commit: 10ca2cce4bb831646697d5308fed2bbee33a9f0f Author: Mike Frysinger <vapier <AT> gentoo <DOT> org> AuthorDate: Fri Jun 17 15:07:20 2016 +0000 Commit: Mike Frysinger <vapier <AT> gentoo <DOT> org> CommitDate: Fri Jun 17 15:08:09 2016 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=10ca2cce
sys-fs/squashfs-tools: add a few more various fixes .../files/squashfs-tools-4.3-2gb.patch | 30 ++++++++++ .../files/squashfs-tools-4.3-local-cve-fix.patch | 19 ++++++ .../files/squashfs-tools-4.3-mem-overflow.patch | 35 +++++++++++ .../files/squashfs-tools-4.3-xattrs.patch | 34 +++++++++++ sys-fs/squashfs-tools/squashfs-tools-4.3-r2.ebuild | 67 ++++++++++++++++++++++ 5 files changed, 185 insertions(+) diff --git a/sys-fs/squashfs-tools/files/squashfs-tools-4.3-2gb.patch b/sys-fs/squashfs-tools/files/squashfs-tools-4.3-2gb.patch new file mode 100644 index 0000000..467448f --- /dev/null +++ b/sys-fs/squashfs-tools/files/squashfs-tools-4.3-2gb.patch @@ -0,0 +1,30 @@ +From 9c1db6d13a51a2e009f0027ef336ce03624eac0d Mon Sep 17 00:00:00 2001 +From: "Guan, Xin" <[email protected]> +Date: Sat, 13 Sep 2014 13:15:26 +0200 +Subject: [PATCH] Fix 2GB-limit of the is_fragment(...) function. + +Applies to squashfs-tools 4.3. + +Reported-by: Bruno Wolff III <[email protected]> +Signed-off-by: Guan, Xin <[email protected]> +Signed-off-by: Phillip Lougher <[email protected]> +--- + squashfs-tools/mksquashfs.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/squashfs-tools/mksquashfs.c b/squashfs-tools/mksquashfs.c +index f1fcff1cc284..d221c35865a0 100644 +--- a/squashfs-tools/mksquashfs.c ++++ b/squashfs-tools/mksquashfs.c +@@ -2029,7 +2029,7 @@ struct file_info *duplicate(long long file_size, long long bytes, + + inline int is_fragment(struct inode_info *inode) + { +- int file_size = inode->buf.st_size; ++ off_t file_size = inode->buf.st_size; + + /* + * If this block is to be compressed differently to the +-- +2.8.2 + diff --git a/sys-fs/squashfs-tools/files/squashfs-tools-4.3-local-cve-fix.patch b/sys-fs/squashfs-tools/files/squashfs-tools-4.3-local-cve-fix.patch new file mode 100644 index 0000000..7637f67 --- /dev/null +++ b/sys-fs/squashfs-tools/files/squashfs-tools-4.3-local-cve-fix.patch @@ -0,0 +1,19 @@ +taken from Fedora + +commit af393379e34c5677f95bbec11645b6c3028195b4 +Author: Bruno Wolff III <[email protected]> +Date: Wed Jun 24 14:27:31 2015 -0500 + +Update printf formats to match datatypes after CVE patch + +--- squashfs-tools/unsquash-4.c ++++ squashfs-tools/unsquash-4.c +@@ -35,7 +35,7 @@ + size_t indexes = SQUASHFS_FRAGMENT_INDEXES(sBlk.s.fragments); + long long *fragment_table_index; + +- TRACE("read_fragment_table: %d fragments, reading %d fragment indexes " ++ TRACE("read_fragment_table: %u fragments, reading %zu fragment indexes " + "from 0x%llx\n", sBlk.s.fragments, indexes, + sBlk.s.fragment_table_start); + diff --git a/sys-fs/squashfs-tools/files/squashfs-tools-4.3-mem-overflow.patch b/sys-fs/squashfs-tools/files/squashfs-tools-4.3-mem-overflow.patch new file mode 100644 index 0000000..a9b0001 --- /dev/null +++ b/sys-fs/squashfs-tools/files/squashfs-tools-4.3-mem-overflow.patch @@ -0,0 +1,35 @@ +taken from Fedora + +From 604b607d8ac91eb8afc0b6e3d917d5c073096103 Mon Sep 17 00:00:00 2001 +From: Phillip Lougher <[email protected]> +Date: Wed, 11 Jun 2014 04:51:37 +0100 +Subject: mksquashfs: ensure value does not overflow a signed int in -mem + option + +Signed-off-by: Phillip Lougher <[email protected]> + +diff --git a/squashfs-tools/mksquashfs.c b/squashfs-tools/mksquashfs.c +index 5370ecf..9676dc8 100644 +--- a/squashfs-tools/mksquashfs.c ++++ b/squashfs-tools/mksquashfs.c +@@ -5193,7 +5193,16 @@ print_compressor_options: + argv[0]); + exit(1); + } +- /* convert from bytes to Mbytes */ ++ ++ /* ++ * convert from bytes to Mbytes, ensuring the value ++ * does not overflow a signed int ++ */ ++ if(number >= (1LL << 51)) { ++ ERROR("%s: -mem invalid mem size\n", argv[0]); ++ exit(1); ++ } ++ + total_mem = number / 1048576; + if(total_mem < (SQUASHFS_LOWMEM / SQUASHFS_TAKE)) { + ERROR("%s: -mem should be %d Mbytes or " +-- +cgit v0.10.1 + diff --git a/sys-fs/squashfs-tools/files/squashfs-tools-4.3-xattrs.patch b/sys-fs/squashfs-tools/files/squashfs-tools-4.3-xattrs.patch new file mode 100644 index 0000000..47b0ea5 --- /dev/null +++ b/sys-fs/squashfs-tools/files/squashfs-tools-4.3-xattrs.patch @@ -0,0 +1,34 @@ +From ffe9e55c4993422ce36213fa86d4fc29c22646ea Mon Sep 17 00:00:00 2001 +From: Wessel Dankers <[email protected]> +Date: Fri, 17 Jun 2016 09:46:42 +0800 +Subject: [PATCH] unsquashfs: Correctly set file capabilities + +As posted on https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=804194. +--- + squashfs-tools/unsquashfs.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/squashfs-tools/unsquashfs.c b/squashfs-tools/unsquashfs.c +index 1323dd6..a5f0117 100644 +--- a/squashfs-tools/unsquashfs.c ++++ b/squashfs-tools/unsquashfs.c +@@ -821,8 +821,6 @@ int set_attributes(char *pathname, int mode, uid_t uid, gid_t guid, time_t time, + { + struct utimbuf times = { time, time }; + +- write_xattr(pathname, xattr); +- + if(utime(pathname, ×) == -1) { + ERROR("set_attributes: failed to set time on %s, because %s\n", + pathname, strerror(errno)); +@@ -845,6 +843,8 @@ int set_attributes(char *pathname, int mode, uid_t uid, gid_t guid, time_t time, + return FALSE; + } + ++ write_xattr(pathname, xattr); ++ + return TRUE; + } + +-- +2.8.0.rc3.226.g39d4020 diff --git a/sys-fs/squashfs-tools/squashfs-tools-4.3-r2.ebuild b/sys-fs/squashfs-tools/squashfs-tools-4.3-r2.ebuild new file mode 100644 index 0000000..74247ab --- /dev/null +++ b/sys-fs/squashfs-tools/squashfs-tools-4.3-r2.ebuild @@ -0,0 +1,67 @@ +# Copyright 1999-2016 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="5" + +inherit eutils toolchain-funcs + +DEB_VER="3" + +DESCRIPTION="Tool for creating compressed filesystem type squashfs" +HOMEPAGE="http://squashfs.sourceforge.net"; +SRC_URI="mirror://sourceforge/squashfs/squashfs${PV}.tar.gz + mirror://debian/pool/main/${PN:0:1}/${PN}/${PN}_${PV}-${DEB_VER}.debian.tar.xz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" +IUSE="lz4 lzma lzo xattr +xz" + +RDEPEND=" + sys-libs/zlib + !xz? ( !lzo? ( sys-libs/zlib ) ) + lz4? ( app-arch/lz4 ) + lzma? ( app-arch/xz-utils ) + lzo? ( dev-libs/lzo ) + xattr? ( sys-apps/attr ) + xz? ( app-arch/xz-utils ) +" +DEPEND="${RDEPEND}" + +S="${WORKDIR}/squashfs${PV}/${PN}" + +src_prepare() { + epatch "${WORKDIR}"/debian/patches/*.patch + epatch "${FILESDIR}"/${P}-sysmacros.patch + epatch "${FILESDIR}"/${P}-aligned-data.patch + epatch "${FILESDIR}"/${P}-2gb.patch + epatch "${FILESDIR}"/${P}-local-cve-fix.patch + epatch "${FILESDIR}"/${P}-mem-overflow.patch + epatch "${FILESDIR}"/${P}-xattrs.patch +} + +use10() { usex $1 1 0 ; } + +src_configure() { + # set up make command line variables in EMAKE_SQUASHFS_CONF + EMAKE_SQUASHFS_CONF=( + LZMA_XZ_SUPPORT=$(use10 lzma) + LZO_SUPPORT=$(use10 lzo) + LZ4_SUPPORT=$(use10 lz4) + XATTR_SUPPORT=$(use10 xattr) + XZ_SUPPORT=$(use10 xz) + ) + + tc-export CC +} + +src_compile() { + emake "${EMAKE_SQUASHFS_CONF[@]}" +} + +src_install() { + dobin mksquashfs unsquashfs + cd .. + dodoc CHANGES PERFORMANCE.README pseudo-file.example README* OLD-READMEs/* + doman "${WORKDIR}"/debian/manpages/*.[0-9] +}
