From e0ebd919802540c6bcdd678c110d41c624a74d6142ed5a57286dcfecdaafc1c5 Mon Sep 17 00:00:00 2001
From: Torsten Duwe <duwe@suse.com>
Date: Fri, 16 May 2014 13:18:31 +0000
Subject: [PATCH] Accepting request 234303 from home:duwe:branches:filesystems

- update to 4.3:
	- unsquashfs: add checks for corrupted data in opendir functions
	- unsquashfs: completely empty filesystems incorrectly generate an error
	- unsquashfs: fix open file limit
	- mksquashfs: Use linked list to store directory entries rather
	- mksquashfs: Remove qsort and add a bottom up linked list merge sort
	- mksquashfs: optimise lookup_inode2() for dirs
	- pseudo: fix handling of modify pseudo files
	- pseudo: fix handling of directory pseudo files
	- xattr: Fix ERROR() so that it is synchronised with the progress bar
	- mksquashfs/sort: Fix INFO() so that it is synced with the progress bar
	- mksquashfs: Add -progress to force progress bar when using -info
	- error.h: consolidate the various error macros into one header file
	- mksquashfs: fix stack overflow in write_fragment_table()
	- mksquashfs: move list allocation from off the stack
	- unsquashfs: fix oversight in directory permission setting
	- mksquashfs: dynamically allocate recovery_file
	- mksquashfs: dynamically allocate buffer in subpathname()
	- mksquashfs: dynamically allocate buffer in pathname()
	- unsquashfs: fix CVE-2012-4024
	- unsquashfs: fix CVE-2012-4025
	- mksquashfs: fix potential stack overflow in get_component()
	- mksquashfs: add parse_number() helper for numeric command line options
	- mksquasfs: check return value of fstat() in reader_read_file()
	- mksquashfs: dynamically allocate filename in old_add_exclude()
	- unsquashfs: dynamically allocate pathname in dir_scan()
	- unsquashfs: dynamically allocate pathname in pre_scan()
	- sort: dynamically allocate filename in add_sort_list()
	- mksquashfs: fix dir_scan() exit if lstat of source directory fails
	- pseudo: fix memory leak in read_pseudo_def() if exec_file() fails

OBS-URL: https://build.opensuse.org/request/show/234303
OBS-URL: https://build.opensuse.org/package/show/filesystems/squashfs?expand=0&rev=18
---
 squashfs-64k.patch | 28 ++++++-------
 squashfs.changes   | 97 ++++++++++++++++++++++++++++++++++++++++++++++
 squashfs.spec      |  6 +--
 squashfs4.2.tar.gz |  3 --
 squashfs4.3.tar.gz |  3 ++
 5 files changed, 117 insertions(+), 20 deletions(-)
 delete mode 100644 squashfs4.2.tar.gz
 create mode 100644 squashfs4.3.tar.gz

diff --git a/squashfs-64k.patch b/squashfs-64k.patch
index b64d717..7be5863 100644
--- a/squashfs-64k.patch
+++ b/squashfs-64k.patch
@@ -1,17 +1,8 @@
---- squashfs-tools/mksquashfs.c.orig	2011-11-03 19:57:06.000000000 +0100
-+++ squashfs-tools/mksquashfs.c	2011-11-03 19:58:50.000000000 +0100
-@@ -4871,7 +4871,7 @@
- 			ERROR("-force-uid uid\t\tset all file uids to uid\n");
- 			ERROR("-force-gid gid\t\tset all file gids to gid\n");
- 			ERROR("-nopad\t\t\tdo not pad filesystem to a multiple "
--				"of 4K\n");
-+				"of 64K\n");
- 			ERROR("-keep-as-directory\tif one source directory is "
- 				"specified, create a root\n");
- 			ERROR("\t\t\tdirectory containing that directory, "
-@@ -5339,9 +5339,9 @@
- 	SQUASHFS_INSWAP_SUPER_BLOCK(&sBlk); 
- 	write_destination(fd, SQUASHFS_START, sizeof(sBlk), &sBlk);
+--- squashfs4.3/squashfs-tools/mksquashfs.c.orig	2014-05-13 00:18:20.000000000 +0200
++++ squashfs4.3/squashfs-tools/mksquashfs.c	2014-05-16 14:59:30.802144932 +0200
+@@ -4674,9 +4674,9 @@ void write_filesystem_tables(struct squa
+ 	SQUASHFS_INSWAP_SUPER_BLOCK(sBlk); 
+ 	write_destination(fd, SQUASHFS_START, sizeof(*sBlk), sBlk);
  
 -	if(!nopad && (i = bytes & (4096 - 1))) {
 -		char temp[4096] = {0};
@@ -22,3 +13,12 @@
  	}
  
  	close(fd);
+@@ -5309,7 +5309,7 @@ printOptions:
+ 			ERROR("-force-uid uid\t\tset all file uids to uid\n");
+ 			ERROR("-force-gid gid\t\tset all file gids to gid\n");
+ 			ERROR("-nopad\t\t\tdo not pad filesystem to a multiple "
+-				"of 4K\n");
++				"of 64K\n");
+ 			ERROR("-keep-as-directory\tif one source directory is "
+ 				"specified, create a root\n");
+ 			ERROR("\t\t\tdirectory containing that directory, "
diff --git a/squashfs.changes b/squashfs.changes
index f3a8ef7..342adae 100644
--- a/squashfs.changes
+++ b/squashfs.changes
@@ -1,3 +1,100 @@
+-------------------------------------------------------------------
+Fri May 16 13:09:05 UTC 2014 - duwe@suse.com
+
+- update to 4.3:
+	- unsquashfs: add checks for corrupted data in opendir functions
+	- unsquashfs: completely empty filesystems incorrectly generate an error
+	- unsquashfs: fix open file limit
+	- mksquashfs: Use linked list to store directory entries rather
+	- mksquashfs: Remove qsort and add a bottom up linked list merge sort
+	- mksquashfs: optimise lookup_inode2() for dirs
+	- pseudo: fix handling of modify pseudo files
+	- pseudo: fix handling of directory pseudo files
+	- xattr: Fix ERROR() so that it is synchronised with the progress bar
+	- mksquashfs/sort: Fix INFO() so that it is synced with the progress bar
+	- mksquashfs: Add -progress to force progress bar when using -info
+	- error.h: consolidate the various error macros into one header file
+	- mksquashfs: fix stack overflow in write_fragment_table()
+	- mksquashfs: move list allocation from off the stack
+	- unsquashfs: fix oversight in directory permission setting
+	- mksquashfs: dynamically allocate recovery_file
+	- mksquashfs: dynamically allocate buffer in subpathname()
+	- mksquashfs: dynamically allocate buffer in pathname()
+	- unsquashfs: fix CVE-2012-4024
+	- unsquashfs: fix CVE-2012-4025
+	- mksquashfs: fix potential stack overflow in get_component()
+	- mksquashfs: add parse_number() helper for numeric command line options
+	- mksquasfs: check return value of fstat() in reader_read_file()
+	- mksquashfs: dynamically allocate filename in old_add_exclude()
+	- unsquashfs: dynamically allocate pathname in dir_scan()
+	- unsquashfs: dynamically allocate pathname in pre_scan()
+	- sort: dynamically allocate filename in add_sort_list()
+	- mksquashfs: fix dir_scan() exit if lstat of source directory fails
+	- pseudo: fix memory leak in read_pseudo_def() if exec_file() fails
+	- pseudo: dynamically allocate path in dump_pseudo()
+	- mksquashfs: dynamically allocate path in display_path2()
+	- mksquashfs: dynamically allocate b_buffer in getbase()
+	- pseudo: fix potential stack overflow in get_component()
+	- pseudo: avoid buffer overflow in read_pseudo_def() using sscanf()
+	- pseudo: dynamically allocate filename in exec_file()
+	- pseudo: avoid buffer overflow in read_sort_file() using fscanf()
+	- sort: tighten up sort file parsing
+	- unsquashfs: fix name under-allocation in process_extract_files()
+	- unsquashfs: avoid buffer overflow in print_filename() using sprintf()
+	- Fix some limits in the file parsing routines
+	- pseudo: Rewrite pseudo file processing
+	- read_fs: fix small memory leaks in read_filesystem()
+	- mksquashfs: fix fclose leak in reader_read_file() on I/O error
+	- mksquashfs: fix frag struct leak in write_file_{process|blocks|frag}
+	- unsquashfs_xattr: fix memory leak in write_xattr()
+	- read_xattrs: fix xattr free in get_xattr() in error path
+	- unsquashfs: add -user-xattrs option to only extract user.xxx xattrs
+	- unsquashfs: add code to only print "not superuser" error message once
+	- unsquashfs: check for integer overflow in user input
+	- mksquashfs: check for integer overflow in user input
+	- mksquashfs: fix "new" variable leak in dir_scan1()
+	- read_fs: prevent buffer {over|under}flow in read_block() with
+	  corrupted filesystems
+	- read_fs: check metadata blocks are expected size in scan_inode_table()
+	- read_fs: check the root inode block is found in scan_inode_table()
+	- read_fs: Further harden scan_inode_table() against corrupted
+	  filesystems
+	- unsquashfs: prevent buffer {over|under}flow in read_block() with
+	  corrupted filesystems
+	- read_xattrs: harden xattr data reading against corrupted filesystems
+	- unsquash-[23]: harden frag table reading against corrupted filesystems
+	- unsquash-4.c: harden uid/gid & frag table reading against corruption
+	- unsquashfs: harden inode/directory table reading against corruption
+	- mksquashfs: improve out of space in output filesystem handling
+	- mksquashfs: flag lseek error in writer as probable out of space
+	- mksquashfs: flag lseek error in write_destination as probable out of
+	  space
+	- mksquashfs: print file being squashed when ^\ (SIGQUIT) typed
+	- mksquashfs: make EXIT_MKSQUASHFS() etc restore via new restore thread
+	- mksquashfs: fix recursive restore failure check
+	- info: dump queue and cache status if ^\ hit twice within one second
+	- mksquashfs: fix rare race condition in "locked fragment" queueing
+	- lz4: add experimental support for lz4 compression
+	- lz4: add support for lz4 "high compression"
+	- lzo_wrapper: new implementation with compression options
+	- gzip_wrapper: add compression options
+	- mksquashfs: redo -comp <compressor> parsing
+	- mksquashfs: display compressor options when -X option isn't recognised
+	- mksquashfs: add -Xhelp option
+	- mksquashfs/unsquashfs: fix mtime signedness
+	- Mksquashfs: optimise duplicate checking when appending
+	- Mksquashfs: introduce additional per CPU fragment process threads
+	- Mksquashfs: significantly optimise fragment duplicate checking
+	- read_fs: scan_inode_table(), fix memory leak on filesystem corruption
+	- pseudo: add_pseudo(), fix use of freed variable
+	- mksquashfs/unsquashfs: exclude/extract/pseudo files, fix handling of
+	  leaf name
+	- mksquashfs: rewrite default queue size so it's based on physical mem
+	- mksquashfs: add a new -mem <mbytes> option
+	- mksquashfs: fix limit on the number of dynamic pseudo files
+	- mksquashfs: make -mem take a normal byte value, optionally with a
+	  K, M or G 
+
 -------------------------------------------------------------------
 Sat May 26 08:45:57 UTC 2012 - jengelh@inai.de
 
diff --git a/squashfs.spec b/squashfs.spec
index 277bc63..7ccb035 100644
--- a/squashfs.spec
+++ b/squashfs.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package squashfs
 #
-# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -22,7 +22,7 @@ BuildRequires:  lzma-devel
 BuildRequires:  lzo-devel
 BuildRequires:  zlib-devel
 Supplements:    filesystem(squashfs)
-Version:        4.2
+Version:        4.3
 Release:        0
 Source0:        %{name}%{version}.tar.gz
 Patch0:         squashfs-64k.patch
@@ -38,7 +38,7 @@ squashfs images.
 
 %prep
 %setup -n squashfs%{version}
-%patch0
+%patch0 -p1
 
 %build
 sed -i -e "s,-O2,%{optflags}," squashfs-tools/Makefile
diff --git a/squashfs4.2.tar.gz b/squashfs4.2.tar.gz
deleted file mode 100644
index 8712612..0000000
--- a/squashfs4.2.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:d9e0195aa922dbb665ed322b9aaa96e04a476ee650f39bbeadb0d00b24022e96
-size 133173
diff --git a/squashfs4.3.tar.gz b/squashfs4.3.tar.gz
new file mode 100644
index 0000000..dc1f661
--- /dev/null
+++ b/squashfs4.3.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:0d605512437b1eb800b4736791559295ee5f60177e102e4d4ccd0ee241a5f3f6
+size 182550