Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 13 Dec 2018 11:18:46 +0000 (UTC)
From:      Martin Matuska <mm@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r342042 - in head/contrib/libarchive/libarchive: . test
Message-ID:  <201812131118.wBDBIkjp024811@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: mm
Date: Thu Dec 13 11:18:45 2018
New Revision: 342042
URL: https://svnweb.freebsd.org/changeset/base/342042

Log:
  MFV r341771,342040,342041:
  Sync libarchive with vendor.
  
  Relevant vendor changes:
    PR #1102: RAR5 reader - fix big-endian problems
    PR #1105: Fix various crash, memory corruption and infinite loop conditions
    PR #1107: RAR5 reader: removed an unused function: bf_is_last_block
  
  MFC after:	1 week

Modified:
  head/contrib/libarchive/libarchive/archive_acl.c
  head/contrib/libarchive/libarchive/archive_read_support_format_rar.c
  head/contrib/libarchive/libarchive/archive_read_support_format_rar5.c
  head/contrib/libarchive/libarchive/archive_read_support_format_warc.c
  head/contrib/libarchive/libarchive/test/test_read_format_rar5.c
Directory Properties:
  head/contrib/libarchive/   (props changed)

Modified: head/contrib/libarchive/libarchive/archive_acl.c
==============================================================================
--- head/contrib/libarchive/libarchive/archive_acl.c	Thu Dec 13 11:15:14 2018	(r342041)
+++ head/contrib/libarchive/libarchive/archive_acl.c	Thu Dec 13 11:18:45 2018	(r342042)
@@ -1723,6 +1723,11 @@ archive_acl_from_text_l(struct archive_acl *acl, const
 			st = field[n].start + 1;
 			len = field[n].end - field[n].start;
 
+			if (len == 0) {
+				ret = ARCHIVE_WARN;
+				continue;
+			}
+
 			switch (*s) {
 			case 'u':
 				if (len == 1 || (len == 4

Modified: head/contrib/libarchive/libarchive/archive_read_support_format_rar.c
==============================================================================
--- head/contrib/libarchive/libarchive/archive_read_support_format_rar.c	Thu Dec 13 11:15:14 2018	(r342041)
+++ head/contrib/libarchive/libarchive/archive_read_support_format_rar.c	Thu Dec 13 11:18:45 2018	(r342042)
@@ -258,6 +258,7 @@ struct rar
   struct data_block_offsets *dbo;
   unsigned int cursor;
   unsigned int nodes;
+  char filename_must_match;
 
   /* LZSS members */
   struct huffman_code maincode;
@@ -1560,6 +1561,12 @@ read_header(struct archive_read *a, struct archive_ent
     }
     return ret;
   }
+  else if (rar->filename_must_match)
+  {
+    archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,
+      "Mismatch of file parts split across multi-volume archive");
+    return (ARCHIVE_FATAL);
+  }
 
   rar->filename_save = (char*)realloc(rar->filename_save,
                                       filename_size + 1);
@@ -2300,6 +2307,11 @@ parse_codes(struct archive_read *a)
       new_size = DICTIONARY_MAX_SIZE;
     else
       new_size = rar_fls((unsigned int)rar->unp_size) << 1;
+    if (new_size == 0) {
+      archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,
+                        "Zero window size is invalid.");
+      return (ARCHIVE_FATAL);
+    }
     new_window = realloc(rar->lzss.window, new_size);
     if (new_window == NULL) {
       archive_set_error(&a->archive, ENOMEM,
@@ -2928,12 +2940,14 @@ rar_read_ahead(struct archive_read *a, size_t min, ssi
     else if (*avail == 0 && rar->main_flags & MHD_VOLUME &&
       rar->file_flags & FHD_SPLIT_AFTER)
     {
+      rar->filename_must_match = 1;
       ret = archive_read_format_rar_read_header(a, a->entry);
       if (ret == (ARCHIVE_EOF))
       {
         rar->has_endarc_header = 1;
         ret = archive_read_format_rar_read_header(a, a->entry);
       }
+      rar->filename_must_match = 0;
       if (ret != (ARCHIVE_OK))
         return NULL;
       return rar_read_ahead(a, min, avail);

Modified: head/contrib/libarchive/libarchive/archive_read_support_format_rar5.c
==============================================================================
--- head/contrib/libarchive/libarchive/archive_read_support_format_rar5.c	Thu Dec 13 11:15:14 2018	(r342041)
+++ head/contrib/libarchive/libarchive/archive_read_support_format_rar5.c	Thu Dec 13 11:18:45 2018	(r342042)
@@ -24,6 +24,7 @@
 */
 
 #include "archive_platform.h"
+#include "archive_endian.h"
 
 #ifdef HAVE_ERRNO_H
 #include <errno.h>
@@ -225,18 +226,17 @@ struct bit_reader {
     int in_addr;        /* Current byte pointer. */
 };
 
-/* RARv5 block header structure. */
+/* RARv5 block header structure. Use bf_* functions to get values from
+ * block_flags_u8 field. I.e. bf_byte_count, etc. */
 struct compressed_block_header {
-    union {
-        struct {
-            uint8_t bit_size : 3;
-            uint8_t byte_count : 3;
-            uint8_t is_last_block : 1;
-            uint8_t is_table_present : 1;
-        } block_flags;
-        uint8_t block_flags_u8;
-    };
-
+    /* block_flags_u8 contain fields encoded in little-endian bitfield:
+     *
+     * - table present flag (shr 7, and 1),
+     * - last block flag    (shr 6, and 1),
+     * - byte_count         (shr 3, and 7),
+     * - bit_size           (shr 0, and 7).
+     */
+    uint8_t block_flags_u8;
     uint8_t block_cksum;
 };
 
@@ -429,26 +429,35 @@ static void cdeque_free(struct cdeque* d) {
     d->cap_mask = 0;
 }
 
+static inline
+uint8_t bf_bit_size(const struct compressed_block_header* hdr) {
+    return hdr->block_flags_u8 & 7;
+}
+
+static inline
+uint8_t bf_byte_count(const struct compressed_block_header* hdr) {
+    return (hdr->block_flags_u8 >> 3) & 7;
+}
+
+static inline
+uint8_t bf_is_table_present(const struct compressed_block_header* hdr) {
+    return (hdr->block_flags_u8 >> 7) & 1;
+}
+
 static inline struct rar5* get_context(struct archive_read* a) {
     return (struct rar5*) a->format->data;
 }
 
-// TODO: make sure these functions return a little endian number
-
 /* Convenience functions used by filter implementations. */
 
 static uint32_t read_filter_data(struct rar5* rar, uint32_t offset) {
-    uint32_t* dptr = (uint32_t*) &rar->cstate.window_buf[offset];
-    // TODO: bswap if big endian
-    return *dptr;
+    return archive_le32dec(&rar->cstate.window_buf[offset]);
 }
 
 static void write_filter_data(struct rar5* rar, uint32_t offset,
         uint32_t value)
 {
-    uint32_t* dptr = (uint32_t*) &rar->cstate.filtered_buf[offset];
-    // TODO: bswap if big endian
-    *dptr = value;
+    archive_le32enc(&rar->cstate.filtered_buf[offset], value);
 }
 
 static void circular_memcpy(uint8_t* dst, uint8_t* window, const int mask,
@@ -995,8 +1004,7 @@ static int read_u32(struct archive_read* a, uint32_t* 
     if(!read_ahead(a, 4, &p))
         return 0;
 
-    *pvalue = *(const uint32_t*)p;
-
+    *pvalue = archive_le32dec(p);
     return ARCHIVE_OK == consume(a, 4) ? 1 : 0;
 }
 
@@ -1005,8 +1013,7 @@ static int read_u64(struct archive_read* a, uint64_t* 
     if(!read_ahead(a, 8, &p))
         return 0;
 
-    *pvalue = *(const uint64_t*)p;
-
+    *pvalue = archive_le64dec(p);
     return ARCHIVE_OK == consume(a, 8) ? 1 : 0;
 }
 
@@ -1936,7 +1943,7 @@ static int create_decode_tables(uint8_t* bit_length,
         dist = bit_field - table->decode_len[cur_len - 1];
         dist >>= (16 - cur_len);
 
-        pos = table->decode_pos[cur_len] + dist;
+        pos = table->decode_pos[cur_len & 15] + dist;
         if(cur_len < rar5_countof(table->decode_pos) && pos < size) {
             table->quick_num[code] = table->decode_num[pos];
         } else {
@@ -2159,17 +2166,17 @@ static int parse_block_header(struct archive_read* a, 
 {
     memcpy(hdr, p, sizeof(struct compressed_block_header));
 
-    if(hdr->block_flags.byte_count > 2) {
+    if(bf_byte_count(hdr) > 2) {
         archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,
                 "Unsupported block header size (was %d, max is 2)",
-                hdr->block_flags.byte_count);
+                bf_byte_count(hdr));
         return ARCHIVE_FATAL;
     }
 
     /* This should probably use bit reader interface in order to be more
      * future-proof. */
     *block_size = 0;
-    switch(hdr->block_flags.byte_count) {
+    switch(bf_byte_count(hdr)) {
         /* 1-byte block size */
         case 0:
             *block_size = *(const uint8_t*) &p[2];
@@ -2177,12 +2184,12 @@ static int parse_block_header(struct archive_read* a, 
 
         /* 2-byte block size */
         case 1:
-            *block_size = *(const uint16_t*) &p[2];
+            *block_size = archive_le16dec(&p[2]);
             break;
 
         /* 3-byte block size */
         case 2:
-            *block_size = *(const uint32_t*) &p[2];
+            *block_size = archive_le32dec(&p[2]);
             *block_size &= 0x00FFFFFF;
             break;
 
@@ -2379,7 +2386,7 @@ static int do_uncompress_block(struct archive_read* a,
 
     const int cmask = rar->cstate.window_mask;
     const struct compressed_block_header* hdr = &rar->last_block_hdr;
-    const uint8_t bit_size = 1 + hdr->block_flags.bit_size;
+    const uint8_t bit_size = 1 + bf_bit_size(hdr);
 
     while(1) {
         if(rar->cstate.write_ptr - rar->cstate.last_write_ptr >
@@ -2777,7 +2784,7 @@ static int process_block(struct archive_read* a) {
 
         /* Skip block header. Next data is huffman tables, if present. */
         ssize_t to_skip = sizeof(struct compressed_block_header) +
-            rar->last_block_hdr.block_flags.byte_count + 1;
+            bf_byte_count(&rar->last_block_hdr) + 1;
 
         if(ARCHIVE_OK != consume(a, to_skip))
             return ARCHIVE_EOF;
@@ -2833,7 +2840,7 @@ static int process_block(struct archive_read* a) {
         rar->bits.in_addr = 0;
         rar->bits.bit_addr = 0;
 
-        if(rar->last_block_hdr.block_flags.is_table_present) {
+        if(bf_is_table_present(&rar->last_block_hdr)) {
             /* Load Huffman tables. */
             ret = parse_tables(a, rar, p);
             if(ret != ARCHIVE_OK) {

Modified: head/contrib/libarchive/libarchive/archive_read_support_format_warc.c
==============================================================================
--- head/contrib/libarchive/libarchive/archive_read_support_format_warc.c	Thu Dec 13 11:15:14 2018	(r342041)
+++ head/contrib/libarchive/libarchive/archive_read_support_format_warc.c	Thu Dec 13 11:18:45 2018	(r342042)
@@ -386,6 +386,11 @@ _warc_read(struct archive_read *a, const void **buf, s
 		return (ARCHIVE_EOF);
 	}
 
+	if (w->unconsumed) {
+		__archive_read_consume(a, w->unconsumed);
+		w->unconsumed = 0U;
+	}
+
 	rab = __archive_read_ahead(a, 1U, &nrd);
 	if (nrd < 0) {
 		*bsz = 0U;

Modified: head/contrib/libarchive/libarchive/test/test_read_format_rar5.c
==============================================================================
--- head/contrib/libarchive/libarchive/test/test_read_format_rar5.c	Thu Dec 13 11:15:14 2018	(r342041)
+++ head/contrib/libarchive/libarchive/test/test_read_format_rar5.c	Thu Dec 13 11:18:45 2018	(r342042)
@@ -28,6 +28,7 @@
  * help. */
 #define __LIBARCHIVE_BUILD
 #include <archive_crc32.h>
+#include <archive_endian.h>
 
 #define PROLOGUE(reffile) \
     struct archive_entry *ae; \
@@ -81,7 +82,7 @@ int verify_data(const uint8_t* data_ptr, int magic, in
         /* *lptr is a value inside unpacked test file, val is the
          * value that should be in the unpacked test file. */
 
-        if(*lptr != val)
+        if(archive_le32dec(lptr) != (uint32_t) val)
             return 0;
     }
 



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201812131118.wBDBIkjp024811>