testing/gzip
SHA256
3
0
Fork 0
forked from pool/gzip
Code Pull Requests Activity

Accepting request 30400 from Base:System

Browse Source 
Copy from Base:System/gzip based on submit request 30400 from user mseben

OBS-URL: https://build.opensuse.org/request/show/30400
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gzip?expand=0&rev=13
This commit is contained in:
OBS User autobuild 2010-01-29 14:00:15 +00:00 committed by Git OBS Bridge
parent 89554c6fe1
commit c7c6ba1ff6
12 changed files with 112 additions and 88 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
futimens.diff
View File

@ -1,38 +0,0 @@
--- gzip.c
+++ gzip.c
@@ -1639,7 +1639,7 @@
}
}
- if (futimens (ofd, ofname, timespec) != 0)
+ if (gl_futimens (ofd, ofname, timespec) != 0)
{
int e = errno;
WARN ((stderr, "%s: ", program_name));
--- lib/utimens.c
+++ lib/utimens.c
@@ -75,8 +75,8 @@
Return 0 on success, -1 (setting errno) on failure. */
int
-futimens (int fd ATTRIBUTE_UNUSED,
- char const *file, struct timespec const timespec[2])
+gl_futimens (int fd ATTRIBUTE_UNUSED,
+ char const *file, struct timespec const timespec[2])
{
/* Some Linux-based NFS clients are buggy, and mishandle time stamps
of files in NFS file systems in some cases. We have no
@@ -185,5 +185,5 @@
int
utimens (char const *file, struct timespec const timespec[2])
{
- return futimens (-1, file, timespec);
+ return gl_futimens (-1, file, timespec);
}
--- lib/utimens.h
+++ lib/utimens.h
@@ -1,3 +1,3 @@
#include <time.h>
-int futimens (int, char const *, struct timespec const [2]);
+int gl_futimens (int, char const *, struct timespec const [2]);
int utimens (char const *, struct timespec const [2]);

3
gzip-1.3.12.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:3f565be05f7f3d1aff117c030eb7c738300510b7d098cedea796ca8e4cd587af
size 462169

3
gzip-1.3.13.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:1d06ff9f5c523651bed3dcde6e6aa8118eee48b22534a157a2588705fa517ca3
size 813865

16
gzip-CVE-2010-0001.diff Normal file
View File

@ -0,0 +1,16 @@
* unlzw.c (unlzw): Avoid integer overflow.
Aki Helin reported the segfault along with an input to trigger the bug.
Index: gzip-1.3.13/unlzw.c
===================================================================
--- gzip-1.3.13.orig/unlzw.c
+++ gzip-1.3.13/unlzw.c
@@ -244,7 +244,8 @@ int unlzw(in, out)
int o;
resetbuf:
- e = insize-(o = (posbits>>3));
+ o = posbits >> 3;
+ e = o <= insize ? insize - o : 0;
for (i = 0 ; i < e ; ++i) {
inbuf[i] = inbuf[i+o];

68
gzip-rsyncable.diff
View File

@ -5,9 +5,11 @@ tried out in the default gzip for Debian Sarge, and may go into the
upstream gzip at somepoint in the not-too-distant future. upstream gzip at somepoint in the not-too-distant future.
================================================================================ ================================================================================
--- gzip-1.3.12/deflate.c Index: gzip-1.3.13/deflate.c
+++ gzip-1.3.12/deflate.c ===================================================================
@@ -135,6 +135,14 @@ static char rcsid[] = "$Id: deflate.c,v --- gzip-1.3.13.orig/deflate.c
+++ gzip-1.3.13/deflate.c
@@ -131,6 +131,14 @@
#endif #endif
/* Matches of length 3 are discarded if their distance exceeds TOO_FAR */ /* Matches of length 3 are discarded if their distance exceeds TOO_FAR */
@ -22,7 +24,7 @@ upstream gzip at somepoint in the not-too-distant future.
/* =========================================================================== /* ===========================================================================
* Local data used by the "longest match" routines. * Local data used by the "longest match" routines.
*/ */
@@ -216,6 +224,8 @@ local int compr_level; @@ -212,6 +220,8 @@ local int compr_level;
unsigned near good_match; unsigned near good_match;
/* Use a faster search when the previous match is longer than this */ /* Use a faster search when the previous match is longer than this */
@ -31,7 +33,7 @@ upstream gzip at somepoint in the not-too-distant future.
/* Values for max_lazy_match, good_match and max_chain_length, depending on /* Values for max_lazy_match, good_match and max_chain_length, depending on
* the desired pack level (0..9). The values given below have been tuned to * the desired pack level (0..9). The values given below have been tuned to
@@ -314,6 +324,10 @@ void lm_init (pack_level, flags) @@ -310,6 +320,10 @@ void lm_init (pack_level, flags)
#endif #endif
/* prev will be initialized on the fly */ /* prev will be initialized on the fly */
@ -42,7 +44,7 @@ upstream gzip at somepoint in the not-too-distant future.
/* Set the default configuration parameters: /* Set the default configuration parameters:
*/ */
max_lazy_match = configuration_table[pack_level].max_lazy; max_lazy_match = configuration_table[pack_level].max_lazy;
@@ -550,6 +564,8 @@ local void fill_window() @@ -546,6 +560,8 @@ local void fill_window()
memcpy((char*)window, (char*)window+WSIZE, (unsigned)WSIZE); memcpy((char*)window, (char*)window+WSIZE, (unsigned)WSIZE);
match_start -= WSIZE; match_start -= WSIZE;
strstart -= WSIZE; /* we now have strstart >= MAX_DIST: */ strstart -= WSIZE; /* we now have strstart >= MAX_DIST: */
@ -51,7 +53,7 @@ upstream gzip at somepoint in the not-too-distant future.
block_start -= (long) WSIZE; block_start -= (long) WSIZE;
@@ -577,13 +593,46 @@ local void fill_window() @@ -573,13 +589,46 @@ local void fill_window()
} }
} }
@ -99,7 +101,7 @@ upstream gzip at somepoint in the not-too-distant future.
/* =========================================================================== /* ===========================================================================
* Processes a new input file and return its compressed length. This * Processes a new input file and return its compressed length. This
@@ -594,7 +643,7 @@ local void fill_window() @@ -590,7 +639,7 @@ local void fill_window()
local off_t deflate_fast() local off_t deflate_fast()
{ {
IPos hash_head; /* head of the hash chain */ IPos hash_head; /* head of the hash chain */
@ -108,7 +110,7 @@ upstream gzip at somepoint in the not-too-distant future.
unsigned match_length = 0; /* length of best match */ unsigned match_length = 0; /* length of best match */
prev_length = MIN_MATCH-1; prev_length = MIN_MATCH-1;
@@ -624,6 +673,7 @@ local off_t deflate_fast() @@ -620,6 +669,7 @@ local off_t deflate_fast()
lookahead -= match_length; lookahead -= match_length;
@ -116,7 +118,7 @@ upstream gzip at somepoint in the not-too-distant future.
/* Insert new strings in the hash table only if the match length /* Insert new strings in the hash table only if the match length
* is not too large. This saves time but degrades compression. * is not too large. This saves time but degrades compression.
*/ */
@@ -652,9 +702,14 @@ local off_t deflate_fast() @@ -648,9 +698,14 @@ local off_t deflate_fast()
/* No match, output a literal byte */ /* No match, output a literal byte */
Tracevv((stderr,"%c",window[strstart])); Tracevv((stderr,"%c",window[strstart]));
flush = ct_tally (0, window[strstart]); flush = ct_tally (0, window[strstart]);
@ -131,7 +133,7 @@ upstream gzip at somepoint in the not-too-distant future.
if (flush) FLUSH_BLOCK(0), block_start = strstart; if (flush) FLUSH_BLOCK(0), block_start = strstart;
/* Make sure that we always have enough lookahead, except /* Make sure that we always have enough lookahead, except
@@ -728,6 +783,7 @@ off_t deflate() @@ -724,6 +779,7 @@ off_t deflate()
*/ */
lookahead -= prev_length-1; lookahead -= prev_length-1;
prev_length -= 2; prev_length -= 2;
@ -139,7 +141,7 @@ upstream gzip at somepoint in the not-too-distant future.
do { do {
strstart++; strstart++;
INSERT_STRING(strstart, hash_head); INSERT_STRING(strstart, hash_head);
@@ -740,24 +796,39 @@ off_t deflate() @@ -736,24 +792,39 @@ off_t deflate()
match_available = 0; match_available = 0;
match_length = MIN_MATCH-1; match_length = MIN_MATCH-1;
strstart++; strstart++;
@ -183,9 +185,11 @@ upstream gzip at somepoint in the not-too-distant future.
strstart++; strstart++;
lookahead--; lookahead--;
} }
--- gzip-1.3.12/doc/gzip.texi Index: gzip-1.3.13/doc/gzip.texi
+++ gzip-1.3.12/doc/gzip.texi ===================================================================
@@ -350,6 +350,14 @@ specified on the command line are direct --- gzip-1.3.13.orig/doc/gzip.texi
+++ gzip-1.3.13/doc/gzip.texi
@@ -353,6 +353,14 @@ specified on the command line are direct
into the directory and compress all the files it finds there (or into the directory and compress all the files it finds there (or
decompress them in the case of @command{gunzip}). decompress them in the case of @command{gunzip}).
@ -200,17 +204,19 @@ upstream gzip at somepoint in the not-too-distant future.
@item --suffix @var{suf} @item --suffix @var{suf}
@itemx -S @var{suf} @itemx -S @var{suf}
Use suffix @var{suf} instead of @samp{.gz}. Any suffix can be Use suffix @var{suf} instead of @samp{.gz}. Any suffix can be
--- gzip-1.3.12/gzip.c Index: gzip-1.3.13/gzip.c
+++ gzip-1.3.12/gzip.c ===================================================================
@@ -231,6 +231,7 @@ int ofd; /* output fil --- gzip-1.3.13.orig/gzip.c
+++ gzip-1.3.13/gzip.c
@@ -229,6 +229,7 @@ int ofd; /* output fil
unsigned insize; /* valid bytes in inbuf */ unsigned insize; /* valid bytes in inbuf */
unsigned inptr; /* index of next byte to be processed in inbuf */ unsigned inptr; /* index of next byte to be processed in inbuf */
unsigned outcnt; /* bytes in output buffer */ unsigned outcnt; /* bytes in output buffer */
+int rsync = 0; /* make ryncable chunks */ +int rsync = 0; /* make ryncable chunks */
struct option longopts[] = static int handled_sig[] =
{ {
@@ -260,6 +261,7 @@ struct option longopts[] = @@ -282,6 +283,7 @@ struct option longopts[] =
{"best", 0, 0, '9'}, /* compress better */ {"best", 0, 0, '9'}, /* compress better */
{"lzw", 0, 0, 'Z'}, /* make output compatible with old compress */ {"lzw", 0, 0, 'Z'}, /* make output compatible with old compress */
{"bits", 1, 0, 'b'}, /* max number of bits per code (implies -Z) */ {"bits", 1, 0, 'b'}, /* max number of bits per code (implies -Z) */
@ -218,7 +224,7 @@ upstream gzip at somepoint in the not-too-distant future.
{ 0, 0, 0, 0 } { 0, 0, 0, 0 }
}; };
@@ -341,6 +343,7 @@ local void help() @@ -363,6 +365,7 @@ local void help()
" -Z, --lzw produce output compatible with old compress", " -Z, --lzw produce output compatible with old compress",
" -b, --bits=BITS max number of bits per code (implies -Z)", " -b, --bits=BITS max number of bits per code (implies -Z)",
#endif #endif
@ -226,7 +232,7 @@ upstream gzip at somepoint in the not-too-distant future.
"", "",
"With no FILE, or when FILE is -, read standard input.", "With no FILE, or when FILE is -, read standard input.",
"", "",
@@ -469,6 +472,9 @@ int main (argc, argv) @@ -493,6 +496,9 @@ int main (argc, argv)
recursive = 1; recursive = 1;
#endif #endif
break; break;
@ -236,8 +242,10 @@ upstream gzip at somepoint in the not-too-distant future.
case 'S': case 'S':
#ifdef NO_MULTIPLE_DOTS #ifdef NO_MULTIPLE_DOTS
if (*optarg == '.') optarg++; if (*optarg == '.') optarg++;
--- gzip-1.3.12/gzip.h Index: gzip-1.3.13/gzip.h
+++ gzip-1.3.12/gzip.h ===================================================================
--- gzip-1.3.13.orig/gzip.h
+++ gzip-1.3.13/gzip.h
@@ -158,6 +158,7 @@ EXTERN(uch, window); /* Sliding @@ -158,6 +158,7 @@ EXTERN(uch, window); /* Sliding
extern unsigned insize; /* valid bytes in inbuf */ extern unsigned insize; /* valid bytes in inbuf */
extern unsigned inptr; /* index of next byte to be processed in inbuf */ extern unsigned inptr; /* index of next byte to be processed in inbuf */
@ -255,8 +263,10 @@ upstream gzip at somepoint in the not-too-distant future.
/* in bits.c */ /* in bits.c */
void bi_init OF((file_t zipfile)); void bi_init OF((file_t zipfile));
--- gzip-1.3.12/trees.c Index: gzip-1.3.13/trees.c
+++ gzip-1.3.12/trees.c ===================================================================
--- gzip-1.3.13.orig/trees.c
+++ gzip-1.3.13/trees.c
@@ -59,12 +59,13 @@ @@ -59,12 +59,13 @@
* void ct_tally (int dist, int lc); * void ct_tally (int dist, int lc);
* Save the match info and tally the frequency counts. * Save the match info and tally the frequency counts.
@ -275,7 +285,7 @@ upstream gzip at somepoint in the not-too-distant future.
#include <config.h> #include <config.h>
#include <ctype.h> #include <ctype.h>
@@ -860,9 +861,10 @@ local void send_all_trees(lcodes, dcodes @@ -856,9 +857,10 @@ local void send_all_trees(lcodes, dcodes
* trees or store, and output the encoded block to the zip file. This function * trees or store, and output the encoded block to the zip file. This function
* returns the total compressed length for the file so far. * returns the total compressed length for the file so far.
*/ */
@ -287,7 +297,7 @@ upstream gzip at somepoint in the not-too-distant future.
int eof; /* true if this is the last block for a file */ int eof; /* true if this is the last block for a file */
{ {
ulg opt_lenb, static_lenb; /* opt_len and static_len in bytes */ ulg opt_lenb, static_lenb; /* opt_len and static_len in bytes */
@@ -955,6 +957,10 @@ off_t flush_block(buf, stored_len, eof) @@ -951,6 +953,10 @@ off_t flush_block(buf, stored_len, eof)
Assert (input_len == bytes_in, "bad input size"); Assert (input_len == bytes_in, "bad input size");
bi_windup(); bi_windup();
compressed_len += 7; /* align on byte boundary */ compressed_len += 7; /* align on byte boundary */

24
gzip.changes
View File

@ -1,3 +1,27 @@
-------------------------------------------------------------------
Tue Jan 19 15:26:41 UTC 2010 - mseben@novell.com
- updated to 1.3.13
- gzip interprets an argument of "-" as indicating stdin, but when
"-" is not the first name on the command line, it doesn't work.
- remove useless if-before-free tests
- remove useless casts to avoid "make syntax-check" failures
- avoid spurious warnings from clang
- avoid a leak on a error path
- don't misinterpret a failing test as successful
- avoid creating an undersized buffer for the hufts table
A malformed input file can cause gzip to crash with a segmentation
violation or hang in an endless loop.
- avoid silent data loss e.g., on NFS, due to unchecked close of stdout
- build require automake-1.11 and produce xz-compressed tarballs, too
- deprecated futimens.diff and CVE-2009-2624.diff
-------------------------------------------------------------------
Thu Jan 14 17:17:49 UTC 2010 - mseben@novell.com
- added gzip-CVE-2009-2624.diff and gzip-CVE-2010-0001.diff : fix
possible denial of service and arbitrary code execution
------------------------------------------------------------------- -------------------------------------------------------------------
Sun Dec 6 18:57:34 CET 2009 - jengelh@medozas.de Sun Dec 6 18:57:34 CET 2009 - jengelh@medozas.de

14
gzip.spec
View File

@ -1,5 +1,5 @@
# #
# spec file for package gzip (Version 1.3.12) # spec file for package gzip (Version 1.3.13)
# #
# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. # Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
# #
@ -23,8 +23,8 @@ License: GPLv2+
Group: Productivity/Archiving/Compression Group: Productivity/Archiving/Compression
AutoReqProv: on AutoReqProv: on
PreReq: %{install_info_prereq} PreReq: %{install_info_prereq}
Version: 1.3.12 Version: 1.3.13
Release: 100 Release: 1
Summary: GNU Zip Compression Utilities Summary: GNU Zip Compression Utilities
Source: %{name}-%{version}.tar.gz Source: %{name}-%{version}.tar.gz
Patch: zgrep.diff Patch: zgrep.diff
@ -32,8 +32,10 @@ Patch1: tempfile.diff
Patch2: zmore.diff Patch2: zmore.diff
Patch3: non-exec-stack.diff Patch3: non-exec-stack.diff
Patch4: http://rsync.samba.org/ftp/unpacked/rsync/patches/gzip-rsyncable.diff Patch4: http://rsync.samba.org/ftp/unpacked/rsync/patches/gzip-rsyncable.diff
Patch5: futimens.diff
Patch6: zdiff.diff Patch6: zdiff.diff
#CVE-2010-0001 integer overflow could lead to array index error in archives, compressed with
#the (LZW) compression algorithm
Patch8: gzip-CVE-2010-0001.diff
BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description %description
@ -55,8 +57,8 @@ Authors:
%patch2 %patch2
%patch3 %patch3
%patch4 -p1 %patch4 -p1
%patch5
%patch6 %patch6
%patch8 -p1
%build %build
CFLAGS="$RPM_OPT_FLAGS -fomit-frame-pointer \ CFLAGS="$RPM_OPT_FLAGS -fomit-frame-pointer \
@ -104,7 +106,7 @@ ln -sf zmore.1 $RPM_BUILD_ROOT%{_mandir}/man1/zless.1
%defattr(-, root, root) %defattr(-, root, root)
/bin/* /bin/*
/usr/bin/* /usr/bin/*
%doc README README-alpha AUTHORS ChangeLog TODO NEWS THANKS %doc README AUTHORS ChangeLog TODO NEWS THANKS
%doc %{_infodir}/*.gz %doc %{_infodir}/*.gz
%doc %{_mandir}/man*/*.gz %doc %{_mandir}/man*/*.gz

6
non-exec-stack.diff
View File

@ -1,6 +1,8 @@
--- lib/match.c Index: lib/match.c
===================================================================
--- lib/match.c.orig
+++ lib/match.c +++ lib/match.c
@@ -770,3 +770,4 @@ @@ -770,3 +770,4 @@ match_init:
# endif /* __ia64__ */ # endif /* __ia64__ */
#endif /* mc68000 || mc68020 */ #endif /* mc68000 || mc68020 */
#endif /* i386 || _I386 */ #endif /* i386 || _I386 */

8
tempfile.diff
View File

@ -1,6 +1,8 @@
--- znew.in Index: znew.in
===================================================================
--- znew.in.orig
+++ znew.in +++ znew.in
@@ -55,8 +55,9 @@ @@ -59,8 +59,9 @@ block=1024
# block is the disk block size (best guess, need not be exact) # block is the disk block size (best guess, need not be exact)
warn="(does not preserve modes and timestamp)" warn="(does not preserve modes and timestamp)"
@ -12,7 +14,7 @@
echo hi > $tmp || exit echo hi > $tmp || exit
if test -z "`(${CPMOD-cpmod} $tmp $tmp) 2>&1`"; then if test -z "`(${CPMOD-cpmod} $tmp $tmp) 2>&1`"; then
cpmod=${CPMOD-cpmod} cpmod=${CPMOD-cpmod}
@@ -72,7 +73,8 @@ @@ -76,7 +77,8 @@ fi
# check if GZIP env. variable uses -S or --suffix # check if GZIP env. variable uses -S or --suffix
gzip -q $tmp gzip -q $tmp
ext=`echo $tmp* | sed "s|$tmp||"` ext=`echo $tmp* | sed "s|$tmp||"`

6
zdiff.diff
View File

@ -1,6 +1,8 @@
--- zdiff.in Index: zdiff.in
===================================================================
--- zdiff.in.orig
+++ zdiff.in +++ zdiff.in
@@ -101,15 +101,17 @@ elif test $# -eq 2; then @@ -105,15 +105,17 @@ elif test $# -eq 2; then
5<&0 5<&0
then then
gzip_status=$( gzip_status=$(

6
zgrep.diff
View File

@ -1,6 +1,8 @@
--- zgrep.in Index: zgrep.in
===================================================================
--- zgrep.in.orig
+++ zgrep.in +++ zgrep.in
@@ -149,10 +149,18 @@ @@ -148,10 +148,18 @@ res=0
for i for i
do do

8
zmore.diff
View File

@ -1,6 +1,8 @@
--- zmore.in Index: zmore.in
===================================================================
--- zmore.in.orig
+++ zmore.in +++ zmore.in
@@ -52,11 +52,33 @@ @@ -55,11 +55,33 @@ else
trap 'stty $ncb echo 2>/dev/null; exit' 0 2 3 5 10 13 15 trap 'stty $ncb echo 2>/dev/null; exit' 0 2 3 5 10 13 15
fi fi
@ -35,7 +37,7 @@
fi fi
else else
FIRST=1 FIRST=1
@@ -80,7 +102,7 @@ @@ -83,7 +105,7 @@ else
fi fi
if test "$ANS" != 's'; then if test "$ANS" != 's'; then
echo "------> $FILE <------" echo "------> $FILE <------"