreter.patch 0 → 100644
+ 30
0
View file @ 01c7bf1b
Use patchelf to fix interpreter of binaries that are used during Rust bootstrap procedure
when EasyBuild is configured to build in an alternate sysroot
This fixes problems like due to a clash with the interpreter from the host, and a more recent libc.so.6 that's picked up
from the alternate sysroot:
error: /lib/x86_64-linux-gnu/libc.so.6: version `GLIBC_2.32' not found (required by /tmp/easybuild/build/Rust/1.52.1/GCCcore-10.3.0/rustc-1.52.1-src/build/bootstrap/debug/deps/libproc_macro_error_attr-fbfef320d848b049.so)
author: Kenneth Hoste (HPC-UGent)
--- rustc-1.60.0-src/src/bootstrap/bootstrap.py.orig 2022-06-01 16:35:37.111817747 +0200
+++ rustc-1.60.0-src/src/bootstrap/bootstrap.py 2022-06-01 16:40:27.769571474 +0200
@@ -671,6 +671,18 @@
if ostype != "Linux":
return
+ sysroot = os.getenv("EASYBUILD_SYSROOT")
+ if sysroot and not fname.endswith(".so"):
+ # determine patch to interpreter in host via output produced by 'file -b /bin/bash'
+ readelf_out = subprocess.check_output(['readelf', '-l', '/bin/bash']).decode('ascii', 'ignore').strip()
+ regex = re.compile('.*program interpreter: ([^\]]+)', re.M)
+ res = regex.search(readelf_out)
+ interpreter_path = os.path.join(sysroot, res.group(1).lstrip('/'))
+ if not os.path.exists(interpreter_path):
+ raise Exception("Derived path to interpreter does not exist: %s" % interpreter_path)
+ cmd = ["patchelf", "--set-interpreter", interpreter_path, fname]
+ run(cmd, verbose=True)
+
# If the user has asked binaries to be patched for Nix, then
# don't check for NixOS or `/lib`, just continue to the patching.
if self.get_toml('patch-binaries-for-nix', 'build') != 'true':
Golden_Repo/s/SQLite/SQLite-3.38.3-GCCcore-11.3.0.eb 0 → 100644
+ 40
0
View file @ 01c7bf1b
easyblock = 'ConfigureMake'
name = 'SQLite'
version = '3.38.3'
local_filename_version = '3380300'
homepage = 'https://www.sqlite.org/'
description = "SQLite: SQL Database Engine in a C Library"
toolchain = {'name': 'GCCcore', 'version': '11.3.0'}
toolchainopts = {'pic': True}
source_urls = ['https://www.sqlite.org/2022/']
sources = ['%%(namelower)s-autoconf-%s.tar.gz' % (local_filename_version)]
checksums = ['61f2dd93a2e38c33468b7125967c3218bf9f4dd8365def6025e314f905dc942e']
builddependencies = [
('binutils', '2.38'),
]
dependencies = [
('libreadline', '8.1.2'),
('Tcl', '8.6.12'),
]
# enable additional APIs that provide access to meta-data about tables and queries
# needed for GDAL when it used as a dep for QGIS
buildopts = 'CC="$CC" CFLAGS="$CFLAGS -DSQLITE_ENABLE_COLUMN_METADATA"'
sanity_check_paths = {
'files': ['bin/sqlite3', 'include/sqlite3ext.h', 'include/sqlite3.h',
'lib/libsqlite3.a', 'lib/libsqlite3.%s' % SHLIB_EXT],
'dirs': ['lib/pkgconfig'],
}
sanity_check_commands = [
'sqlite3 --version | grep ^%(version)s',
]
moduleclass = 'devel'
Golden_Repo/t/Tcl/Tcl-8.6.12-GCCcore-11.3.0.eb 0 → 100644
+ 41
0
View file @ 01c7bf1b
easyblock = 'ConfigureMake'
name = 'Tcl'
version = '8.6.12'
homepage = 'https://www.tcl.tk/'
description = """
Tcl (Tool Command Language) is a very powerful but easy to learn dynamic
programming language, suitable for a very wide range of uses, including web
and desktop applications, networking, administration, testing and many more.
"""
toolchain = {'name': 'GCCcore', 'version': '11.3.0'}
source_urls = ['http://prdownloads.sourceforge.net/%(namelower)s']
sources = ['%(namelower)s%(version)s-src.tar.gz']
checksums = ['26c995dd0f167e48b11961d891ee555f680c175f7173ff8cb829f4ebcde4c1a6']
builddependencies = [
('binutils', '2.38'),
]
dependencies = [
('zlib', '1.2.12'),
]
configopts = '--enable-threads EXTRA_INSTALL="install-private-headers"'
runtest = 'test'
start_dir = 'unix'
postinstallcmds = ['ln -s %(installdir)s/bin/tclsh%(version_major)s.%(version_minor)s %(installdir)s/bin/tclsh']
sanity_check_paths = {
'files': ['bin/tclsh%(version_major)s.%(version_minor)s', 'bin/tclsh',
'include/tcl.h', 'lib/libtcl%%(version_major)s.%%(version_minor)s.%s' % SHLIB_EXT,
'lib/tclConfig.sh', 'man/man1/tclsh.1'],
'dirs': ['share'],
}
moduleclass = 'lang'
Golden_Repo/u/UnZip/UnZip-6.0-GCCcore-11.3.0.eb 0 → 100644
+ 52
0
View file @ 01c7bf1b
easyblock = 'ConfigureMake'
name = 'UnZip'
version = '6.0'
homepage = 'http://www.info-zip.org/UnZip.html'
description = """UnZip is an extraction utility for archives compressed
in .zip format (also called "zipfiles"). Although highly compatible both
with PKWARE's PKZIP and PKUNZIP utilities for MS-DOS and with Info-ZIP's
own Zip program, our primary objectives have been portability and
non-MSDOS functionality."""
toolchain = {'name': 'GCCcore', 'version': '11.3.0'}
source_urls = ['https://download.sourceforge.net/infozip']
sources = ['%(namelower)s%(version_major)s%(version_minor)s.tar.gz']
patches = [
'UnZip-%(version)s_various-security-and-other-fixes-from-Ubuntu.patch',
]
checksums = [
'036d96991646d0449ed0aa952e4fbe21b476ce994abc276e49d30e686708bd37', # unzip60.tar.gz
# UnZip-6.0_various-security-and-other-fixes-from-Ubuntu.patch
'06b9307fd5aa018896bd4126818c00c1fd284a06cc3681cf0492f951ebb57ffe',
]
builddependencies = [
('binutils', '2.38'),
]
dependencies = [
('bzip2', '1.0.8'),
]
skipsteps = ['configure']
buildopts = '-f unix/Makefile CC="$CC" D_USE_BZ2=-DUSE_BZIP2 L_BZ2=-lbz2 '
buildopts += 'LF2="$LDFLAGS" '
# Note: CF is multiple lines
buildopts += 'CF="$CFLAGS $CPPFLAGS -I. -DACORN_FTYPE_NFS -DWILD_STOP_AT_DIR -DLARGE_FILE_SUPPORT '
buildopts += '-DUNICODE_SUPPORT -DUNICODE_WCHAR -DUTF8_MAYBE_NATIVE -DNO_LCHMOD '
buildopts += '-DDATE_FORMAT=DF_YMD -DUSE_BZIP2 -DIZ_HAVE_UXUIDGID -DNOMEMCPY -DNO_WORKING_ISPRINT" unzips '
installopts = '-f unix/Makefile prefix=%(installdir)s '
sanity_check_paths = {
'files': ['bin/unzip', 'bin/zipinfo'],
'dirs': ['man/man1']
}
sanity_check_commands = ["unzip -v"]
moduleclass = 'tools'
Golden_Repo/u/UnZip/UnZip-6.0_various-security-and-other-fixes-from-Ubuntu.patch 0 → 100644
+ 1188
0
View file @ 01c7bf1b
From: Santiago Vila <sanvila@debian.org>
Subject: In Debian, manpages are in section 1, not in section 1L
X-Debian-version: 5.52-3
--- a/man/funzip.1
+++ b/man/funzip.1
@@ -20,7 +20,7 @@
.in -4n
..
.\" =========================================================================
-.TH FUNZIP 1L "20 April 2009 (v3.95)" "Info-ZIP"
+.TH FUNZIP 1 "20 April 2009 (v3.95)" "Info-ZIP"
.SH NAME
funzip \- filter for extracting from a ZIP archive in a pipe
.PD
@@ -78,7 +78,7 @@
.EE
.PP
To use \fIzip\fP and \fIfunzip\fP in place of \fIcompress\fP(1) and
-\fIzcat\fP(1) (or \fIgzip\fP(1L) and \fIgzcat\fP(1L)) for tape backups:
+\fIzcat\fP(1) (or \fIgzip\fP(1) and \fIgzcat\fP(1)) for tape backups:
.PP
.EX
tar cf \- . | zip \-7 | dd of=/dev/nrst0 obs=8k
@@ -108,8 +108,8 @@
.PD
.\" =========================================================================
.SH "SEE ALSO"
-\fIgzip\fP(1L), \fIunzip\fP(1L), \fIunzipsfx\fP(1L), \fIzip\fP(1L),
-\fIzipcloak\fP(1L), \fIzipinfo\fP(1L), \fIzipnote\fP(1L), \fIzipsplit\fP(1L)
+\fIgzip\fP(1), \fIunzip\fP(1), \fIunzipsfx\fP(1), \fIzip\fP(1),
+\fIzipcloak\fP(1), \fIzipinfo\fP(1), \fIzipnote\fP(1), \fIzipsplit\fP(1)
.PD
.\" =========================================================================
.SH URL
--- a/man/unzip.1
+++ b/man/unzip.1
@@ -20,7 +20,7 @@
.in -4n
..
.\" =========================================================================
-.TH UNZIP 1L "20 April 2009 (v6.0)" "Info-ZIP"
+.TH UNZIP 1 "20 April 2009 (v6.0)" "Info-ZIP"
.SH NAME
unzip \- list, test and extract compressed files in a ZIP archive
.PD
@@ -34,7 +34,7 @@
\fIunzip\fP will list, test, or extract files from a ZIP archive, commonly
found on MS-DOS systems. The default behavior (with no options) is to extract
into the current directory (and subdirectories below it) all files from the
-specified ZIP archive. A companion program, \fIzip\fP(1L), creates ZIP
+specified ZIP archive. A companion program, \fIzip\fP(1), creates ZIP
archives; both programs are compatible with archives created by PKWARE's
\fIPKZIP\fP and \fIPKUNZIP\fP for MS-DOS, but in many cases the program
options or default behaviors differ.
@@ -105,8 +105,8 @@
list of all possible flags. The exhaustive list follows:
.TP
.B \-Z
-\fIzipinfo\fP(1L) mode. If the first option on the command line is \fB\-Z\fP,
-the remaining options are taken to be \fIzipinfo\fP(1L) options. See the
+\fIzipinfo\fP(1) mode. If the first option on the command line is \fB\-Z\fP,
+the remaining options are taken to be \fIzipinfo\fP(1) options. See the
appropriate manual page for a description of these options.
.TP
.B \-A
@@ -178,7 +178,7 @@
compressed size and compression ratio figures are independent of the entry's
encryption status and show the correct compression performance. (The complete
size of the encrypted compressed data stream for zipfile entries is reported
-by the more verbose \fIzipinfo\fP(1L) reports, see the separate manual.)
+by the more verbose \fIzipinfo\fP(1) reports, see the separate manual.)
When no zipfile is specified (that is, the complete command is simply
``\fCunzip \-v\fR''), a diagnostic screen is printed. In addition to
the normal header with release date and version, \fIunzip\fP lists the
@@ -379,8 +379,8 @@
.TP
.B \-N
[Amiga] extract file comments as Amiga filenotes. File comments are created
-with the \-c option of \fIzip\fP(1L), or with the \-N option of the Amiga port
-of \fIzip\fP(1L), which stores filenotes as comments.
+with the \-c option of \fIzip\fP(1), or with the \-N option of the Amiga port
+of \fIzip\fP(1), which stores filenotes as comments.
.TP
.B \-o
overwrite existing files without prompting. This is a dangerous option, so
@@ -598,7 +598,7 @@
As suggested by the examples above, the default variable names are UNZIP_OPTS
for VMS (where the symbol used to install \fIunzip\fP as a foreign command
would otherwise be confused with the environment variable), and UNZIP
-for all other operating systems. For compatibility with \fIzip\fP(1L),
+for all other operating systems. For compatibility with \fIzip\fP(1),
UNZIPOPT is also accepted (don't ask). If both UNZIP and UNZIPOPT
are defined, however, UNZIP takes precedence. \fIunzip\fP's diagnostic
option (\fB\-v\fP with no zipfile name) can be used to check the values
@@ -648,8 +648,8 @@
a password is not known, entering a null password (that is, just a carriage
return or ``Enter'') is taken as a signal to skip all further prompting.
Only unencrypted files in the archive(s) will thereafter be extracted. (In
-fact, that's not quite true; older versions of \fIzip\fP(1L) and
-\fIzipcloak\fP(1L) allowed null passwords, so \fIunzip\fP checks each encrypted
+fact, that's not quite true; older versions of \fIzip\fP(1) and
+\fIzipcloak\fP(1) allowed null passwords, so \fIunzip\fP checks each encrypted
file to see if the null password works. This may result in ``false positives''
and extraction errors, as noted above.)
.PP
@@ -943,8 +943,8 @@
.PD
.\" =========================================================================
.SH "SEE ALSO"
-\fIfunzip\fP(1L), \fIzip\fP(1L), \fIzipcloak\fP(1L), \fIzipgrep\fP(1L),
-\fIzipinfo\fP(1L), \fIzipnote\fP(1L), \fIzipsplit\fP(1L)
+\fIfunzip\fP(1), \fIzip\fP(1), \fIzipcloak\fP(1), \fIzipgrep\fP(1),
+\fIzipinfo\fP(1), \fIzipnote\fP(1), \fIzipsplit\fP(1)
.PD
.\" =========================================================================
.SH URL
--- a/man/unzipsfx.1
+++ b/man/unzipsfx.1
@@ -20,7 +20,7 @@
.in -4n
..
.\" =========================================================================
-.TH UNZIPSFX 1L "20 April 2009 (v6.0)" "Info-ZIP"
+.TH UNZIPSFX 1 "20 April 2009 (v6.0)" "Info-ZIP"
.SH NAME
unzipsfx \- self-extracting stub for prepending to ZIP archives
.PD
@@ -30,7 +30,7 @@
.PD
.\" =========================================================================
.SH DESCRIPTION
-\fIunzipsfx\fP is a modified version of \fIunzip\fP(1L) designed to be
+\fIunzipsfx\fP is a modified version of \fIunzip\fP(1) designed to be
prepended to existing ZIP archives in order to form self-extracting archives.
Instead of taking its first non-flag argument to be the zipfile(s) to be
extracted, \fIunzipsfx\fP seeks itself under the name by which it was invoked
@@ -109,7 +109,7 @@
.PD
.\" =========================================================================
.SH OPTIONS
-\fIunzipsfx\fP supports the following \fIunzip\fP(1L) options: \fB\-c\fP
+\fIunzipsfx\fP supports the following \fIunzip\fP(1) options: \fB\-c\fP
and \fB\-p\fP (extract to standard output/screen), \fB\-f\fP and \fB\-u\fP
(freshen and update existing files upon extraction), \fB\-t\fP (test
archive) and \fB\-z\fP (print archive comment). All normal listing options
@@ -118,11 +118,11 @@
those creating self-extracting archives may wish to include a short listing
in the zipfile comment.
.PP
-See \fIunzip\fP(1L) for a more complete description of these options.
+See \fIunzip\fP(1) for a more complete description of these options.
.PD
.\" =========================================================================
.SH MODIFIERS
-\fIunzipsfx\fP currently supports all \fIunzip\fP(1L) modifiers: \fB\-a\fP
+\fIunzipsfx\fP currently supports all \fIunzip\fP(1) modifiers: \fB\-a\fP
(convert text files), \fB\-n\fP (never overwrite), \fB\-o\fP (overwrite
without prompting), \fB\-q\fP (operate quietly), \fB\-C\fP (match names
case-insensitively), \fB\-L\fP (convert uppercase-OS names to lowercase),
@@ -137,18 +137,18 @@
of course continue to be supported since the zipfile format implies ASCII
storage of text files.)
.PP
-See \fIunzip\fP(1L) for a more complete description of these modifiers.
+See \fIunzip\fP(1) for a more complete description of these modifiers.
.PD
.\" =========================================================================
.SH "ENVIRONMENT OPTIONS"
-\fIunzipsfx\fP uses the same environment variables as \fIunzip\fP(1L) does,
+\fIunzipsfx\fP uses the same environment variables as \fIunzip\fP(1) does,
although this is likely to be an issue only for the person creating and
-testing the self-extracting archive. See \fIunzip\fP(1L) for details.
+testing the self-extracting archive. See \fIunzip\fP(1) for details.
.PD
.\" =========================================================================
.SH DECRYPTION
-Decryption is supported exactly as in \fIunzip\fP(1L); that is, interactively
-with a non-echoing prompt for the password(s). See \fIunzip\fP(1L) for
+Decryption is supported exactly as in \fIunzip\fP(1); that is, interactively
+with a non-echoing prompt for the password(s). See \fIunzip\fP(1) for
details. Once again, note that if the archive has no encrypted files there
is no reason to use a version of \fIunzipsfx\fP with decryption support;
that only adds to the size of the archive.
@@ -286,7 +286,7 @@
from anywhere in the user's path. The situation is not known for AmigaDOS,
Atari TOS, MacOS, etc.
.PP
-As noted above, a number of the normal \fIunzip\fP(1L) functions have
+As noted above, a number of the normal \fIunzip\fP(1) functions have
been removed in order to make \fIunzipsfx\fP smaller: usage and diagnostic
info, listing functions and extraction to other directories. Also, only
stored and deflated files are supported. The latter limitation is mainly
@@ -303,17 +303,17 @@
defined as a ``debug hunk.'') There may be compatibility problems between
the ROM levels of older Amigas and newer ones.
.PP
-All current bugs in \fIunzip\fP(1L) exist in \fIunzipsfx\fP as well.
+All current bugs in \fIunzip\fP(1) exist in \fIunzipsfx\fP as well.
.PD
.\" =========================================================================
.SH DIAGNOSTICS
\fIunzipsfx\fP's exit status (error level) is identical to that of
-\fIunzip\fP(1L); see the corresponding man page.
+\fIunzip\fP(1); see the corresponding man page.
.PD
.\" =========================================================================
.SH "SEE ALSO"
-\fIfunzip\fP(1L), \fIunzip\fP(1L), \fIzip\fP(1L), \fIzipcloak\fP(1L),
-\fIzipgrep\fP(1L), \fIzipinfo\fP(1L), \fIzipnote\fP(1L), \fIzipsplit\fP(1L)
+\fIfunzip\fP(1), \fIunzip\fP(1), \fIzip\fP(1), \fIzipcloak\fP(1),
+\fIzipgrep\fP(1), \fIzipinfo\fP(1), \fIzipnote\fP(1), \fIzipsplit\fP(1)
.PD
.PD
.\" =========================================================================
@@ -330,7 +330,7 @@
.\" =========================================================================
.SH AUTHORS
Greg Roelofs was responsible for the basic modifications to UnZip necessary
-to create UnZipSFX. See \fIunzip\fP(1L) for the current list of Zip-Bugs
+to create UnZipSFX. See \fIunzip\fP(1) for the current list of Zip-Bugs
authors, or the file CONTRIBS in the UnZip source distribution for the
full list of Info-ZIP contributors.
.PD
--- a/man/zipgrep.1
+++ b/man/zipgrep.1
@@ -8,7 +8,7 @@
.\" zipgrep.1 by Greg Roelofs.
.\"
.\" =========================================================================
-.TH ZIPGREP 1L "20 April 2009" "Info-ZIP"
+.TH ZIPGREP 1 "20 April 2009" "Info-ZIP"
.SH NAME
zipgrep \- search files in a ZIP archive for lines matching a pattern
.PD
@@ -21,7 +21,7 @@
.SH DESCRIPTION
\fIzipgrep\fP will search files within a ZIP archive for lines matching
the given string or pattern. \fIzipgrep\fP is a shell script and requires
-\fIegrep\fP(1) and \fIunzip\fP(1L) to function. Its output is identical to
+\fIegrep\fP(1) and \fIunzip\fP(1) to function. Its output is identical to
that of \fIegrep\fP(1).
.PD
.\" =========================================================================
@@ -69,8 +69,8 @@
.PD
.\" =========================================================================
.SH "SEE ALSO"
-\fIegrep\fP(1), \fIunzip\fP(1L), \fIzip\fP(1L), \fIfunzip\fP(1L),
-\fIzipcloak\fP(1L), \fIzipinfo\fP(1L), \fIzipnote\fP(1L), \fIzipsplit\fP(1L)
+\fIegrep\fP(1), \fIunzip\fP(1), \fIzip\fP(1), \fIfunzip\fP(1),
+\fIzipcloak\fP(1), \fIzipinfo\fP(1), \fIzipnote\fP(1), \fIzipsplit\fP(1)
.PD
.\" =========================================================================
.SH URL
--- a/man/zipinfo.1
+++ b/man/zipinfo.1
@@ -34,7 +34,7 @@
.in -4n
..
.\" =========================================================================
-.TH ZIPINFO 1L "20 April 2009 (v3.0)" "Info-ZIP"
+.TH ZIPINFO 1 "20 April 2009 (v3.0)" "Info-ZIP"
.SH NAME
zipinfo \- list detailed information about a ZIP archive
.PD
@@ -272,7 +272,7 @@
Note that because of limitations in the MS-DOS format used to store file
times, the seconds field is always rounded to the nearest even second.
For Unix files this is expected to change in the next major releases of
-\fIzip\fP(1L) and \fIunzip\fP.
+\fIzip\fP(1) and \fIunzip\fP.
.PP
In addition to individual file information, a default zipfile listing
also includes header and trailer lines:
@@ -361,7 +361,7 @@
As suggested above, the default variable names are ZIPINFO_OPTS for VMS
(where the symbol used to install \fIzipinfo\fP as a foreign command
would otherwise be confused with the environment variable), and ZIPINFO
-for all other operating systems. For compatibility with \fIzip\fP(1L),
+for all other operating systems. For compatibility with \fIzip\fP(1),
ZIPINFOOPT is also accepted (don't ask). If both ZIPINFO and ZIPINFOOPT
are defined, however, ZIPINFO takes precedence. \fIunzip\fP's diagnostic
option (\fB\-v\fP with no zipfile name) can be used to check the values
@@ -496,8 +496,8 @@
.PP
.\" =========================================================================
.SH "SEE ALSO"
-\fIls\fP(1), \fIfunzip\fP(1L), \fIunzip\fP(1L), \fIunzipsfx\fP(1L),
-\fIzip\fP(1L), \fIzipcloak\fP(1L), \fIzipnote\fP(1L), \fIzipsplit\fP(1L)
+\fIls\fP(1), \fIfunzip\fP(1), \fIunzip\fP(1), \fIunzipsfx\fP(1),
+\fIzip\fP(1), \fIzipcloak\fP(1), \fIzipnote\fP(1), \fIzipsplit\fP(1)
.PD
.\" =========================================================================
.SH URL
================================================
From: Aurelien Jarno <aurel32@debian.org>
Subject: #include <unistd.h> for kFreeBSD
Bug-Debian: http://bugs.debian.org/340693
X-Debian-version: 5.52-8
--- a/unix/unxcfg.h
+++ b/unix/unxcfg.h
@@ -52,6 +52,7 @@
#include <sys/types.h> /* off_t, time_t, dev_t, ... */
#include <sys/stat.h>
+#include <unistd.h>
#ifdef NO_OFF_T
typedef long zoff_t;
================================================
From: Steven Schweda
Subject: Handle the PKWare verification bit of internal attributes
Bug-Debian: http://bugs.debian.org/630078
X-Debian-version: 6.0-5
--- a/process.c
+++ b/process.c
@@ -1729,6 +1729,13 @@
else if (uO.L_flag > 1) /* let -LL force lower case for all names */
G.pInfo->lcflag = 1;
+ /* Handle the PKWare verification bit, bit 2 (0x0004) of internal
+ attributes. If this is set, then a verification checksum is in the
+ first 3 bytes of the external attributes. In this case all we can use
+ for setting file attributes is the last external attributes byte. */
+ if (G.crec.internal_file_attributes & 0x0004)
+ G.crec.external_file_attributes &= (ulg)0xff;
+
/* do Amigas (AMIGA_) also have volume labels? */
if (IS_VOLID(G.crec.external_file_attributes) &&
(G.pInfo->hostnum == FS_FAT_ || G.pInfo->hostnum == FS_HPFS_ ||
================================================
From: sms
Subject: Restore uid and gid information when requested
Bug-Debian: http://bugs.debian.org/689212
X-Debian-version: 6.0-8
--- a/process.c
+++ b/process.c
@@ -2904,7 +2904,7 @@
#ifdef IZ_HAVE_UXUIDGID
if (eb_len >= EB_UX3_MINLEN
&& z_uidgid != NULL
- && (*((EB_HEADSIZE + 0) + ef_buf) == 1)
+ && (*((EB_HEADSIZE + 0) + ef_buf) == 1))
/* only know about version 1 */
{
uch uid_size;
@@ -2916,10 +2916,10 @@
flags &= ~0x0ff; /* ignore any previous UNIX field */
if ( read_ux3_value((EB_HEADSIZE + 2) + ef_buf,
- uid_size, z_uidgid[0])
+ uid_size, &z_uidgid[0])
&&
read_ux3_value((EB_HEADSIZE + uid_size + 3) + ef_buf,
- gid_size, z_uidgid[1]) )
+ gid_size, &z_uidgid[1]) )
{
flags |= EB_UX2_VALID; /* signal success */
}
================================================
From: Andreas Schwab <schwab@linux-m68k.org>
Subject: Initialize the symlink flag
Bug-Debian: http://bugs.debian.org/717029
X-Debian-version: 6.0-10
--- a/process.c
+++ b/process.c
@@ -1758,6 +1758,12 @@
= (G.crec.general_purpose_bit_flag & (1 << 11)) == (1 << 11);
#endif
+#ifdef SYMLINKS
+ /* Initialize the symlink flag, may be set by the platform-specific
+ mapattr function. */
+ G.pInfo->symlink = 0;
+#endif
+
return PK_COOL;
} /* end function process_cdir_file_hdr() */
================================================
From: sms
Subject: Increase size of cfactorstr array to avoid buffer overflow
Bug-Debian: http://bugs.debian.org/741384
X-Debian-version: 6.0-11
--- a/list.c
+++ b/list.c
@@ -97,7 +97,7 @@
{
int do_this_file=FALSE, cfactor, error, error_in_archive=PK_COOL;
#ifndef WINDLL
- char sgn, cfactorstr[10];
+ char sgn, cfactorstr[12];
int longhdr=(uO.vflag>1);
#endif
int date_format;
================================================
From: Santiago Vila <sanvila@debian.org>
Subject: zipinfo.c: Do not crash when hostver byte is >= 100
--- a/zipinfo.c
+++ b/zipinfo.c
@@ -2114,7 +2114,7 @@
else
attribs[9] = (xattr & UNX_ISVTX)? 'T' : '-'; /* T==undefined */
- sprintf(&attribs[12], "%u.%u", hostver/10, hostver%10);
+ sprintf(&attribs[11], "%2u.%u", hostver/10, hostver%10);
break;
} /* end switch (hostnum: external attributes format) */
================================================
From: sms
Subject: Fix CVE-2014-8139: CRC32 verification heap-based overflow
Bug-Debian: http://bugs.debian.org/773722
--- a/extract.c
+++ b/extract.c
@@ -1,5 +1,5 @@
/*
- Copyright (c) 1990-2009 Info-ZIP. All rights reserved.
+ Copyright (c) 1990-2014 Info-ZIP. All rights reserved.
See the accompanying file LICENSE, version 2009-Jan-02 or later
(the contents of which are also included in unzip.h) for terms of use.
@@ -298,6 +298,8 @@
#ifndef SFX
static ZCONST char Far InconsistEFlength[] = "bad extra-field entry:\n \
EF block length (%u bytes) exceeds remaining EF data (%u bytes)\n";
+ static ZCONST char Far TooSmallEBlength[] = "bad extra-field entry:\n \
+ EF block length (%u bytes) invalid (< %d)\n";
static ZCONST char Far InvalidComprDataEAs[] =
" invalid compressed data for EAs\n";
# if (defined(WIN32) && defined(NTSD_EAS))
@@ -2023,7 +2025,8 @@
ebID = makeword(ef);
ebLen = (unsigned)makeword(ef+EB_LEN);
- if (ebLen > (ef_len - EB_HEADSIZE)) {
+ if (ebLen > (ef_len - EB_HEADSIZE))
+ {
/* Discovered some extra field inconsistency! */
if (uO.qflag)
Info(slide, 1, ((char *)slide, "%-22s ",
@@ -2158,11 +2161,19 @@
}
break;
case EF_PKVMS:
- if (makelong(ef+EB_HEADSIZE) !=
+ if (ebLen < 4)
+ {
+ Info(slide, 1,
+ ((char *)slide, LoadFarString(TooSmallEBlength),
+ ebLen, 4));
+ }
+ else if (makelong(ef+EB_HEADSIZE) !=
crc32(CRCVAL_INITIAL, ef+(EB_HEADSIZE+4),
(extent)(ebLen-4)))
+ {
Info(slide, 1, ((char *)slide,
LoadFarString(BadCRC_EAs)));
+ }
break;
case EF_PKW32:
case EF_PKUNIX:
================================================
From: sms
Subject: Fix CVE-2014-8140: out-of-bounds write issue in test_compr_eb()
Bug-Debian: http://bugs.debian.org/773722
--- a/extract.c
+++ b/extract.c
@@ -2232,10 +2232,17 @@
if (compr_offset < 4) /* field is not compressed: */
return PK_OK; /* do nothing and signal OK */
+ /* Return no/bad-data error status if any problem is found:
+ * 1. eb_size is too small to hold the uncompressed size
+ * (eb_ucsize). (Else extract eb_ucsize.)
+ * 2. eb_ucsize is zero (invalid). 2014-12-04 SMS.
+ * 3. eb_ucsize is positive, but eb_size is too small to hold
+ * the compressed data header.
+ */
if ((eb_size < (EB_UCSIZE_P + 4)) ||
- ((eb_ucsize = makelong(eb+(EB_HEADSIZE+EB_UCSIZE_P))) > 0L &&
- eb_size <= (compr_offset + EB_CMPRHEADLEN)))
- return IZ_EF_TRUNC; /* no compressed data! */
+ ((eb_ucsize = makelong( eb+ (EB_HEADSIZE+ EB_UCSIZE_P))) == 0L) ||
+ ((eb_ucsize > 0L) && (eb_size <= (compr_offset + EB_CMPRHEADLEN))))
+ return IZ_EF_TRUNC; /* no/bad compressed data! */
if (
#ifdef INT_16BIT
================================================
From: sms
Subject: Fix CVE-2014-8141: out-of-bounds read issues in getZip64Data()
Bug-Debian: http://bugs.debian.org/773722
--- a/fileio.c
+++ b/fileio.c
@@ -176,6 +176,8 @@
#endif
static ZCONST char Far ExtraFieldTooLong[] =
"warning: extra field too long (%d). Ignoring...\n";
+static ZCONST char Far ExtraFieldCorrupt[] =
+ "warning: extra field (type: 0x%04x) corrupt. Continuing...\n";
#ifdef WINDLL
static ZCONST char Far DiskFullQuery[] =
@@ -2295,7 +2297,12 @@
if (readbuf(__G__ (char *)G.extra_field, length) == 0)
return PK_EOF;
/* Looks like here is where extra fields are read */
- getZip64Data(__G__ G.extra_field, length);
+ if (getZip64Data(__G__ G.extra_field, length) != PK_COOL)
+ {
+ Info(slide, 0x401, ((char *)slide,
+ LoadFarString( ExtraFieldCorrupt), EF_PKSZ64));
+ error = PK_WARN;
+ }
#ifdef UNICODE_SUPPORT
G.unipath_filename = NULL;
if (G.UzO.U_flag < 2) {
--- a/process.c
+++ b/process.c
@@ -1,5 +1,5 @@
/*
- Copyright (c) 1990-2009 Info-ZIP. All rights reserved.
+ Copyright (c) 1990-2014 Info-ZIP. All rights reserved.
See the accompanying file LICENSE, version 2009-Jan-02 or later
(the contents of which are also included in unzip.h) for terms of use.
@@ -1901,48 +1901,82 @@
and a 4-byte version of disk start number.
Sets both local header and central header fields. Not terribly clever,
but it means that this procedure is only called in one place.
+
+ 2014-12-05 SMS.
+ Added checks to ensure that enough data are available before calling
+ makeint64() or makelong(). Replaced various sizeof() values with
+ simple ("4" or "8") constants. (The Zip64 structures do not depend
+ on our variable sizes.) Error handling is crude, but we should now
+ stay within the buffer.
---------------------------------------------------------------------------*/
+#define Z64FLGS 0xffff
+#define Z64FLGL 0xffffffff
+
if (ef_len == 0 || ef_buf == NULL)
return PK_COOL;
Trace((stderr,"\ngetZip64Data: scanning extra field of length %u\n",
ef_len));
- while (ef_len >= EB_HEADSIZE) {
+ while (ef_len >= EB_HEADSIZE)
+ {
eb_id = makeword(EB_ID + ef_buf);
eb_len = makeword(EB_LEN + ef_buf);
- if (eb_len > (ef_len - EB_HEADSIZE)) {
- /* discovered some extra field inconsistency! */
+ if (eb_len > (ef_len - EB_HEADSIZE))
+ {
+ /* Extra block length exceeds remaining extra field length. */
Trace((stderr,
"getZip64Data: block length %u > rest ef_size %u\n", eb_len,
ef_len - EB_HEADSIZE));
break;
}
- if (eb_id == EF_PKSZ64) {
-
+ if (eb_id == EF_PKSZ64)
+ {
int offset = EB_HEADSIZE;
- if (G.crec.ucsize == 0xffffffff || G.lrec.ucsize == 0xffffffff){
- G.lrec.ucsize = G.crec.ucsize = makeint64(offset + ef_buf);
- offset += sizeof(G.crec.ucsize);
+ if ((G.crec.ucsize == Z64FLGL) || (G.lrec.ucsize == Z64FLGL))
+ {
+ if (offset+ 8 > ef_len)
+ return PK_ERR;
+
+ G.crec.ucsize = G.lrec.ucsize = makeint64(offset + ef_buf);
+ offset += 8;
}
- if (G.crec.csize == 0xffffffff || G.lrec.csize == 0xffffffff){
- G.csize = G.lrec.csize = G.crec.csize = makeint64(offset + ef_buf);
- offset += sizeof(G.crec.csize);
+
+ if ((G.crec.csize == Z64FLGL) || (G.lrec.csize == Z64FLGL))
+ {
+ if (offset+ 8 > ef_len)
+ return PK_ERR;
+
+ G.csize = G.crec.csize = G.lrec.csize = makeint64(offset + ef_buf);
+ offset += 8;
}
- if (G.crec.relative_offset_local_header == 0xffffffff){
+
+ if (G.crec.relative_offset_local_header == Z64FLGL)
+ {
+ if (offset+ 8 > ef_len)
+ return PK_ERR;
+
G.crec.relative_offset_local_header = makeint64(offset + ef_buf);
- offset += sizeof(G.crec.relative_offset_local_header);
+ offset += 8;
}
- if (G.crec.disk_number_start == 0xffff){
+
+ if (G.crec.disk_number_start == Z64FLGS)
+ {
+ if (offset+ 4 > ef_len)
+ return PK_ERR;
+
G.crec.disk_number_start = (zuvl_t)makelong(offset + ef_buf);
- offset += sizeof(G.crec.disk_number_start);
+ offset += 4;
}
+#if 0
+ break; /* Expect only one EF_PKSZ64 block. */
+#endif /* 0 */
}
- /* Skip this extra field block */
+ /* Skip this extra field block. */
ef_buf += (eb_len + EB_HEADSIZE);
ef_len -= (eb_len + EB_HEADSIZE);
}
================================================
From: mancha <mancha1 AT zoho DOT com>
Date: Mon, 3 Nov 2014
Subject: Info-ZIP UnZip buffer overflow
Bug-Debian: http://bugs.debian.org/776589
By carefully crafting a corrupt ZIP archive with "extra fields" that
purport to have compressed blocks larger than the corresponding
uncompressed blocks in STORED no-compression mode, an attacker can
trigger a heap overflow that can result in application crash or
possibly have other unspecified impact.
This patch ensures that when extra fields use STORED mode, the
"compressed" and uncompressed block sizes match.
--- a/extract.c
+++ b/extract.c
@@ -2228,6 +2228,7 @@
ulg eb_ucsize;
uch *eb_ucptr;
int r;
+ ush eb_compr_method;
if (compr_offset < 4) /* field is not compressed: */
return PK_OK; /* do nothing and signal OK */
@@ -2244,6 +2245,14 @@
((eb_ucsize > 0L) && (eb_size <= (compr_offset + EB_CMPRHEADLEN))))
return IZ_EF_TRUNC; /* no/bad compressed data! */
+ /* 2014-11-03 Michal Zalewski, SMS.
+ * For STORE method, compressed and uncompressed sizes must agree.
+ * http://www.info-zip.org/phpBB3/viewtopic.php?f=7&t=450
+ */
+ eb_compr_method = makeword( eb + (EB_HEADSIZE + compr_offset));
+ if ((eb_compr_method == STORED) && (eb_size - compr_offset != eb_ucsize))
+ return PK_ERR;
+
if (
#ifdef INT_16BIT
(((ulg)(extent)eb_ucsize) != eb_ucsize) ||
================================================
From: Jérémy Bobbio <lunar@debian.org>
Subject: Remove build date
Bug-Debian: http://bugs.debian.org/782851
In order to make unzip build reproducibly, we remove the
(already optional) build date from the binary.
--- a/unix/unix.c
+++ b/unix/unix.c
@@ -1705,7 +1705,7 @@
#endif /* Sun */
#endif /* SGI */
-#ifdef __DATE__
+#if 0
" on ", __DATE__
#else
"", ""
================================================
From: Petr Stodulka <pstodulk@redhat.com>
Date: Mon, 14 Sep 2015 18:23:17 +0200
Subject: Upstream fix for heap overflow
Bug-Debian: https://bugs.debian.org/802162
Bug-RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=1260944
Origin: https://bugzilla.redhat.com/attachment.cgi?id=1073002
Forwarded: yes
---
crypt.c | 12 +++++++++++-
1 file changed, 11 insertions(+), 1 deletion(-)
--- a/crypt.c
+++ b/crypt.c
@@ -465,7 +465,17 @@
GLOBAL(pInfo->encrypted) = FALSE;
defer_leftover_input(__G);
for (n = 0; n < RAND_HEAD_LEN; n++) {
- b = NEXTBYTE;
+ /* 2012-11-23 SMS. (OUSPG report.)
+ * Quit early if compressed size < HEAD_LEN. The resulting
+ * error message ("unable to get password") could be improved,
+ * but it's better than trying to read nonexistent data, and
+ * then continuing with a negative G.csize. (See
+ * fileio.c:readbyte()).
+ */
+ if ((b = NEXTBYTE) == (ush)EOF)
+ {
+ return PK_ERR;
+ }
h[n] = (uch)b;
Trace((stdout, " (%02x)", h[n]));
}
================================================
From: Kamil Dudka <kdudka@redhat.com>
Date: Mon, 14 Sep 2015 18:24:56 +0200
Subject: fix infinite loop when extracting empty bzip2 data
Bug-Debian: https://bugs.debian.org/802160
Bug-RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=1260944
Origin: other, https://bugzilla.redhat.com/attachment.cgi?id=1073339
---
extract.c | 6 ++++++
1 file changed, 6 insertions(+)
--- a/extract.c
+++ b/extract.c
@@ -2728,6 +2728,12 @@
int repeated_buf_err;
bz_stream bstrm;
+ if (G.incnt <= 0 && G.csize <= 0L) {
+ /* avoid an infinite loop */
+ Trace((stderr, "UZbunzip2() got empty input\n"));
+ return 2;
+ }
+
#if (defined(DLL) && !defined(NO_SLIDE_REDIR))
if (G.redirect_slide)
wsize = G.redirect_size, redirSlide = G.redirect_buffer;
================================================
From: Kamil Dudka <kdudka@redhat.com>
Date: Tue, 22 Sep 2015 18:52:23 +0200
Subject: [PATCH] extract: prevent unsigned overflow on invalid input
Origin: other, https://bugzilla.redhat.com/attachment.cgi?id=1075942
Bug-RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=1260944
Suggested-by: Stefan Cornelius
---
extract.c | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)
--- a/extract.c
+++ b/extract.c
@@ -1257,8 +1257,17 @@
if (G.lrec.compression_method == STORED) {
zusz_t csiz_decrypted = G.lrec.csize;
- if (G.pInfo->encrypted)
+ if (G.pInfo->encrypted) {
+ if (csiz_decrypted < 12) {
+ /* handle the error now to prevent unsigned overflow */
+ Info(slide, 0x401, ((char *)slide,
+ LoadFarStringSmall(ErrUnzipNoFile),
+ LoadFarString(InvalidComprData),
+ LoadFarStringSmall2(Inflate)));
+ return PK_ERR;
+ }
csiz_decrypted -= 12;
+ }
if (G.lrec.ucsize != csiz_decrypted) {
Info(slide, 0x401, ((char *)slide,
LoadFarStringSmall2(WrnStorUCSizCSizDiff),
================================================
From: Giovanni Scafora <giovanni.archlinux.org>
Subject: unzip files encoded with non-latin, non-unicode file names
Last-Update: 2015-02-11
Updated 2015-02-11 by Marc Deslauriers <marc.deslauriers@canonical.com>
to fix buffer overflow in charset_to_intern()
Index: unzip-6.0/unix/unix.c
===================================================================
--- unzip-6.0.orig/unix/unix.c 2015-02-11 08:46:43.675324290 -0500
+++ unzip-6.0/unix/unix.c 2015-02-11 09:18:04.902081319 -0500
@@ -30,6 +30,9 @@
#define UNZIP_INTERNAL
#include "unzip.h"
+#include <iconv.h>
+#include <langinfo.h>
+
#ifdef SCO_XENIX
# define SYSNDIR
#else /* SCO Unix, AIX, DNIX, TI SysV, Coherent 4.x, ... */
@@ -1874,3 +1877,102 @@
}
}
#endif /* QLZIP */
+
+
+typedef struct {
+ char *local_charset;
+ char *archive_charset;
+} CHARSET_MAP;
+
+/* A mapping of local <-> archive charsets used by default to convert filenames
+ * of DOS/Windows Zip archives. Currently very basic. */
+static CHARSET_MAP dos_charset_map[] = {
+ { "ANSI_X3.4-1968", "CP850" },
+ { "ISO-8859-1", "CP850" },
+ { "CP1252", "CP850" },
+ { "UTF-8", "CP866" },
+ { "KOI8-R", "CP866" },
+ { "KOI8-U", "CP866" },
+ { "ISO-8859-5", "CP866" }
+};
+
+char OEM_CP[MAX_CP_NAME] = "";
+char ISO_CP[MAX_CP_NAME] = "";
+
+/* Try to guess the default value of OEM_CP based on the current locale.
+ * ISO_CP is left alone for now. */
+void init_conversion_charsets()
+{
+ const char *local_charset;
+ int i;
+
+ /* Make a guess only if OEM_CP not already set. */
+ if(*OEM_CP == '\0') {
+ local_charset = nl_langinfo(CODESET);
+ for(i = 0; i < sizeof(dos_charset_map)/sizeof(CHARSET_MAP); i++)
+ if(!strcasecmp(local_charset, dos_charset_map[i].local_charset)) {
+ strncpy(OEM_CP, dos_charset_map[i].archive_charset,
+ sizeof(OEM_CP));
+ break;
+ }
+ }
+}
+
+/* Convert a string from one encoding to the current locale using iconv().
+ * Be as non-intrusive as possible. If error is encountered during covertion
+ * just leave the string intact. */
+static void charset_to_intern(char *string, char *from_charset)
+{
+ iconv_t cd;
+ char *s,*d, *buf;
+ size_t slen, dlen, buflen;
+ const char *local_charset;
+
+ if(*from_charset == '\0')
+ return;
+
+ buf = NULL;
+ local_charset = nl_langinfo(CODESET);
+
+ if((cd = iconv_open(local_charset, from_charset)) == (iconv_t)-1)
+ return;
+
+ slen = strlen(string);
+ s = string;
+
+ /* Make sure OUTBUFSIZ + 1 never ends up smaller than FILNAMSIZ
+ * as this function also gets called with G.outbuf in fileio.c
+ */
+ buflen = FILNAMSIZ;
+ if (OUTBUFSIZ + 1 < FILNAMSIZ)
+ {
+ buflen = OUTBUFSIZ + 1;
+ }
+
+ d = buf = malloc(buflen);
+ if(!d)
+ goto cleanup;
+
+ bzero(buf,buflen);
+ dlen = buflen - 1;
+
+ if(iconv(cd, &s, &slen, &d, &dlen) == (size_t)-1)
+ goto cleanup;
+ strncpy(string, buf, buflen);
+
+ cleanup:
+ free(buf);
+ iconv_close(cd);
+}
+
+/* Convert a string from OEM_CP to the current locale charset. */
+inline void oem_intern(char *string)
+{
+ charset_to_intern(string, OEM_CP);
+}
+
+/* Convert a string from ISO_CP to the current locale charset. */
+inline void iso_intern(char *string)
+{
+ charset_to_intern(string, ISO_CP);
+}
Index: unzip-6.0/unix/unxcfg.h
===================================================================
--- unzip-6.0.orig/unix/unxcfg.h 2015-02-11 08:46:43.675324290 -0500
+++ unzip-6.0/unix/unxcfg.h 2015-02-11 08:46:43.671324260 -0500
@@ -228,4 +228,30 @@
/* wild_dir, dirname, wildname, matchname[], dirnamelen, have_dirname, */
/* and notfirstcall are used by do_wild(). */
+
+#define MAX_CP_NAME 25
+
+#ifdef SETLOCALE
+# undef SETLOCALE
+#endif
+#define SETLOCALE(category, locale) setlocale(category, locale)
+#include <locale.h>
+
+#ifdef _ISO_INTERN
+# undef _ISO_INTERN
+#endif
+#define _ISO_INTERN(str1) iso_intern(str1)
+
+#ifdef _OEM_INTERN
+# undef _OEM_INTERN
+#endif
+#ifndef IZ_OEM2ISO_ARRAY
+# define IZ_OEM2ISO_ARRAY
+#endif
+#define _OEM_INTERN(str1) oem_intern(str1)
+
+void iso_intern(char *);
+void oem_intern(char *);
+void init_conversion_charsets(void);
+
#endif /* !__unxcfg_h */
Index: unzip-6.0/unzip.c
===================================================================
--- unzip-6.0.orig/unzip.c 2015-02-11 08:46:43.675324290 -0500
+++ unzip-6.0/unzip.c 2015-02-11 08:46:43.675324290 -0500
@@ -327,11 +327,21 @@
-2 just filenames but allow -h/-t/-z -l long Unix \"ls -l\" format\n\
-v verbose, multi-page format\n";
+#ifndef UNIX
static ZCONST char Far ZipInfoUsageLine3[] = "miscellaneous options:\n\
-h print header line -t print totals for listed files or for all\n\
-z print zipfile comment -T print file times in sortable decimal format\
\n -C be case-insensitive %s\
-x exclude filenames that follow from listing\n";
+#else /* UNIX */
+static ZCONST char Far ZipInfoUsageLine3[] = "miscellaneous options:\n\
+ -h print header line -t print totals for listed files or for all\n\
+ -z print zipfile comment %c-T%c print file times in sortable decimal format\
+\n %c-C%c be case-insensitive %s\
+ -x exclude filenames that follow from listing\n\
+ -O CHARSET specify a character encoding for DOS, Windows and OS/2 archives\n\
+ -I CHARSET specify a character encoding for UNIX and other archives\n";
+#endif /* !UNIX */
#ifdef MORE
static ZCONST char Far ZipInfoUsageLine4[] =
" -M page output through built-in \"more\"\n";
@@ -664,6 +674,17 @@
-U use escapes for all non-ASCII Unicode -UU ignore any Unicode fields\n\
-C match filenames case-insensitively -L make (some) names \
lowercase\n %-42s -V retain VMS version numbers\n%s";
+#elif (defined UNIX)
+static ZCONST char Far UnzipUsageLine4[] = "\
+modifiers:\n\
+ -n never overwrite existing files -q quiet mode (-qq => quieter)\n\
+ -o overwrite files WITHOUT prompting -a auto-convert any text files\n\
+ -j junk paths (do not make directories) -aa treat ALL files as text\n\
+ -U use escapes for all non-ASCII Unicode -UU ignore any Unicode fields\n\
+ -C match filenames case-insensitively -L make (some) names \
+lowercase\n %-42s -V retain VMS version numbers\n%s\
+ -O CHARSET specify a character encoding for DOS, Windows and OS/2 archives\n\
+ -I CHARSET specify a character encoding for UNIX and other archives\n\n";
#else /* !VMS */
static ZCONST char Far UnzipUsageLine4[] = "\
modifiers:\n\
@@ -802,6 +823,10 @@
#endif /* UNICODE_SUPPORT */
+#ifdef UNIX
+ init_conversion_charsets();
+#endif
+
#if (defined(__IBMC__) && defined(__DEBUG_ALLOC__))
extern void DebugMalloc(void);
@@ -1335,6 +1360,11 @@
argc = *pargc;
argv = *pargv;
+#ifdef UNIX
+ extern char OEM_CP[MAX_CP_NAME];
+ extern char ISO_CP[MAX_CP_NAME];
+#endif
+
while (++argv, (--argc > 0 && *argv != NULL && **argv == '-')) {
s = *argv + 1;
while ((c = *s++) != 0) { /* "!= 0": prevent Turbo C warning */
@@ -1516,6 +1546,35 @@
}
break;
#endif /* MACOS */
+#ifdef UNIX
+ case ('I'):
+ if (negative) {
+ Info(slide, 0x401, ((char *)slide,
+ "error: encodings can't be negated"));
+ return(PK_PARAM);
+ } else {
+ if(*s) { /* Handle the -Icharset case */
+ /* Assume that charsets can't start with a dash to spot arguments misuse */
+ if(*s == '-') {
+ Info(slide, 0x401, ((char *)slide,
+ "error: a valid character encoding should follow the -I argument"));
+ return(PK_PARAM);
+ }
+ strncpy(ISO_CP, s, sizeof(ISO_CP));
+ } else { /* -I charset */
+ ++argv;
+ if(!(--argc > 0 && *argv != NULL && **argv != '-')) {
+ Info(slide, 0x401, ((char *)slide,
+ "error: a valid character encoding should follow the -I argument"));
+ return(PK_PARAM);
+ }
+ s = *argv;
+ strncpy(ISO_CP, s, sizeof(ISO_CP));
+ }
+ while(*(++s)); /* No params straight after charset name */
+ }
+ break;
+#endif /* ?UNIX */
case ('j'): /* junk pathnames/directory structure */
if (negative)
uO.jflag = FALSE, negative = 0;
@@ -1591,6 +1650,35 @@
} else
++uO.overwrite_all;
break;
+#ifdef UNIX
+ case ('O'):
+ if (negative) {
+ Info(slide, 0x401, ((char *)slide,
+ "error: encodings can't be negated"));
+ return(PK_PARAM);
+ } else {
+ if(*s) { /* Handle the -Ocharset case */
+ /* Assume that charsets can't start with a dash to spot arguments misuse */
+ if(*s == '-') {
+ Info(slide, 0x401, ((char *)slide,
+ "error: a valid character encoding should follow the -I argument"));
+ return(PK_PARAM);
+ }
+ strncpy(OEM_CP, s, sizeof(OEM_CP));
+ } else { /* -O charset */
+ ++argv;
+ if(!(--argc > 0 && *argv != NULL && **argv != '-')) {
+ Info(slide, 0x401, ((char *)slide,
+ "error: a valid character encoding should follow the -O argument"));
+ return(PK_PARAM);
+ }
+ s = *argv;
+ strncpy(OEM_CP, s, sizeof(OEM_CP));
+ }
+ while(*(++s)); /* No params straight after charset name */
+ }
+ break;
+#endif /* ?UNIX */
case ('p'): /* pipes: extract to stdout, no messages */
if (negative) {
uO.cflag = FALSE;
Index: unzip-6.0/unzpriv.h
===================================================================
--- unzip-6.0.orig/unzpriv.h 2015-02-11 08:46:43.675324290 -0500
+++ unzip-6.0/unzpriv.h 2015-02-11 08:46:43.675324290 -0500
@@ -3008,7 +3008,7 @@
!(((islochdr) || (isuxatt)) && \
((hostver) == 25 || (hostver) == 26 || (hostver) == 40))) || \
(hostnum) == FS_HPFS_ || \
- ((hostnum) == FS_NTFS_ && (hostver) == 50)) { \
+ ((hostnum) == FS_NTFS_ /* && (hostver) == 50 */ )) { \
_OEM_INTERN((string)); \
} else { \
_ISO_INTERN((string)); \
Index: unzip-6.0/zipinfo.c
===================================================================
--- unzip-6.0.orig/zipinfo.c 2015-02-11 08:46:43.675324290 -0500
+++ unzip-6.0/zipinfo.c 2015-02-11 08:46:43.675324290 -0500
@@ -457,6 +457,10 @@
int tflag_slm=TRUE, tflag_2v=FALSE;
int explicit_h=FALSE, explicit_t=FALSE;
+#ifdef UNIX
+ extern char OEM_CP[MAX_CP_NAME];
+ extern char ISO_CP[MAX_CP_NAME];
+#endif
#ifdef MACOS
uO.lflag = LFLAG; /* reset default on each call */
@@ -501,6 +505,35 @@
uO.lflag = 0;
}
break;
+#ifdef UNIX
+ case ('I'):
+ if (negative) {
+ Info(slide, 0x401, ((char *)slide,
+ "error: encodings can't be negated"));
+ return(PK_PARAM);
+ } else {
+ if(*s) { /* Handle the -Icharset case */
+ /* Assume that charsets can't start with a dash to spot arguments misuse */
+ if(*s == '-') {
+ Info(slide, 0x401, ((char *)slide,
+ "error: a valid character encoding should follow the -I argument"));
+ return(PK_PARAM);
+ }
+ strncpy(ISO_CP, s, sizeof(ISO_CP));
+ } else { /* -I charset */
+ ++argv;
+ if(!(--argc > 0 && *argv != NULL && **argv != '-')) {
+ Info(slide, 0x401, ((char *)slide,
+ "error: a valid character encoding should follow the -I argument"));
+ return(PK_PARAM);
+ }
+ s = *argv;
+ strncpy(ISO_CP, s, sizeof(ISO_CP));
+ }
+ while(*(++s)); /* No params straight after charset name */
+ }
+ break;
+#endif /* ?UNIX */
case 'l': /* longer form of "ls -l" type listing */
if (negative)
uO.lflag = -2, negative = 0;
@@ -521,6 +554,35 @@
G.M_flag = TRUE;
break;
#endif
+#ifdef UNIX
+ case ('O'):
+ if (negative) {
+ Info(slide, 0x401, ((char *)slide,
+ "error: encodings can't be negated"));
+ return(PK_PARAM);
+ } else {
+ if(*s) { /* Handle the -Ocharset case */
+ /* Assume that charsets can't start with a dash to spot arguments misuse */
+ if(*s == '-') {
+ Info(slide, 0x401, ((char *)slide,
+ "error: a valid character encoding should follow the -I argument"));
+ return(PK_PARAM);
+ }
+ strncpy(OEM_CP, s, sizeof(OEM_CP));
+ } else { /* -O charset */
+ ++argv;
+ if(!(--argc > 0 && *argv != NULL && **argv != '-')) {
+ Info(slide, 0x401, ((char *)slide,
+ "error: a valid character encoding should follow the -O argument"));
+ return(PK_PARAM);
+ }
+ s = *argv;
+ strncpy(OEM_CP, s, sizeof(OEM_CP));
+ }
+ while(*(++s)); /* No params straight after charset name */
+ }
+ break;
+#endif /* ?UNIX */
case 's': /* default: shorter "ls -l" type listing */
if (negative)
uO.lflag = -2, negative = 0;
================================================
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment