summaryrefslogtreecommitdiffabout
AgeCommit message (Collapse)AuthorFiles
2021-01-08Update gnulibHEADmasterSergey Poznyakoff6
* NEWS: Raise version number. * configure.ac: Raise version number to 2.13.90. Raise autoconf and automake requirements. * gnulib: Pull v0.1-4336-gbdae9a5 * gnulib.modules: Remove getopt * src/copyin.c (long_format): Cast rdev numbers to unsigned long
2021-01-06Update copyright yearsSergey Poznyakoff60
2020-09-18Formatting changes in the documentation.Sergey Poznyakoff2
* doc/cpio.1: Fix typos. * doc/cpio.texi: Consistently use proper Texinfo markup fo commands, files, and sample text fragments.
2020-02-08Update copyright yearsSergey Poznyakoff60
2020-01-20Minor fixSergey Poznyakoff1
* src/global.c: Remove superfluous declaration of program_name
2019-11-16Fix handling of device numbers (part 2)Sergey Poznyakoff3
Previously the members of cpio_file_stat that hold device major and minor numbers were signed (long). This caused issues when the device number was cast to unsigned value (uintmax_t) during a call to to_ascii or derived function. In particular, on *BSD systems minor numbers are negative ints. When such numbers are passed to to_ascii, the resulting unsigned representation does not fit into the target field width. For details, see https://lists.gnu.org/archive/html/bug-cpio/2019-11/msg00012.html To fix this, the return types are autodetected by configure. The types of the c_dev_maj, c_dev_min, c_rdev_maj, and c_rdev_min members of struct cpio_file_stat are changed to unsigned versions of the corresponding detected types. This ensures that the value returned from major (or minor) will not undergo sign extension during assignment to the struct member and can be correctly promoted to a wider unsigned data type. * am/ax_compile_check_rettype.m4: New macro AC_COMPILE_CHECK_RETTYPE * configure.ac: Detect return types of major(3) and minor(3). * src/cpiohdr.h (cpio_file_stat): Change types of c_dev_maj, c_dev_min, c_rdev_maj, c_rdev_min.
2019-11-14Fix handling of device numbers on copy out.Sergey Poznyakoff1
Device minor and major numbers are meaningful only for devices. Don't attempt to store them for other files. Instead fill the corresponding fields with zeros. * src/util.c (stat_to_cpio): Initialize c_rdev_maj and c_rdev_min from struct stat only if the file is a device, otherwise set them to zero.
2019-11-08Improve 684b7ac5Sergey Poznyakoff1
* src/copyin.c (read_name_from_file): Handle len == 0.
2019-11-08Fix cpio header verification.Sergey Poznyakoff2
* src/copyin.c (read_name_from_file): Print error message and skip file if its name is not nul-terminated.
2019-11-06Version 2.13release_2_13Sergey Poznyakoff6
* NEWS: Describe new version. * configure.ac: version 2.13 * src/copyin.c: Fix strict aliasing violation. * tests/CVE-2019-14866.at: New file. * tests/Makefile.am: Add new test. * tests/testsuite.at: Add new test,
2019-11-04Various fixesSergey Poznyakoff4
* doc/cpio.texi: Document URLs of the mailing list archive and subscription interface. * src/copyin.c (try_existing_file): Change type of the last argument. (copyin_file): Initialize existing_dir. * src/dstring.c: Include xalloc.h * src/filemode.c (mode_string): mode is unsigned int.
2019-11-04Get rid of the unnecessary workaround.Sergey Poznyakoff1
2019-11-04Don't repeat the help reference message.Sergey Poznyakoff1
* src/main.c (process_args): Don't specify the "Try cpio --help" message explicitly. It is added automatically by the USAGE_ERROR macro.
2019-11-03Fix CVE-2019-14866Sergey Poznyakoff3
* src/copyout.c (to_ascii): Additional argument nul controls whether to add the terminating nul character. (field_width_error): Improve diagnostics: print the actual and the maximum allowed field value. * src/extern.h (to_ascii, field_width_error): New prototypes. * src/tar.c (to_oct): Remove. (to_oct_or_error): New function. (TO_OCT): New macro. (write_out_tar_header): Use TO_OCT and to_ascii. Return 0 on success, 1 on error.
2019-11-03Fix CVE-2015-1197Sergey Poznyakoff4
* src/copyin.c (copyin_link): Force safer name suffix for symbolic links. * tests/CVE-2015-1197.at: New file. * tests/Makefile.am: Add new test case. * tests/testsuite.at: Likewise.
2019-11-03Provide functions for struct cpio_file_stat management.Sergey Poznyakoff7
* src/copyin.c (long_format): Mark unchangeable argument as const. (read_name_from_file): Use cpio_realloc_c_name. (process_copy_in): Use CPIO_FILE_STAT_INITIALIZER. Call cpio_file_stat_free before return. * src/copyout.c (process_copy_out): Likewise. * src/copypass.c (link_to_name): Mark unchangeable argument as const. * src/cpiohdr.h (cpio_file_stat) <c_name_buflen>: New member, <c_tar_linkname>: Mark as const. (CPIO_FILE_STAT_INITIALIZER): New define. (cpio_file_stat_init,cpio_file_stat_free) (cpio_realloc_c_name): New protos. * src/extern.h: Fix prototypes. * src/makepath.c (make_path): Mark unchangeable argument as const. * src/util.c (create_all_directories): Mark unchangeable argument as const. (cpio_realloc_c_name): New function. (cpio_set_c_name): Use cpio_realloc_c_name. (cpio_file_stat_init,cpio_file_stat_free): New functions.
2019-11-03Remove HPUX CDF supportSergey Poznyakoff4
2019-01-15Minor fix in the testsuiteSergey Poznyakoff2
* tests/symlink-long.at: Use m4 to create dirname, instead of using bash-specific syntax.
2018-12-01Minor fixesSergey Poznyakoff2
* src/copyin.c: Remove unused variable. * src/util.c: Cast arguments to printf.
2018-12-01Fix sigfault when appending to archiveSergey Poznyakoff1
Bug reported by Ross Burton. See <http://lists.gnu.org/archive/html/bug-cpio/2018-11/msg00000.html> * src/util.c: Keep static copy of the buffer pointer; always assign it to file_hdr->c_name. Use x2realloc for memory management.
2018-06-21Fix man markupSergey Poznyakoff1
2017-04-14CVE-2016-2037 - 1 byte out-of-bounds writePavel Raiskup6
Ensure that cpio_safer_name_suffix always works with dynamically allocated buffer, and that it has size of at least 32 bytes. Then, any call to cpio_safer_name_suffix is safe (it requires at least 2 bytes in the buffer). Also ensure that c_namesize is always correctly initialized (by cpio_set_c_name) to avoid undefined behavior when reading file_hdr.c_namesize (previously happened for tar archives). References: http://www.mail-archive.com/bug-cpio@gnu.org/msg00545.html * src/copyin.c (query_rename): Drop the hack, as we now work with dynamically allocated buffer. Use cpio_set_c_name. (create_defered_links_to_skipped): Use cpio_set_c_name rather than manual assignment. (read_name_from_file): New function to avoid C&P. (read_in_old_ascii, read_in_new_ascii, read_in_binary): Use read_name_from_file. (process_copy_in): Initialize file_hdr.c_namesize. * src/copyout.c (process_copy_out): Use cpio_set_c_name. * src/cpiohdr.h (cpio_set_c_name): New prototype. * src/tar.c (read_in_tar_header): Use cpio_set_c_name. * src/util.c (cpio_set_c_name): New function to set file_hdr->c_name and c_namesize from arbitrary string. (cpio_safer_name_suffix): Some docs fixes. * tests/inout.at: Also test copy-in, and try various formats.
2017-02-06build: lint warnings in --device-independentPavel Raiskup1
Complements: 3945f9db44c935608caa5f0 * src/util.c (find_inode_val): Drop unused variable. (get_inode_and_dev): Function doesn't return any value, drop the return value in definition.
2017-01-02Update copyright yearsSergey Poznyakoff59
2016-11-10Fix the output of UTF8 file names in verbose mode.Sergey Poznyakoff4
* am/quoting.m4: New file. * configure.ac: Set default quoting style. * src/copyin.c (long_format): Use quotearg. (print_name_with_quoting): Remove. * src/extern.h (print_name_with_quoting): Remove proto.
2016-11-10Update docsSergey Poznyakoff2
* doc/cpio.texi: Prominently mention, that --absolute-file-names is the default. * doc/cpio.1: Likewise.
2016-11-10fix enable_mt configure logicMike Frysinger1
In the default case, the build_mt flag is not set. This leads to an error at configure time like: ./configure: line 26866: test: =: unary operator expected Change to use the variable name autoconf creates for us and quote it so we never get weird expansion errors.
2016-11-10Update the THANKS file.Sergey Poznyakoff1
2016-11-10Fix signed integer overflow - big block sizesgrajagandev3
2016-11-10Add test for signed integer overflowgrajagandev1
2016-11-10Fix out-of-bounds readSergey Poznyakoff1
* src/copyin.c (process_copy_in): Skip records with zero filename length.
2016-06-16bootstrap: fix bootstrap after clean clonePavel Raiskup3
* bootstrap.conf: Reintroduce changes added by c7e60954dc7945635194 and removed by cleanup in 0396591026410f9. * lib/Makefile.am: Honor the ^pax prefix. * po/POTFILES.in: Likewise.
2015-09-12Version 2.12release_2_12Sergey Poznyakoff3
2015-09-12Update docs, use gettext 0.19.6Sergey Poznyakoff58
2015-09-01Fix generation of manual directorySergey Poznyakoff3
* doc/Makefile.am: Change 'manual' goal. * doc/gendocs.sh: New file. * doc/gendocs_template: ps output is not built.
2015-09-01Remove not used filesSergey Poznyakoff4
* headers/Makefile.am: Remove. * headers/fnmatch.h: Remove. * Makefile.am: Update. * configure.ac: Update.
2015-09-01Include gnulib and paxutils as submodules.Sergey Poznyakoff11
* gnulib: New submodule. * paxutils: New submodule. * .gitignore: Updage * .gitmodules: Update * README-hacking: Update. * bootstrap: Install slightly modified version from the gnulib repo. * bootstrap.conf: Add paxutils-related stuff. * po/.gitignore: Update. * tests/symlink-bad-length.at: Fix expected output. * src/copyin.c: Tiny change. * src/util.c: Likewise.
2014-12-11Fix symlink-bad-length test for 64-bit architectures.Sergey Poznyakoff2
* src/util.c: Return non-zero exit code if EOF is hit prematurely. * tests/symlink-bad-length.at: Revert to original archive: there's no use testing for recovery, because that depends on the host architecture. Don't test for exit code as well (same reason). Account for eventual warning messages.
2014-12-11Fix error recovery in copy-in modeSergey Poznyakoff2
* src/copyin.c (copyin_link): Fix null dereference. (read_in_header): Fix error recovery (bug introduced by 27e0ae55). * tests/symlink-bad-length.at: Test error recovery. Catch various architecture-dependent error messages (suggested by Pavel Raiskup).
2014-12-02Fix typoSergey Poznyakoff1
2014-12-01BugfixSergey Poznyakoff2
* src/copyin.c (get_link_name): Fix range checking. * tests/symlink-bad-length.at: Change expected error message.
2014-12-01Fix memory overrun on reading improperly created link records.Sergey Poznyakoff5
See http://lists.gnu.org/archive/html/bug-cpio/2014-11/msg00007.html * src/copyin.c (get_link_name): New function. (list_file, copyin_link): use get_link_name * tests/symlink-bad-length.at: New file. * tests/symlink-long.at: New file. * tests/Makefile.am: Add new files. * tests/testsuite.at: Likewise.
2014-12-01New options to create device and inode-independent archives.Sergey Poznyakoff7
* src/util.c (inode_val): New member trans_inode (find_inode_val): New function. (find_inode_file): Rewrite using the above. (add_inode): Initialize the trans_inode member depending on the value of renumber_inodes_option. (get_inode_and_dev): New function. (stat_to_cpio): Use get_inode_and_dev. (arf_stores_inode_p): New function. * src/extern.h (renumber_inodes_option) (ignore_devno_option): New externs. * src/global.c (renumber_inodes_option) (ignore_devno_option): New variables. * src/main.c: Add new options. * NEWS: Document changes. * doc/cpio.1: Document new options. * doc/cpio.texi: Likewise.
2014-01-31Fix package name recognition in bootstrap.Sergey Poznyakoff1
The script logic failed if AC_INIT was split among two lines. Reported by Pavel. * bootstrap (extract_package_name): Rewrite as m4 script to allow for multiline AC_INIT.
2014-01-30Update copyright years.Sergey Poznyakoff51
2014-01-30Treat UID/GID as numeric if prefixed by + (-R option)Sergey Poznyakoff4
The IDs supplied with the -R option are treated as numeric (without looking them up in the system database), when prefixed with +. This allows to force using numeric value if a user (group) with a numeric name exists in the database. Reported by Joshua Briefman <sirgatez@gmail.com>. * src/userspec.c (parse_user_spec): Use + as an indicator of a numeric UID/GID. * doc/cpio.1: Document changes. * doc/cpio.texi: Likewise.
2014-01-30Use exit codes consistenly.Sergey Poznyakoff4
2014-01-30Improve documentation.Sergey Poznyakoff6
* .gitignore: Update. * NEWS: Update. * doc/cpio.1: Rewrite. * doc/cpio.texi: Major revamp. * src/main.c (options): Fix sectioning of the help output. (parse_opt): * src/util.c: Use PAXEXIT_FAILURE to indicate an error.
2014-01-28Distribute rmt.8; update build systemSergey Poznyakoff10
* NEWS: Update. * bootstrap (gnulib_extra_files): Remove "missing" * configure.ac: Do not distribute shar archive. Define CPIO_MT_COND * doc/Makefile.am: Always install manpages (mt.1 and rmt.8 -- depending on whether the corresponding programs are built). * doc/cpio.1: Update. * doc/mt.1: Update. * lib/Makefile.am: Use AM_CPPFLAGS instead of INCLUDES. * src/Makefile.am: Likewise. * tests/Makefile.am: Likewise.
2012-02-20Always use 32 bit CRCSergey Poznyakoff5
* src/cpiohdr.h (cpio_file_stat) <c_chksum>: Change type to uint32_t. * src/extern.h (crc): Change type to uint32_t. * src/global.c: Likewise. * src/copyout.c (read_for_checksum): Return uint32_t. * src/copyin.c: Fix printf formats.

Return to:

Send suggestions and report system problems to the System administrator.