Thu May 14 14:54:55 2015 UTC ()
Patch an out of bounds reads obtained from:
https://github.com/libarchive/libarchive/issues/502
https://github.com/libarchive/libarchive/commit/e6c9668f3202215ddb71617b41c19b6f05acf008
Bump PKGREVISION.

Reviewed by bsiegert@


(sevan)
diff -r1.2 -r1.3 pkgsrc/archivers/libarchive/Makefile.common
diff -r1.4 -r1.5 pkgsrc/archivers/libarchive/files/libarchive/archive_read.c
cvs diff -r1.2 -r1.3 pkgsrc/archivers/libarchive/Makefile.common (expand / switch to unified diff)

--- pkgsrc/archivers/libarchive/Makefile.common 2015/02/08 00:14:33 1.2
+++ pkgsrc/archivers/libarchive/Makefile.common 2015/05/14 14:54:55 1.3
@@ -1,18 +1,19 @@ @@ -1,18 +1,19 @@
1# $NetBSD: Makefile.common,v 1.2 2015/02/08 00:14:33 wiz Exp $ 1# $NetBSD: Makefile.common,v 1.3 2015/05/14 14:54:55 sevan Exp $
2# used by archivers/bsdtar/Makefile 2# used by archivers/bsdtar/Makefile
3# used by archivers/libarchive/Makefile 3# used by archivers/libarchive/Makefile
4 4
5DISTNAME= libarchive-3.1.2 5DISTNAME= libarchive-3.1.2
 6PKGREVISION= 1
6CATEGORIES= archivers 7CATEGORIES= archivers
7MASTER_SITES= http://www.libarchive.org/downloads/ 8MASTER_SITES= http://www.libarchive.org/downloads/
8DISTFILES= # empty 9DISTFILES= # empty
9 10
10MAINTAINER?= joerg@NetBSD.org 11MAINTAINER?= joerg@NetBSD.org
11HOMEPAGE= http://www.libarchive.org/ 12HOMEPAGE= http://www.libarchive.org/
12LICENSE= 2-clause-bsd 13LICENSE= 2-clause-bsd
13 14
14TEST_TARGET= check 15TEST_TARGET= check
15GNU_CONFIGURE= yes 16GNU_CONFIGURE= yes
16CONFIGURE_ARGS+= --without-expat 17CONFIGURE_ARGS+= --without-expat
17CONFIGURE_ARGS+= --without-lzo2 18CONFIGURE_ARGS+= --without-lzo2
18CONFIGURE_ARGS+= --without-nettle 19CONFIGURE_ARGS+= --without-nettle
cvs diff -r1.4 -r1.5 pkgsrc/archivers/libarchive/files/libarchive/archive_read.c (expand / switch to unified diff)

--- pkgsrc/archivers/libarchive/files/libarchive/archive_read.c 2015/01/17 12:44:50 1.4
+++ pkgsrc/archivers/libarchive/files/libarchive/archive_read.c 2015/05/14 14:54:55 1.5
@@ -1384,26 +1384,28 @@ __archive_read_filter_ahead(struct archi @@ -1384,26 +1384,28 @@ __archive_read_filter_ahead(struct archi
1384 */ 1384 */
1385int64_t 1385int64_t
1386__archive_read_consume(struct archive_read *a, int64_t request) 1386__archive_read_consume(struct archive_read *a, int64_t request)
1387{ 1387{
1388 return (__archive_read_filter_consume(a->filter, request)); 1388 return (__archive_read_filter_consume(a->filter, request));
1389} 1389}
1390 1390
1391int64_t 1391int64_t
1392__archive_read_filter_consume(struct archive_read_filter * filter, 1392__archive_read_filter_consume(struct archive_read_filter * filter,
1393 int64_t request) 1393 int64_t request)
1394{ 1394{
1395 int64_t skipped; 1395 int64_t skipped;
1396 1396
 1397 if (request < 0)
 1398 return ARCHIVE_FATAL;
1397 if (request == 0) 1399 if (request == 0)
1398 return 0; 1400 return 0;
1399 1401
1400 skipped = advance_file_pointer(filter, request); 1402 skipped = advance_file_pointer(filter, request);
1401 if (skipped == request) 1403 if (skipped == request)
1402 return (skipped); 1404 return (skipped);
1403 /* We hit EOF before we satisfied the skip request. */ 1405 /* We hit EOF before we satisfied the skip request. */
1404 if (skipped < 0) /* Map error code to 0 for error message below. */ 1406 if (skipped < 0) /* Map error code to 0 for error message below. */
1405 skipped = 0; 1407 skipped = 0;
1406 archive_set_error(&filter->archive->archive, 1408 archive_set_error(&filter->archive->archive,
1407 ARCHIVE_ERRNO_MISC, 1409 ARCHIVE_ERRNO_MISC,
1408 "Truncated input file (needed %jd bytes, only %jd available)", 1410 "Truncated input file (needed %jd bytes, only %jd available)",
1409 (intmax_t)request, (intmax_t)skipped); 1411 (intmax_t)request, (intmax_t)skipped);