Set ARCHIVE_EXTRACT_SECURE_SYMLINKS and ARCHIVE_EXTRACT_SECURE_NODOTDOT
as in bsdtar to prevent extraction of archive entries whose pathnames
contain .. or whose target directory would be altered by a symlink.
Also disallow absolute pathnames.
We don't currently provide an option to disable this behaviour (as
bsdtar's -P does). It is unlikely to be a problem in practice for ar(1),
but the -P option is not currently used and available if we want to
consider it for this purpose.
Differential Revision: https://reviews.freebsd.org/D1524
Reported by: Alexander Cherepanov <cherepan@mccme.ru>
Approved by: delphij
Obtained from: ELF tool chain ar, Ticket #474
MFC after: 1 week
Relnotes: Yes
Sponsored by: The FreeBSD Foundation
This compiler flag enforces that that people either mark variables
static or use an external declarations for the variable, similar to how
-Wmissing-prototypes works for functions.
Due to the fact that Yacc/Lex generate code that cannot trivially be
changed to not warn because of this (lots of yy* variables), add a
NO_WMISSING_VARIABLE_DECLARATIONS that can be used to turn off this
specific compiler warning.
Announced on: toolchain@
Update libarchive to 3.1.2
Some of new features:
- support for lrzip and grzip compression
- support for writing tar v7 format
- b64encode and uuencode filters
- support for __MACOSX directory in Zip archives
- support for lzop compresion (external utility)
- old yacc(1) use to magicially append stdlib.h, while new one don't
- new yacc(1) do declare yyparse by itself, fix redundant declaration of
'yyparse'
Approved by: des (mentor)
Some of new features:
- New readers: RAR, LHA/LZH, CAB reader, 7-Zip
- New writers: ISO9660, XAR
- Improvements to many formats, especially including ISO9660 and Zip
- Stackable write filters to write, e.g., tar.gz.uu in a single pass
- Exploit seekable input; new "seekable" Zip reader can exploit the Zip
Central Directory when it's available; the old "streamable" Zip reader
is still fully supported for cases where seeking is not possible.
Full release notes available at:
https://github.com/libarchive/libarchive/wiki/ReleaseNotes
triggered by the same .o being included twice on the command line.
Found by: Nima Misaghian at Sandvine
Reviewed by: kientzle, kaiw
Approved by: re
MFC after: 1 week
section.
* Document the `-l`, `-M` and `-S` options.
* Improve the text describing the behavior of the `-r` option.
* Start a section on standard compliance.
* Indicate in the synopsis that the `-S` and `-s` options are mutually
exclusive.
Obtained from: elftoolchain
When set, it forces all timestamps and owners to zero and
modes to 0644. Useful for producing libraries that are
bitwise identical across multiple build runs.
Submitted by: Erik Cederstrand
Reviewed by: Kai Wang
ar(1)'s dependencies on compressor libraries -lz, -lbz2 and -llzma and
fixes building HEAD on some versions of FreeBSD[78]. Option -j and -z
is now accepted but ignored.
Compressed ar(1) archives are not useful without a ld(1) that can read
them. Also, the current ar(1) compression scheme prevents random
access of archive members and needs to be redesigned anyway.
Submitted by: kientzle (original patch)
Reviewed by: delphij
Discussed on: -current mailing list
Adjust dependencies for programs using libarchive
Add xz and linkage against liblzma to rescue system
Approved by: kientzle, delphij (mentor)
MFC after: 2 weeks
Although groff_mdoc(7) gives another impression, this is the ordering
most widely used and also required by mdocml/mandoc.
Reviewed by: ru
Approved by: philip, ed (mentors)
script mode like the MRI(Microtec Research Inc.) "librarian" program.
Originally this option is provided by Binutils ar(1) to ease the
transition for developers who are used to writing "librarian" scripts.
We added this option to BSD ar(1) because:
1. Further improve the compatibility with Binutils ar(1).
2. There are still a few software using this -M option. (at least one
in our ports collection)
Suggested by: rink & erwin
page stated, thus BSD ar(1) option -q, which was implemented based on
the GNU ar manual page, turns out to be incompatible with GNU ar -q.
This change will make BSD ar(1) -q a *REAL* GNU ar -q:
1. It will update symbol table. (same as unfixed version)
2. It will NOT compare new members spcified in the command line args
with existing members, instead, append them directly.
Reported by: Johannes 5 Joemann <joemann@beefree.free.de>
Reported by: Timothy Bourke <timbob@bigpond.com>
Tested by: Johannes 5 Joemann <joemann@beefree.free.de>
Reviewed by: jkoshy
Approved by: jkoshy (mentor)
- Fix a malloc buffer overrun: Use a while loop to check whether
the string buffer is big enough after resizing, since doubling
once might not be enough when a very long member name or symbol
name is provided.
- Fix typo.
Reported by: Michael Plass <mfp49_freebsd@plass-family.net>
Tested by: Michael Plass <mfp49_freebsd@plass-family.net>
Reviewed by: jkoshy
Approved by: jkoshy
source upgrades by falling back to GNU ar(1) as necessary. Option
WITH_BSDAR is gone. Option _WITH_GNUAR to aid in upgrades is *not*
supposed to be set by the user.
Stop bootstrapping BSD ar(1) on the next __FreeBSD_version bump, as
there are no known bugs in it. Bump __FreeBSD_version to anticipate
this and to flag the switch to BSD ar(1), should it be needed for
something.
Input from: obrien, des, kaiw
check if it is invoked as 'bsdranlib'.
Reported by: Michael Plass <mfp49_freebsd [AT] plass-family [DOT] net>
Reviewed by: Michael Plass <mfp49_freebsd [AT] plass-family [DOT] net>
Reviewed by: jkoshy
Approved by: jkoshy (mentor)
Do not mmap 0-size objects and do not try to extract symbol from
0-size objects, but do treat 0-size objects as qualified objects and
accept them as an archive member. (A member with only the header part)
Note that GNU binutils ar on FreeBSD ignores 0-size objects, but on
Linux it accepts them. [1] But, since this is a rare usage, we can
safely ignore the compatibility issue.
Reported by: Michael Plass <mfp49_freebsd [AT] plass-family [DOT] net>
Pointed out by: Michael Plass <mfp49_freebsd [AT] plass-family [DOT] net> [1]
Reviewed by: Michael Plass <mfp49_freebsd [AT] plass-family [DOT] net>
Reviewed by: jkoshy
Approved by: jkoshy (mentor)
Reviewed by: jkoshy
Approved by: jkoshy (mentor)
Tested by: erwin (ports build test on pointyhat)
Sponsored by: Google Summer of Code 2007
Reviewed by (earlier version): Jaakko Heinonen <jh[AT]saunalahti.fi>
Tested by (earlier version): Steve Kargl <sgk[AT]troutmask.apl.washington.edu>
Tested by (earlier version): Martin Voros <martin_voros[AT]yahoo.com>
Tested by (earlier version): swell.k[AT]gmail.com
Tested by (earlier version): joel
Tested by (earlier version): Alexey Shuvaev <shuvaev[AT]physik.uni-wuerzburg.de>
Tested by (earlier version): Arjan van Leeuwen <avleeuwen[AT]gmail.com>
Thanks to gabor@ for building ports for it.
Thanks to erwin@ and kris@ for scheduling the ports build test on pointyhat.
And thanks to many others for their feedback.