MFV r306669:

Sync libarchive with vendor including security fixes.

Important vendor bugfixes (relevant to FreeBSD):
#747: Out of bounds read in mtree parser
#761: heap-based buffer overflow in read_Header (7-zip)
#784: Invalid file on bsdtar command line results in internal errors (1)

PR:		213092 (1)
MFC after:	1 week
This commit is contained in:
Martin Matuska 2016-10-04 11:56:46 +00:00
commit f3e9b21a7a
20 changed files with 224 additions and 22 deletions

View File

@ -1360,6 +1360,31 @@ assertion_file_birthtime_recent(const char *file, int line,
return assertion_file_time(file, line, pathname, 0, 0, 'b', 1);
}
/* Verify mode of 'pathname'. */
int
assertion_file_mode(const char *file, int line, const char *pathname, int expected_mode)
{
int mode;
int r;
assertion_count(file, line);
#if defined(_WIN32) && !defined(__CYGWIN__)
failure_start(file, line, "assertFileMode not yet implemented for Windows");
#else
{
struct stat st;
r = lstat(pathname, &st);
mode = (int)(st.st_mode & 0777);
}
if (r == 0 && mode == expected_mode)
return (1);
failure_start(file, line, "File %s has mode %o, expected %o",
pathname, mode, expected_mode);
#endif
failure_finish(NULL);
return (0);
}
/* Verify mtime of 'pathname'. */
int
assertion_file_mtime(const char *file, int line,
@ -1578,8 +1603,12 @@ assertion_make_dir(const char *file, int line, const char *dirname, int mode)
if (0 == _mkdir(dirname))
return (1);
#else
if (0 == mkdir(dirname, mode))
return (1);
if (0 == mkdir(dirname, mode)) {
if (0 == chmod(dirname, mode)) {
assertion_file_mode(file, line, dirname, mode);
return (1);
}
}
#endif
failure_start(file, line, "Could not create directory %s", dirname);
failure_finish(NULL);
@ -1628,6 +1657,11 @@ assertion_make_file(const char *file, int line,
failure_finish(NULL);
return (0);
}
if (0 != chmod(path, mode)) {
failure_start(file, line, "Could not chmod %s", path);
failure_finish(NULL);
return (0);
}
if (contents != NULL) {
ssize_t wsize;
@ -1644,6 +1678,7 @@ assertion_make_file(const char *file, int line,
}
}
close(fd);
assertion_file_mode(file, line, path, mode);
return (1);
#endif
}

View File

@ -241,6 +241,7 @@ int assertion_file_birthtime_recent(const char *, int, const char *);
int assertion_file_contains_lines_any_order(const char *, int, const char *, const char **);
int assertion_file_contents(const char *, int, const void *, int, const char *);
int assertion_file_exists(const char *, int, const char *);
int assertion_file_mode(const char *, int, const char *, int);
int assertion_file_mtime(const char *, int, const char *, long, long);
int assertion_file_mtime_recent(const char *, int, const char *);
int assertion_file_nlinks(const char *, int, const char *, int);

View File

@ -1361,6 +1361,31 @@ assertion_file_birthtime_recent(const char *file, int line,
return assertion_file_time(file, line, pathname, 0, 0, 'b', 1);
}
/* Verify mode of 'pathname'. */
int
assertion_file_mode(const char *file, int line, const char *pathname, int expected_mode)
{
int mode;
int r;
assertion_count(file, line);
#if defined(_WIN32) && !defined(__CYGWIN__)
failure_start(file, line, "assertFileMode not yet implemented for Windows");
#else
{
struct stat st;
r = lstat(pathname, &st);
mode = (int)(st.st_mode & 0777);
}
if (r == 0 && mode == expected_mode)
return (1);
failure_start(file, line, "File %s has mode %o, expected %o",
pathname, mode, expected_mode);
#endif
failure_finish(NULL);
return (0);
}
/* Verify mtime of 'pathname'. */
int
assertion_file_mtime(const char *file, int line,
@ -1579,8 +1604,12 @@ assertion_make_dir(const char *file, int line, const char *dirname, int mode)
if (0 == _mkdir(dirname))
return (1);
#else
if (0 == mkdir(dirname, mode))
return (1);
if (0 == mkdir(dirname, mode)) {
if (0 == chmod(dirname, mode)) {
assertion_file_mode(file, line, dirname, mode);
return (1);
}
}
#endif
failure_start(file, line, "Could not create directory %s", dirname);
failure_finish(NULL);
@ -1629,6 +1658,11 @@ assertion_make_file(const char *file, int line,
failure_finish(NULL);
return (0);
}
if (0 != chmod(path, mode)) {
failure_start(file, line, "Could not chmod %s", path);
failure_finish(NULL);
return (0);
}
if (contents != NULL) {
ssize_t wsize;
@ -1645,6 +1679,7 @@ assertion_make_file(const char *file, int line,
}
}
close(fd);
assertion_file_mode(file, line, path, mode);
return (1);
#endif
}

View File

@ -241,6 +241,7 @@ int assertion_file_birthtime_recent(const char *, int, const char *);
int assertion_file_contains_lines_any_order(const char *, int, const char *, const char **);
int assertion_file_contents(const char *, int, const void *, int, const char *);
int assertion_file_exists(const char *, int, const char *);
int assertion_file_mode(const char *, int, const char *, int);
int assertion_file_mtime(const char *, int, const char *, long, long);
int assertion_file_mtime_recent(const char *, int, const char *);
int assertion_file_nlinks(const char *, int, const char *, int);

View File

@ -2431,6 +2431,8 @@ read_Header(struct archive_read *a, struct _7z_header_info *h,
switch (type) {
case kEmptyStream:
if (h->emptyStreamBools != NULL)
return (-1);
h->emptyStreamBools = calloc((size_t)zip->numFiles,
sizeof(*h->emptyStreamBools));
if (h->emptyStreamBools == NULL)
@ -2451,6 +2453,8 @@ read_Header(struct archive_read *a, struct _7z_header_info *h,
return (-1);
break;
}
if (h->emptyFileBools != NULL)
return (-1);
h->emptyFileBools = calloc(empty_streams,
sizeof(*h->emptyFileBools));
if (h->emptyFileBools == NULL)
@ -2465,6 +2469,8 @@ read_Header(struct archive_read *a, struct _7z_header_info *h,
return (-1);
break;
}
if (h->antiBools != NULL)
return (-1);
h->antiBools = calloc(empty_streams,
sizeof(*h->antiBools));
if (h->antiBools == NULL)
@ -2491,6 +2497,8 @@ read_Header(struct archive_read *a, struct _7z_header_info *h,
if ((ll & 1) || ll < zip->numFiles * 4)
return (-1);
if (zip->entry_names != NULL)
return (-1);
zip->entry_names = malloc(ll);
if (zip->entry_names == NULL)
return (-1);
@ -2543,6 +2551,8 @@ read_Header(struct archive_read *a, struct _7z_header_info *h,
if ((p = header_bytes(a, 2)) == NULL)
return (-1);
allAreDefined = *p;
if (h->attrBools != NULL)
return (-1);
h->attrBools = calloc((size_t)zip->numFiles,
sizeof(*h->attrBools));
if (h->attrBools == NULL)

View File

@ -301,6 +301,15 @@ get_line_size(const char *b, ssize_t avail, ssize_t *nlsize)
return (avail);
}
/*
* <---------------- ravail --------------------->
* <-- diff ------> <--- avail ----------------->
* <---- len ----------->
* | Previous lines | line being parsed nl extra |
* ^
* b
*
*/
static ssize_t
next_line(struct archive_read *a,
const char **b, ssize_t *avail, ssize_t *ravail, ssize_t *nl)
@ -339,7 +348,7 @@ next_line(struct archive_read *a,
*b += diff;
*avail -= diff;
tested = len;/* Skip some bytes we already determinated. */
len = get_line_size(*b, *avail, nl);
len = get_line_size(*b + len, *avail - len, nl);
if (len >= 0)
len += tested;
}

View File

@ -1607,8 +1607,12 @@ assertion_make_dir(const char *file, int line, const char *dirname, int mode)
if (0 == _mkdir(dirname))
return (1);
#else
if (0 == mkdir(dirname, mode))
return (1);
if (0 == mkdir(dirname, mode)) {
if (0 == chmod(dirname, mode)) {
assertion_file_mode(file, line, dirname, mode);
return (1);
}
}
#endif
failure_start(file, line, "Could not create directory %s", dirname);
failure_finish(NULL);
@ -1657,6 +1661,11 @@ assertion_make_file(const char *file, int line,
failure_finish(NULL);
return (0);
}
if (0 != chmod(path, mode)) {
failure_start(file, line, "Could not chmod %s", path);
failure_finish(NULL);
return (0);
}
if (contents != NULL) {
ssize_t wsize;
@ -1673,6 +1682,7 @@ assertion_make_file(const char *file, int line,
}
}
close(fd);
assertion_file_mode(file, line, path, mode);
return (1);
#endif
}

View File

@ -93,7 +93,7 @@ static struct myacl_t acls_reg[] = {
static struct myacl_t acls_dir[] = {
/* For this test, we need to be able to read and write the ACL. */
{ ARCHIVE_ENTRY_ACL_TYPE_ALLOW, ARCHIVE_ENTRY_ACL_READ_ACL,
{ ARCHIVE_ENTRY_ACL_TYPE_ALLOW, ARCHIVE_ENTRY_ACL_READ_DATA | ARCHIVE_ENTRY_ACL_READ_ACL,
ARCHIVE_ENTRY_ACL_USER_OBJ, -1, ""},
/* An entry for each type. */

View File

@ -0,0 +1,44 @@
/*-
* Copyright (c) 2003-2016 Tim Kientzle
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "test.h"
/*
* Reproduce the crash reported in Github Issue #747.
*/
DEFINE_TEST(test_read_format_mtree_crash747)
{
const char *reffile = "test_read_format_mtree_crash747.mtree.bz2";
struct archive *a;
extract_reference_file(reffile);
assert((a = archive_read_new()) != NULL);
assertEqualIntA(a, ARCHIVE_OK, archive_read_support_filter_bzip2(a));
assertEqualIntA(a, ARCHIVE_OK, archive_read_support_format_mtree(a));
assertEqualIntA(a, ARCHIVE_FATAL, archive_read_open_filename(a, reffile, 10240));
assertEqualInt(ARCHIVE_OK, archive_read_free(a));
}

View File

@ -0,0 +1,6 @@
begin 600 test_read_format_mtree_crash747.mtree.bz2
M0EIH.3%!62936:OH@(@``'/[@,`0`@!``'^```)A@9\`$`@@`'4)049!IIH!
MM021-0,F@&@6````9%>$(K!GIC*XFR0`$```J0+:$XP```!D-F)H[#SE9+2'
4+E"L=ASXUI%R(I"HD'ZA(5?1`Q``
`
end

View File

@ -204,7 +204,7 @@ DEFINE_TEST(test_read_append_filter_wrong_program)
/*
* If we have "bunzip2 -q", try using that.
*/
if (!canRunCommand("bunzip2 -V")) {
if (!canRunCommand("bunzip2 -h")) {
skipping("Can't run bunzip2 program on this platform");
return;
}

View File

@ -84,6 +84,7 @@ add_substitution(struct bsdtar *bsdtar, const char *rule_text)
if (rule == NULL)
lafe_errc(1, errno, "Out of memory");
rule->next = NULL;
rule->result = NULL;
if (subst->last_rule == NULL)
subst->first_rule = rule;

View File

@ -130,6 +130,13 @@ __FBSDID("$FreeBSD$");
# include <crtdbg.h>
#endif
mode_t umasked(mode_t expected_mode)
{
mode_t mode = umask(0);
umask(mode);
return expected_mode & ~mode;
}
/* Path to working directory for current test */
const char *testworkdir;
#ifdef PROGRAM
@ -1361,6 +1368,31 @@ assertion_file_birthtime_recent(const char *file, int line,
return assertion_file_time(file, line, pathname, 0, 0, 'b', 1);
}
/* Verify mode of 'pathname'. */
int
assertion_file_mode(const char *file, int line, const char *pathname, int expected_mode)
{
int mode;
int r;
assertion_count(file, line);
#if defined(_WIN32) && !defined(__CYGWIN__)
failure_start(file, line, "assertFileMode not yet implemented for Windows");
#else
{
struct stat st;
r = lstat(pathname, &st);
mode = (int)(st.st_mode & 0777);
}
if (r == 0 && mode == expected_mode)
return (1);
failure_start(file, line, "File %s has mode %o, expected %o",
pathname, mode, expected_mode);
#endif
failure_finish(NULL);
return (0);
}
/* Verify mtime of 'pathname'. */
int
assertion_file_mtime(const char *file, int line,
@ -1579,8 +1611,12 @@ assertion_make_dir(const char *file, int line, const char *dirname, int mode)
if (0 == _mkdir(dirname))
return (1);
#else
if (0 == mkdir(dirname, mode))
return (1);
if (0 == mkdir(dirname, mode)) {
if (0 == chmod(dirname, mode)) {
assertion_file_mode(file, line, dirname, mode);
return (1);
}
}
#endif
failure_start(file, line, "Could not create directory %s", dirname);
failure_finish(NULL);
@ -1629,6 +1665,11 @@ assertion_make_file(const char *file, int line,
failure_finish(NULL);
return (0);
}
if (0 != chmod(path, mode)) {
failure_start(file, line, "Could not chmod %s", path);
failure_finish(NULL);
return (0);
}
if (contents != NULL) {
ssize_t wsize;
@ -1645,6 +1686,7 @@ assertion_make_file(const char *file, int line,
}
}
close(fd);
assertion_file_mode(file, line, path, mode);
return (1);
#endif
}

View File

@ -241,6 +241,7 @@ int assertion_file_birthtime_recent(const char *, int, const char *);
int assertion_file_contains_lines_any_order(const char *, int, const char *, const char **);
int assertion_file_contents(const char *, int, const void *, int, const char *);
int assertion_file_exists(const char *, int, const char *);
int assertion_file_mode(const char *, int, const char *, int);
int assertion_file_mtime(const char *, int, const char *, long, long);
int assertion_file_mtime_recent(const char *, int, const char *);
int assertion_file_nlinks(const char *, int, const char *, int);
@ -326,6 +327,9 @@ void copy_reference_file(const char *);
*/
void extract_reference_files(const char **);
/* Subtract umask from mode */
mode_t umasked(mode_t expected_mode);
/* Path to working directory for current test */
extern const char *testworkdir;

View File

@ -83,10 +83,10 @@ DEFINE_TEST(test_option_H_upper)
assertChdir("test3");
assertEqualInt(0,
systemf("%s -xf archive.tar >c.out 2>c.err", testprog));
assertIsDir("ld1", 0755);
assertIsDir("ld1", umasked(0755));
assertIsSymlink("d1/linkX", "fileX");
assertIsSymlink("d1/link1", "file1");
assertIsReg("link2", 0644);
assertIsReg("link2", umasked(0644));
assertIsSymlink("linkY", "d1/fileY");
assertChdir("..");
}

View File

@ -69,10 +69,10 @@ DEFINE_TEST(test_option_L_upper)
assertChdir("test2");
assertEqualInt(0,
systemf("%s -xf archive.tar >c.out 2>c.err", testprog));
assertIsDir("ld1", 0755);
assertIsReg("d1/link1", 0644);
assertIsDir("ld1", umasked(0755));
assertIsReg("d1/link1", umasked(0644));
assertIsSymlink("d1/linkX", "fileX");
assertIsReg("link2", 0644);
assertIsReg("link2", umasked(0644));
assertIsSymlink("linkY", "d1/fileY");
assertChdir("..");
@ -83,10 +83,10 @@ DEFINE_TEST(test_option_L_upper)
assertChdir("test3");
assertEqualInt(0,
systemf("%s -xf archive.tar >c.out 2>c.err", testprog));
assertIsDir("ld1", 0755);
assertIsReg("d1/link1", 0644);
assertIsDir("ld1", umasked(0755));
assertIsReg("d1/link1", umasked(0644));
assertIsSymlink("d1/linkX", "fileX");
assertIsReg("link2", 0644);
assertIsReg("link2", umasked(0644));
assertIsSymlink("linkY", "d1/fileY");
assertChdir("..");
}

View File

@ -135,7 +135,7 @@ DEFINE_TEST(test_option_U_upper)
assertMakeSymlink("d1/file1", "d1/realfile1");
assertEqualInt(0,
systemf("%s -xf ../archive.tar d1/file1 >test.out 2>test.err", testprog));
assertIsReg("d1/file1", 0644);
assertIsReg("d1/file1", umasked(0644));
assertFileContents("d1/file1", 8, "d1/file1");
assertFileContents("realfile1", 9, "d1/realfile1");
assertEmptyFile("test.out");
@ -150,7 +150,7 @@ DEFINE_TEST(test_option_U_upper)
assertMakeSymlink("d1/file1", "d1/realfile1");
assertEqualInt(0,
systemf("%s -xPUf ../archive.tar d1/file1 >test.out 2>test.err", testprog));
assertIsReg("d1/file1", 0644);
assertIsReg("d1/file1", umasked(0644));
assertFileContents("d1/file1", 8, "d1/file1");
assertFileContents("realfile1", 9, "d1/realfile1");
assertEmptyFile("test.out");

View File

@ -55,7 +55,7 @@ DEFINE_TEST(test_option_n)
systemf("%s -xf archive.tar >x.out 2>x.err", testprog));
assertEmptyFile("x.out");
assertEmptyFile("x.err");
assertIsDir("d1", 0755);
assertIsDir("d1", umasked(0755));
assertFileNotExists("d1/file1");
assertChdir("..");
}

View File

@ -886,6 +886,8 @@ write_hierarchy(struct bsdtar *bsdtar, struct archive *a, const char *path)
"%s", archive_error_string(disk));
if (r == ARCHIVE_FATAL || r == ARCHIVE_FAILED) {
bsdtar->return_value = 1;
archive_entry_free(entry);
archive_read_close(disk);
return;
} else if (r < ARCHIVE_WARN)
continue;

View File

@ -151,6 +151,7 @@ TESTS_SRCS= \
test_read_format_lha_bugfix_0.c \
test_read_format_lha_filename.c \
test_read_format_mtree.c \
test_read_format_mtree_crash747.c \
test_read_format_pax_bz2.c \
test_read_format_rar.c \
test_read_format_rar_encryption_data.c \
@ -466,6 +467,7 @@ ${PACKAGE}FILES+= test_read_format_lha_lh6.lzh.uu
${PACKAGE}FILES+= test_read_format_lha_lh7.lzh.uu
${PACKAGE}FILES+= test_read_format_lha_withjunk.lzh.uu
${PACKAGE}FILES+= test_read_format_mtree.mtree.uu
${PACKAGE}FILES+= test_read_format_mtree_crash747.mtree.bz2.uu
${PACKAGE}FILES+= test_read_format_mtree_nomagic.mtree.uu
${PACKAGE}FILES+= test_read_format_mtree_nomagic2.mtree.uu
${PACKAGE}FILES+= test_read_format_mtree_nomagic3.mtree.uu