MFV r338797:

Sync libarchive with vendor.

Relevant vendor changes:
  PR #1019: Add allocation check for the zip_entry struct
  Oss-Fuzz #10192: Handle whitespace-only ACL fields correctly

Approved by:	re (kib)
MFC after:	1 week

contrib/libarchive/README.md

@@ -78,7 +78,6 @@ Currently, the library automatically detects and reads the following fomats:
   * POSIX pax interchange format
   * POSIX octet-oriented cpio
   * SVR4 ASCII cpio
-  * POSIX octet-oriented cpio
   * Binary cpio (big-endian or little-endian)
   * ISO9660 CD-ROM images (with optional Rockridge or Joliet extensions)
   * ZIP archives (with uncompressed or "deflate" compressed entries, including support for encrypted Zip archives)

contrib/libarchive/libarchive/archive_acl.c

@@ -2058,6 +2058,12 @@ next_field(const char **p, const char **start,
 	}
 	*sep = **p;
 
+	/* If the field is only whitespace, bail out now. */
+	if (**p == '\0') {
+		*end = *p;
+		return;
+	}
+
 	/* Trim trailing whitespace to locate end of field. */
 	*end = *p - 1;
 	while (**end == ' ' || **end == '\t' || **end == '\n') {

contrib/libarchive/libarchive/archive_cryptor.c

@@ -316,7 +316,14 @@ aes_ctr_init(archive_crypto_ctx *ctx, const uint8_t *key, size_t key_len)
 	memcpy(ctx->key, key, key_len);
 	memset(ctx->nonce, 0, sizeof(ctx->nonce));
 	ctx->encr_pos = AES_BLOCK_SIZE;
+#if OPENSSL_VERSION_NUMBER  >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+	if (!EVP_CIPHER_CTX_reset(ctx->ctx)) {
+		EVP_CIPHER_CTX_free(ctx->ctx);
+		ctx->ctx = NULL;
+	}
+#else
 	EVP_CIPHER_CTX_init(ctx->ctx);
+#endif
 	return 0;
 }
 

contrib/libarchive/libarchive/archive_read_support_format_ar.c

@@ -459,6 +459,7 @@ ar_parse_common_header(struct ar *ar, struct archive_entry *entry,
 	uint64_t n;
 
 	/* Copy remaining header */
+	archive_entry_set_filetype(entry, AE_IFREG);
 	archive_entry_set_mtime(entry,
 	    (time_t)ar_atol10(h + AR_date_offset, AR_date_size), 0L);
 	archive_entry_set_uid(entry,

contrib/libarchive/libarchive/archive_read_support_format_zip.c

@@ -2708,6 +2708,11 @@ slurp_central_directory(struct archive_read *a, struct zip *zip)
 			return ARCHIVE_FATAL;
 
 		zip_entry = calloc(1, sizeof(struct zip_entry));
+		if (zip_entry == NULL) {
+			archive_set_error(&a->archive, ENOMEM,
+				"Can't allocate zip entry");
+			return ARCHIVE_FATAL;
+		}
 		zip_entry->next = zip->zip_entries;
 		zip_entry->flags |= LA_FROM_CENTRAL_DIRECTORY;
 		zip->zip_entries = zip_entry;

contrib/libarchive/libarchive/test/test_sparse_basic.c

@@ -422,6 +422,7 @@ verify_sparse_file(struct archive *a, const char *path,
 	assert(sparse->type == END);
 	assertEqualInt(expected_offset, archive_entry_size(ae));
 
+	failure(path);
 	assertEqualInt(holes_seen, expected_holes);
 
 	assertEqualIntA(a, ARCHIVE_OK, archive_read_close(a));
@@ -457,6 +458,7 @@ verify_sparse_file2(struct archive *a, const char *path,
 	/* Verify the number of holes only, not its offset nor its
 	 * length because those alignments are deeply dependence on
 	 * its filesystem. */ 
+	failure(path);
 	assertEqualInt(blocks, archive_entry_sparse_count(ae));
 	archive_entry_free(ae);
 }

contrib/libarchive/test_utils/test_main.c

@@ -2166,7 +2166,7 @@ void assertVersion(const char *prog, const char *base)
 
 	/* Skip arbitrary third-party version numbers. */
 	while (s > 0 && (*q == ' ' || *q == '-' || *q == '/' || *q == '.' ||
-	    isalnum(*q))) {
+	    isalnum((unsigned char)*q))) {
 		++q;
 		--s;
 	}