Your message dated Sun, 04 Sep 2005 08:47:05 -0700
with message-id <[EMAIL PROTECTED]>
and subject line Bug#238177: fixed in cpio 2.6-5
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 15 Mar 2004 19:34:32 +0000
>From [EMAIL PROTECTED] Mon Mar 15 11:34:32 2004
Return-path: <[EMAIL PROTECTED]>
Received: from smtp6.wanadoo.fr (mwinf0602.wanadoo.fr) [193.252.22.25]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1B2xr6-00060W-00; Mon, 15 Mar 2004 11:34:32 -0800
Received: from snort (AGrenoble-203-1-25-244.w81-250.abo.wanadoo.fr
[81.250.22.244])
by mwinf0602.wanadoo.fr (SMTP Server) with ESMTP
id 494F954006EA; Mon, 15 Mar 2004 20:34:00 +0100 (CET)
Received: from dwhedon by snort with local (Exim 3.36 #1 (Debian))
id 1B2xqX-0004Wf-00; Mon, 15 Mar 2004 20:33:57 +0100
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: David Kimdon <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: cpio: overflow in mtime for 'ustar' format
X-Mailer: reportbug 2.50
Date: Mon, 15 Mar 2004 20:33:57 +0100
Message-Id: <[EMAIL PROTECTED]>
Sender: David Kimdon <[EMAIL PROTECTED]>
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_12
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-7.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2004_03_12
X-Spam-Level:
Package: cpio
Version: 2.5-1.1
Severity: important
Hi,
The current cpio creates tar archives with bad dates if the file's
mtime is after about January 11, 2004 [1]. The problem is in the 12
byte 'mtime' field of the tar header which only contains 10 octal
digits since a trailing NUL _and_ SPACE is appended. This makes the
maximum date that can be archived about (1970 + 34) years.
Based on some references [2] it looks like the 'mtime' and 'size'
should not contain the trailing NUL. Below is a patch that fixes the
problem [3].
This is marked as important because some software will reject files
with impossibly old mtimes (a recent upload into Debian was rejected
for that reason). I ended up needing to redo the upload after
touching all the files in the archive.
-David
[1] : Demonstration showing the bad date. The file
extracted/orig/bad-date will have an mtime of Jan 1, 1970.
mkdir orig
# Set date stamp to Jan 10, 2004 15:00
touch -t 200401101500 orig/bad-date
find orig -print | cpio -H ustar -o > orig.tar
mkdir extracted
(cd extracted && tar -xf ../orig.tar)
ls -l extracted/orig/
[2] : Here are two references that indicate we should remove the NUL,
see the pages themselves for full context. I don't have a copy of the
standard, so I can't tell for sure what the standard says.
http://www.cs.rit.edu/~hpb/Man/_Man_SunOS_4.1.3_html/html5/tar.5.html
"The other fields are zero-filled octal numbers in ASCII. Each field
(of width w) contains w-2 digits, a SPACE, and a null character,
except size and mtime, which do not contain the trailing null. "
http://www.mkssoftware.com/docs/man4/tar.4.asp
"All other fields are zero-filled octal numbers, in ASCII. Trailing
nulls are present for these numbers, except for the size, mtime, and
version fields."
[3] : A patch to fix the problem.
* tar.c (to_oct_no_nul) : New function. Creates an ascii octal number
with a trailing space but no trailing NUL.
(write_out_tar_header) : 'size' and 'mtime' fields should not have
the trailing NUL appended. Including the NUL can lead to overflow
of dates after about January 11, 2004 or sizes greater than about
1 GB.
--- tar.c.orig 2004-03-15 19:58:03.504727318 +0100
+++ tar.c 2004-03-15 19:59:41.803936327 +0100
@@ -27,6 +27,7 @@
#include "tarhdr.h"
static void to_oct ();
+static void to_oct_no_nul ();
static char *stash_tar_linkname ();
static char *stash_tar_filename ();
@@ -97,8 +98,8 @@
to_oct (file_hdr->c_mode, 8, tar_hdr->mode);
to_oct (file_hdr->c_uid, 8, tar_hdr->uid);
to_oct (file_hdr->c_gid, 8, tar_hdr->gid);
- to_oct (file_hdr->c_filesize, 12, tar_hdr->size);
- to_oct (file_hdr->c_mtime, 12, tar_hdr->mtime);
+ to_oct_no_nul (file_hdr->c_filesize, 12, tar_hdr->size);
+ to_oct_no_nul (file_hdr->c_mtime, 12, tar_hdr->mtime);
switch (file_hdr->c_mode & CP_IFMT)
{
@@ -446,6 +447,21 @@
where[--digits] = ' ';
}
+/* Convert a number into a string of octal digits.
+ Convert long VALUE into a DIGITS-digit field at WHERE,
+ including a trailing space. DIGITS==2 means
+ 1 digit, and a space.
+*/
+
+static void
+to_oct_no_nul (value, digits, where)
+ register long value;
+ register int digits;
+ register char *where;
+{
+ to_oct (value, digits + 1, where);
+}
+
/* Return
2 if BUF is a valid POSIX tar header (the checksum is correct
and it has the "ustar" magic string),
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing')
Architecture: powerpc (ppc)
Kernel: Linux 2.6.3-ben2
Locale: LANG=C, LC_CTYPE=C
Versions of packages cpio depends on:
ii libc6 2.3.2.ds1-11 GNU C Library: Shared libraries an
-- no debconf information
---------------------------------------
Received: (at 238177-close) by bugs.debian.org; 4 Sep 2005 15:49:35 +0000
>From [EMAIL PROTECTED] Sun Sep 04 08:49:35 2005
Return-path: <[EMAIL PROTECTED]>
Received: from katie by spohr.debian.org with local (Exim 3.36 1 (Debian))
id 1EBwi1-0006HA-00; Sun, 04 Sep 2005 08:47:05 -0700
From: Clint Adams <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.56 $
Subject: Bug#238177: fixed in cpio 2.6-5
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Sun, 04 Sep 2005 08:47:05 -0700
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
Source: cpio
Source-Version: 2.6-5
We believe that the bug you reported is fixed in the latest version of
cpio, which is due to be installed in the Debian FTP archive:
cpio_2.6-5.diff.gz
to pool/main/c/cpio/cpio_2.6-5.diff.gz
cpio_2.6-5.dsc
to pool/main/c/cpio/cpio_2.6-5.dsc
cpio_2.6-5_sparc.deb
to pool/main/c/cpio/cpio_2.6-5_sparc.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Clint Adams <[EMAIL PROTECTED]> (supplier of updated cpio package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sun, 4 Sep 2005 10:44:40 -0400
Source: cpio
Binary: cpio
Architecture: source sparc
Version: 2.6-5
Distribution: unstable
Urgency: medium
Maintainer: Clint Adams <[EMAIL PROTECTED]>
Changed-By: Clint Adams <[EMAIL PROTECTED]>
Description:
cpio - GNU cpio -- a program to manage archives of files
Closes: 238177 322608 323141 326090
Changes:
cpio (2.6-5) unstable; urgency=medium
.
* Fix 'ustar' format mtime overflow. closes: #238177.
* Fix symlink dereferencing problem.
closes: #322608, #323141, #326090.
Files:
e3440a12081120e5b4a566c72bd90721 546 utils important cpio_2.6-5.dsc
d9ceecb337afc397ac5c6fe8efc160fd 84297 utils important cpio_2.6-5.diff.gz
685b0f8d59c70a20244a1839b40de6e2 125740 utils important cpio_2.6-5_sparc.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Debian!
iD8DBQFDGxSP5m0u66uWM3ARAiFOAJ4igZL55OrMBMAb1ZSNjIdiiqxiYACffpu2
nRzp/otmxRbe1A7Cb9t1jKg=
=YFsl
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
