Accepting request 963333 from home:dirkmueller:Factory
- update to 4.5.1 (bsc#1190531, CVE-2021-41072):
* This release adds Manpages for Mksquashfs(1), Unsquashfs(1),
Sqfstar(1) and Sqfscat(1).
* The -help text output from the utilities has been improved
and extended as well (but the Manpages are now more
comprehensive).
* CVE-2021-41072 which is a writing outside of destination
exploit, has been fixed.
* The number of hard-links in the filesystem is now also
displayed by Mksquashfs in the output summary.
* The number of hard-links written by Unsquashfs is now
also displayed in the output summary.
* Unsquashfs will now write to a pre-existing destination
directory, rather than aborting.
* Unsquashfs now allows "." to used as the destination, to
extract to the current directory.
* The Unsquashfs progress bar now tracks empty files and
hardlinks, in addition to data blocks.
* -no-hardlinks option has been implemented for Sqfstar.
* More sanity checking for "corrupted" filesystems, including
checks for multiply linked directories and directory loops.
* Options that may cause filesystems to be unmountable have
been moved into a new "experts" category in the Mksquashfs
help text (and Manpage).
* Maximum cpiostyle filename limited to PATH_MAX. This
prevents attempts to overflow the stack, or cause system
calls to fail with a too long pathname.
* Don't always use "max open file limit" when calculating
length of queues, as a very large file limit can cause
Unsquashfs to abort. Instead use the smaller of max open
OBS-URL: https://build.opensuse.org/request/show/963333
OBS-URL: https://build.opensuse.org/package/show/filesystems/squashfs?expand=0&rev=50
2022-04-08 09:47:51 +02:00
|
|
|
Index: squashfs-tools-4.5.1/squashfs-tools/mksquashfs.c
|
2022-01-03 11:36:00 +01:00
|
|
|
===================================================================
|
Accepting request 963333 from home:dirkmueller:Factory
- update to 4.5.1 (bsc#1190531, CVE-2021-41072):
* This release adds Manpages for Mksquashfs(1), Unsquashfs(1),
Sqfstar(1) and Sqfscat(1).
* The -help text output from the utilities has been improved
and extended as well (but the Manpages are now more
comprehensive).
* CVE-2021-41072 which is a writing outside of destination
exploit, has been fixed.
* The number of hard-links in the filesystem is now also
displayed by Mksquashfs in the output summary.
* The number of hard-links written by Unsquashfs is now
also displayed in the output summary.
* Unsquashfs will now write to a pre-existing destination
directory, rather than aborting.
* Unsquashfs now allows "." to used as the destination, to
extract to the current directory.
* The Unsquashfs progress bar now tracks empty files and
hardlinks, in addition to data blocks.
* -no-hardlinks option has been implemented for Sqfstar.
* More sanity checking for "corrupted" filesystems, including
checks for multiply linked directories and directory loops.
* Options that may cause filesystems to be unmountable have
been moved into a new "experts" category in the Mksquashfs
help text (and Manpage).
* Maximum cpiostyle filename limited to PATH_MAX. This
prevents attempts to overflow the stack, or cause system
calls to fail with a too long pathname.
* Don't always use "max open file limit" when calculating
length of queues, as a very large file limit can cause
Unsquashfs to abort. Instead use the smaller of max open
OBS-URL: https://build.opensuse.org/request/show/963333
OBS-URL: https://build.opensuse.org/package/show/filesystems/squashfs?expand=0&rev=50
2022-04-08 09:47:51 +02:00
|
|
|
--- squashfs-tools-4.5.1.orig/squashfs-tools/mksquashfs.c
|
|
|
|
|
+++ squashfs-tools-4.5.1/squashfs-tools/mksquashfs.c
|
|
|
|
|
@@ -6079,7 +6079,7 @@ static void print_options(FILE *stream,
|
|
|
|
|
fprintf(stream, "\t\t\tOptionally a suffix of K, M or G can be given to ");
|
|
|
|
|
fprintf(stream, "specify\n\t\t\tKbytes, Mbytes or Gbytes respectively\n");
|
|
|
|
|
fprintf(stream, "\nExpert options (these may make the filesystem unmountable):\n");
|
2022-01-03 11:36:00 +01:00
|
|
|
- fprintf(stream, "-nopad\t\t\tdo not pad filesystem to a multiple of 4K\n");
|
|
|
|
|
+ fprintf(stream, "-nopad\t\t\tdo not pad filesystem to a multiple of 64K\n");
|
Accepting request 963333 from home:dirkmueller:Factory
- update to 4.5.1 (bsc#1190531, CVE-2021-41072):
* This release adds Manpages for Mksquashfs(1), Unsquashfs(1),
Sqfstar(1) and Sqfscat(1).
* The -help text output from the utilities has been improved
and extended as well (but the Manpages are now more
comprehensive).
* CVE-2021-41072 which is a writing outside of destination
exploit, has been fixed.
* The number of hard-links in the filesystem is now also
displayed by Mksquashfs in the output summary.
* The number of hard-links written by Unsquashfs is now
also displayed in the output summary.
* Unsquashfs will now write to a pre-existing destination
directory, rather than aborting.
* Unsquashfs now allows "." to used as the destination, to
extract to the current directory.
* The Unsquashfs progress bar now tracks empty files and
hardlinks, in addition to data blocks.
* -no-hardlinks option has been implemented for Sqfstar.
* More sanity checking for "corrupted" filesystems, including
checks for multiply linked directories and directory loops.
* Options that may cause filesystems to be unmountable have
been moved into a new "experts" category in the Mksquashfs
help text (and Manpage).
* Maximum cpiostyle filename limited to PATH_MAX. This
prevents attempts to overflow the stack, or cause system
calls to fail with a too long pathname.
* Don't always use "max open file limit" when calculating
length of queues, as a very large file limit can cause
Unsquashfs to abort. Instead use the smaller of max open
OBS-URL: https://build.opensuse.org/request/show/963333
OBS-URL: https://build.opensuse.org/package/show/filesystems/squashfs?expand=0&rev=50
2022-04-08 09:47:51 +02:00
|
|
|
fprintf(stream, "-offset <offset>\tSkip <offset> bytes at the beginning of ");
|
|
|
|
|
fprintf(stream, "FILESYSTEM.\n\t\t\tOptionally a suffix of K, M or G can be given ");
|
|
|
|
|
fprintf(stream, "to specify\n\t\t\tKbytes, Mbytes or Gbytes respectively.\n");
|
|
|
|
|
@@ -6210,7 +6210,7 @@ static void print_sqfstar_options(FILE *
|
|
|
|
|
fprintf(stream, "\t\t\tOptionally a suffix of K, M or G can be given to ");
|
|
|
|
|
fprintf(stream, "specify\n\t\t\tKbytes, Mbytes or Gbytes respectively\n");
|
|
|
|
|
fprintf(stream, "\nExpert options (these may make the filesystem unmountable):\n");
|
2022-01-03 11:36:00 +01:00
|
|
|
- fprintf(stream, "-nopad\t\t\tdo not pad filesystem to a multiple of 4K\n");
|
|
|
|
|
+ fprintf(stream, "-nopad\t\t\tdo not pad filesystem to a multiple of 64K\n");
|
Accepting request 963333 from home:dirkmueller:Factory
- update to 4.5.1 (bsc#1190531, CVE-2021-41072):
* This release adds Manpages for Mksquashfs(1), Unsquashfs(1),
Sqfstar(1) and Sqfscat(1).
* The -help text output from the utilities has been improved
and extended as well (but the Manpages are now more
comprehensive).
* CVE-2021-41072 which is a writing outside of destination
exploit, has been fixed.
* The number of hard-links in the filesystem is now also
displayed by Mksquashfs in the output summary.
* The number of hard-links written by Unsquashfs is now
also displayed in the output summary.
* Unsquashfs will now write to a pre-existing destination
directory, rather than aborting.
* Unsquashfs now allows "." to used as the destination, to
extract to the current directory.
* The Unsquashfs progress bar now tracks empty files and
hardlinks, in addition to data blocks.
* -no-hardlinks option has been implemented for Sqfstar.
* More sanity checking for "corrupted" filesystems, including
checks for multiply linked directories and directory loops.
* Options that may cause filesystems to be unmountable have
been moved into a new "experts" category in the Mksquashfs
help text (and Manpage).
* Maximum cpiostyle filename limited to PATH_MAX. This
prevents attempts to overflow the stack, or cause system
calls to fail with a too long pathname.
* Don't always use "max open file limit" when calculating
length of queues, as a very large file limit can cause
Unsquashfs to abort. Instead use the smaller of max open
OBS-URL: https://build.opensuse.org/request/show/963333
OBS-URL: https://build.opensuse.org/package/show/filesystems/squashfs?expand=0&rev=50
2022-04-08 09:47:51 +02:00
|
|
|
fprintf(stream, "-offset <offset>\tSkip <offset> bytes at the beginning of ");
|
|
|
|
|
fprintf(stream, "FILESYSTEM.\n\t\t\tOptionally a suffix of K, M or G can be given ");
|
|
|
|
|
fprintf(stream, "to specify\n\t\t\tKbytes, Mbytes or Gbytes respectively.\n");
|
|
|
|
|
@@ -6958,9 +6958,9 @@ print_sqfstar_compressor_options:
|
2022-01-03 11:36:00 +01:00
|
|
|
set_progressbar_state(FALSE);
|
|
|
|
|
write_filesystem_tables(&sBlk);
|
2011-11-04 07:38:10 +01:00
|
|
|
|
|
|
|
|
- if(!nopad && (i = bytes & (4096 - 1))) {
|
|
|
|
|
- char temp[4096] = {0};
|
|
|
|
|
- write_destination(fd, bytes, 4096 - i, temp);
|
|
|
|
|
+ if(!nopad && (i = bytes & (65536 - 1))) {
|
|
|
|
|
+ char temp[65536] = {0};
|
|
|
|
|
+ write_destination(fd, bytes, 65536 - i, temp);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
close(fd);
|
