| Age | Commit message (Collapse) | Author | Files |
|---|
|
|
|
* src/copyin.c (symlink_placeholder): Try to create leading
directories if unable to create placeholder.
|
|
modes.
* gnulib.modules: Replace utimens with fdutimensat.
* paxutils: Upgrade.
* src/copyin.c: Update calls to set_file_times.
(copyin_link,replace_symlink_placeholders): Call set_file_times if needed.
* src/copyout.c: Update calls to set_file_times.
* src/copypass.c (process_copy_pass): Update calls to set_file_times.
Call set_file_times to restore times of extracted symlinks.
* src/extern.h (set_file_times): Take additional argument.
* src/util.c
(set_file_times): Take additional argument. Use fdutimensat to do the
job.
* tests/linktime.at: New file.
* tests/linktime01.at: New file.
* tests/Makefile.am: Add new files.
* tests/testsuite.at: Include new tests.
|
|
Problem reported by Dan Jacobson (Bug#50694).
* gnulib.modules: Add gettime, timespec.
* src/copyin.c: Include timespec.h.
(current_time): Now struct timespec, not time_t. All uses changed.
(long_format): When formatting a timestamp, use the same algorithm that
GNU ls does to decide whether a file is recent.
|
|
* src/copyin.c (long_format): Fix some unlikely integer overflow bugs.
Work even if (current_time - when) overflows, which is
possible if time_t is unsigned.
Do not assume that system integer types fit into unsigned long.
Simplify by using %ju. No need for local tbuf array.
|
|
|
|
* src/extern.h (last_header_start): Change type to off_t.
* src/global.c: Likewise.
* src/util.c (prepare_append): Use off_t for file offsets.
|
|
In copy-out mode, when appending, change_dir() would be called twice,
because process_copy_in() calls change_dir(). If --directory=DIR was
used with a relative path, this would result in incorrectly trying to
change to DIR/DIR. To fix this, change_dir() is only called
explicitly when not appending.
Patch by Alyssa Ross <hi@alyssa.is>
* src/copyout.c (process_copy_out): Don't call change_dir if
append_flag is set: it is going to be called by process_copy_in.
|
|
Thus option is valid in copy-out mode. It instructs cpio to always
assume link count for directories to be 2. It is implied by
--reproducible.
* NEWS: Document changes.
* doc/cpio.1: Likewise.
* doc/cpio.texi: Likewise.
* src/copyout.c (process_copy_out): If ignore_dirnlink_option is set,
assume c_nlink is 2.
* src/extern.h (ignore_dirnlink_option): New extern.
* src/global.c (ignore_dirnlink_option): New global.
* src/main.c: New option --ignore-dirnlink.
The option --reproducible implies --ignore-dirnlink.
|
|
The commit in question brought in more problems than solutions. To
properly fix the issue, use symlink placeholders, modelled after
delayed symlinks in tar.
* src/copyin.c (symlink_placeholder)
(replace_symlink_placeholders): New functions.
(copyin_link): Create symlink placeholder if --no-absolute-filenames
was given.
(process_copy_in): Replace placeholders after extraction.
* tests/CVE-2015-1197.at: Update. Don't use /tmp.
|
|
* am/pack.m4: Don't use obsolete macros.
* configure.ac: Likewise.
Require autoconf 2.71
* paxutils: Upgrade.
* src/extern.h (STRINGIFY_BIGINT, UINTMAX_STRSIZE_BOUND): New definitions.
(parse_user_spec): Change signature.
* src/main.c: Update call to parse_user_spec.
* src/idcache.c: Include extern.h
* src/userspec.c: Likewise.
|
|
* src/copyout.c (read_for_checksum): Fix type of the file_size argument.
Rewrite the reading loop.
Original patch by Stefano Babic <sbabic@denx.de>
|
|
|
|
|
|
* src/util.c (tape_empty_output_buffer): Fix condition.
|
|
* gnulib.modules: Request inttostr
* src/idcache.c (getuser,getgroup): Use umaxtostr instead of sprintf.
* src/userspec.c (parse_user_spec): Likewise.
|
|
* src/dstring.c (ds_resize): Take additional argument: number of
bytes to leave available after ds_idx. All uses changed.
|
|
* src/dstring.c (ds_reset,ds_concat): Don't call ds_resize in a
loop.
|
|
* src/dstring.c (ds_init): Take a single argument.
(ds_free): New function.
(ds_resize): Take a single argument. Use x2nrealloc to expand
the storage.
(ds_reset,ds_append,ds_concat,ds_endswith): New function.
(ds_fgetstr): Rewrite. In particular, this fixes integer overflow.
* src/dstring.h (dynamic_string): Keep both the allocated length
(ds_size) and index of the next free byte in the string (ds_idx).
(ds_init,ds_resize): Change signature.
(ds_len): New macro.
(ds_free,ds_reset,ds_append,ds_concat,ds_endswith): New protos.
* src/copyin.c: Use new ds_ functions.
* src/copyout.c: Likewise.
* src/copypass.c: Likewise.
* src/util.c: Likewise.
|
|
|
|
* NEWS: Raise version number.
* configure.ac: Raise version number to 2.13.90.
Raise autoconf and automake requirements.
* gnulib: Pull v0.1-4336-gbdae9a5
* gnulib.modules: Remove getopt
* src/copyin.c (long_format): Cast rdev numbers to unsigned long
|
|
|
|
|
|
* src/global.c: Remove superfluous declaration of program_name
|
|
Previously the members of cpio_file_stat that hold device major and
minor numbers were signed (long). This caused issues when the device
number was cast to unsigned value (uintmax_t) during a call to
to_ascii or derived function. In particular, on *BSD systems minor
numbers are negative ints. When such numbers are passed to to_ascii,
the resulting unsigned representation does not fit into the target
field width. For details, see
https://lists.gnu.org/archive/html/bug-cpio/2019-11/msg00012.html
To fix this, the return types are autodetected by configure. The types
of the c_dev_maj, c_dev_min, c_rdev_maj, and c_rdev_min members of
struct cpio_file_stat are changed to unsigned versions of the
corresponding detected types. This ensures that the value returned from
major (or minor) will not undergo sign extension during assignment to the
struct member and can be correctly promoted to a wider unsigned data
type.
* am/ax_compile_check_rettype.m4: New macro AC_COMPILE_CHECK_RETTYPE
* configure.ac: Detect return types of major(3) and minor(3).
* src/cpiohdr.h (cpio_file_stat): Change types of c_dev_maj, c_dev_min,
c_rdev_maj, c_rdev_min.
|
|
Device minor and major numbers are meaningful only for devices.
Don't attempt to store them for other files. Instead fill the
corresponding fields with zeros.
* src/util.c (stat_to_cpio): Initialize c_rdev_maj and c_rdev_min
from struct stat only if the file is a device, otherwise set them
to zero.
|
|
* src/copyin.c (read_name_from_file): Handle len == 0.
|
|
* src/copyin.c (read_name_from_file): Print error message and
skip file if its name is not nul-terminated.
|
|
* NEWS: Describe new version.
* configure.ac: version 2.13
* src/copyin.c: Fix strict aliasing violation.
* tests/CVE-2019-14866.at: New file.
* tests/Makefile.am: Add new test.
* tests/testsuite.at: Add new test,
|
|
* doc/cpio.texi: Document URLs of the mailing list archive and
subscription interface.
* src/copyin.c (try_existing_file): Change type of the last argument.
(copyin_file): Initialize existing_dir.
* src/dstring.c: Include xalloc.h
* src/filemode.c (mode_string): mode is unsigned int.
|
|
|
|
* src/main.c (process_args): Don't specify the "Try cpio --help"
message explicitly. It is added automatically by the USAGE_ERROR
macro.
|
|
* src/copyout.c (to_ascii): Additional argument nul controls whether
to add the terminating nul character.
(field_width_error): Improve diagnostics: print the actual and the
maximum allowed field value.
* src/extern.h (to_ascii, field_width_error): New prototypes.
* src/tar.c (to_oct): Remove.
(to_oct_or_error): New function.
(TO_OCT): New macro.
(write_out_tar_header): Use TO_OCT and to_ascii. Return 0 on
success, 1 on error.
|
|
* src/copyin.c (copyin_link): Force safer name suffix for symbolic links.
* tests/CVE-2015-1197.at: New file.
* tests/Makefile.am: Add new test case.
* tests/testsuite.at: Likewise.
|
|
* src/copyin.c (long_format): Mark unchangeable argument as const.
(read_name_from_file): Use cpio_realloc_c_name.
(process_copy_in): Use CPIO_FILE_STAT_INITIALIZER.
Call cpio_file_stat_free before return.
* src/copyout.c (process_copy_out): Likewise.
* src/copypass.c (link_to_name): Mark unchangeable argument as const.
* src/cpiohdr.h (cpio_file_stat) <c_name_buflen>: New member,
<c_tar_linkname>: Mark as const.
(CPIO_FILE_STAT_INITIALIZER): New define.
(cpio_file_stat_init,cpio_file_stat_free)
(cpio_realloc_c_name): New protos.
* src/extern.h: Fix prototypes.
* src/makepath.c (make_path): Mark unchangeable argument as const.
* src/util.c (create_all_directories): Mark unchangeable argument
as const.
(cpio_realloc_c_name): New function.
(cpio_set_c_name): Use cpio_realloc_c_name.
(cpio_file_stat_init,cpio_file_stat_free): New functions.
|
|
|
|
* src/copyin.c: Remove unused variable.
* src/util.c: Cast arguments to printf.
|
|
Bug reported by Ross Burton. See
<http://lists.gnu.org/archive/html/bug-cpio/2018-11/msg00000.html>
* src/util.c: Keep static copy of the buffer pointer; always
assign it to file_hdr->c_name. Use x2realloc for memory management.
|
|
Ensure that cpio_safer_name_suffix always works with dynamically
allocated buffer, and that it has size of at least 32 bytes.
Then, any call to cpio_safer_name_suffix is safe (it requires at
least 2 bytes in the buffer).
Also ensure that c_namesize is always correctly initialized (by
cpio_set_c_name) to avoid undefined behavior when reading
file_hdr.c_namesize (previously happened for tar archives).
References:
http://www.mail-archive.com/bug-cpio@gnu.org/msg00545.html
* src/copyin.c (query_rename): Drop the hack, as we now work with
dynamically allocated buffer. Use cpio_set_c_name.
(create_defered_links_to_skipped): Use cpio_set_c_name rather than
manual assignment.
(read_name_from_file): New function to avoid C&P.
(read_in_old_ascii, read_in_new_ascii, read_in_binary): Use
read_name_from_file.
(process_copy_in): Initialize file_hdr.c_namesize.
* src/copyout.c (process_copy_out): Use cpio_set_c_name.
* src/cpiohdr.h (cpio_set_c_name): New prototype.
* src/tar.c (read_in_tar_header): Use cpio_set_c_name.
* src/util.c (cpio_set_c_name): New function to set
file_hdr->c_name and c_namesize from arbitrary string.
(cpio_safer_name_suffix): Some docs fixes.
* tests/inout.at: Also test copy-in, and try various formats.
|
|
Complements: 3945f9db44c935608caa5f0
* src/util.c (find_inode_val): Drop unused variable.
(get_inode_and_dev): Function doesn't return any value, drop the
return value in definition.
|
|
|
|
* am/quoting.m4: New file.
* configure.ac: Set default quoting style.
* src/copyin.c (long_format): Use quotearg.
(print_name_with_quoting): Remove.
* src/extern.h (print_name_with_quoting): Remove proto.
|
|
|
|
* src/copyin.c (process_copy_in): Skip records with zero filename length.
|
|
|
|
* gnulib: New submodule.
* paxutils: New submodule.
* .gitignore: Updage
* .gitmodules: Update
* README-hacking: Update.
* bootstrap: Install slightly modified version from the gnulib repo.
* bootstrap.conf: Add paxutils-related stuff.
* po/.gitignore: Update.
* tests/symlink-bad-length.at: Fix expected output.
* src/copyin.c: Tiny change.
* src/util.c: Likewise.
|
|
* src/util.c: Return non-zero exit code if EOF is hit prematurely.
* tests/symlink-bad-length.at: Revert to original archive: there's
no use testing for recovery, because that depends on the host
architecture. Don't test for exit code as well (same reason).
Account for eventual warning messages.
|
|
* src/copyin.c (copyin_link): Fix null dereference.
(read_in_header): Fix error recovery (bug introduced by
27e0ae55).
* tests/symlink-bad-length.at: Test error recovery.
Catch various architecture-dependent error messages (suggested
by Pavel Raiskup).
|
|
|
|
* src/copyin.c (get_link_name): Fix range checking.
* tests/symlink-bad-length.at: Change expected error message.
|
