diff --git a/.gitignore b/.gitignore index 47a690b..e85e645 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -cpio-2.11.tar.bz2 +/cpio-2.12.tar.bz2 diff --git a/cpio-2.10-longnames-split.patch b/cpio-2.10-longnames-split.patch index d4517b1..6f4ba6e 100644 --- a/cpio-2.10-longnames-split.patch +++ b/cpio-2.10-longnames-split.patch @@ -1,8 +1,15 @@ +From: Pavel Raiskup +Date: Mon, 14 Sep 2015 09:49:12 +0200 +Subject: [PATCH 6/7] Fix for splitting long file names while creating ustar + archive + +Resolves: #866467 + diff --git a/src/tar.c b/src/tar.c -index 97d74bc..6de8961 100644 +index a2ce171..e2b5f45 100644 --- a/src/tar.c +++ b/src/tar.c -@@ -48,10 +48,12 @@ split_long_name (const char *name, size_t length) +@@ -49,10 +49,12 @@ split_long_name (const char *name, size_t length) { size_t i; diff --git a/cpio-2.10-patternnamesigsegv.patch b/cpio-2.10-patternnamesigsegv.patch index c3b9420..27e3742 100644 --- a/cpio-2.10-patternnamesigsegv.patch +++ b/cpio-2.10-patternnamesigsegv.patch @@ -1,10 +1,17 @@ -diff -urNp cpio-2.10-orig/src/copyin.c cpio-2.10/src/copyin.c ---- cpio-2.10-orig/src/copyin.c 2010-02-22 12:57:59.000000000 +0100 -+++ cpio-2.10/src/copyin.c 2010-02-22 12:55:26.000000000 +0100 -@@ -944,20 +944,23 @@ read_pattern_file () +From: =?UTF-8?q?Ond=C5=99ej=20Va=C5=A1=C3=ADk?= +Date: Mon, 14 Sep 2015 09:47:05 +0200 +Subject: [PATCH 5/7] fix segfault with nonexisting file with patternnames + (#567022) + +diff --git a/src/copyin.c b/src/copyin.c +index 12bd27c..183b5b5 100644 +--- a/src/copyin.c ++++ b/src/copyin.c +@@ -870,21 +870,24 @@ read_pattern_file () + pattern_fp = fopen (pattern_file_name, "r"); if (pattern_fp == NULL) - open_error (pattern_file_name); +- open_fatal (pattern_file_name); - while (ds_fgetstr (pattern_fp, &pattern_name, '\n') != NULL) - { - if (new_num_patterns >= max_new_patterns) @@ -19,6 +26,7 @@ diff -urNp cpio-2.10-orig/src/copyin.c cpio-2.10/src/copyin.c - } - if (ferror (pattern_fp) || fclose (pattern_fp) == EOF) - close_error (pattern_file_name); ++ open_error (pattern_file_name); + else + { + while (ds_fgetstr (pattern_fp, &pattern_name, '\n') != NULL) diff --git a/cpio-2.11-CVE-2014-9112.patch b/cpio-2.11-CVE-2014-9112.patch deleted file mode 100644 index 64fec9f..0000000 --- a/cpio-2.11-CVE-2014-9112.patch +++ /dev/null @@ -1,212 +0,0 @@ -diff --git a/src/copyin.c b/src/copyin.c -index d505407..db8ee66 100644 ---- a/src/copyin.c -+++ b/src/copyin.c -@@ -124,10 +124,30 @@ tape_skip_padding (int in_file_des, off_t offset) - if (pad != 0) - tape_toss_input (in_file_des, pad); - } -- -+ -+static char * -+get_link_name (struct cpio_file_stat *file_hdr, int in_file_des) -+{ -+ char *link_name; -+ -+ if (file_hdr->c_filesize < 0 || file_hdr->c_filesize > SIZE_MAX-1) -+ { -+ error (0, 0, _("%s: stored filename length is out of range"), -+ file_hdr->c_name); -+ link_name = NULL; -+ } -+ else -+ { -+ link_name = xmalloc (file_hdr->c_filesize + 1); -+ tape_buffered_read (link_name, in_file_des, file_hdr->c_filesize); -+ link_name[file_hdr->c_filesize] = '\0'; -+ tape_skip_padding (in_file_des, file_hdr->c_filesize); -+ } -+ return link_name; -+} - - static void --list_file(struct cpio_file_stat* file_hdr, int in_file_des) -+list_file (struct cpio_file_stat* file_hdr, int in_file_des) - { - if (verbose_flag) - { -@@ -136,21 +156,16 @@ list_file(struct cpio_file_stat* file_hdr, int in_file_des) - { - if (archive_format != arf_tar && archive_format != arf_ustar) - { -- char *link_name = NULL; /* Name of hard and symbolic links. */ -- -- link_name = (char *) xmalloc ((unsigned int) file_hdr->c_filesize + 1); -- link_name[file_hdr->c_filesize] = '\0'; -- tape_buffered_read (link_name, in_file_des, file_hdr->c_filesize); -- long_format (file_hdr, link_name); -- free (link_name); -- tape_skip_padding (in_file_des, file_hdr->c_filesize); -- return; -+ char *link_name = get_link_name (file_hdr, in_file_des); -+ if (link_name) -+ { -+ long_format (file_hdr, link_name); -+ free (link_name); -+ } - } - else -- { -- long_format (file_hdr, file_hdr->c_tar_linkname); -- return; -- } -+ long_format (file_hdr, file_hdr->c_tar_linkname); -+ return; - } - else - #endif -@@ -650,10 +665,7 @@ copyin_link(struct cpio_file_stat *file_hdr, int in_file_des) - - if (archive_format != arf_tar && archive_format != arf_ustar) - { -- link_name = (char *) xmalloc ((unsigned int) file_hdr->c_filesize + 1); -- link_name[file_hdr->c_filesize] = '\0'; -- tape_buffered_read (link_name, in_file_des, file_hdr->c_filesize); -- tape_skip_padding (in_file_des, file_hdr->c_filesize); -+ link_name = get_link_name (file_hdr, in_file_des); - } - else - { -diff --git a/tests/Makefile.am b/tests/Makefile.am -index b3e8e60..cf186da 100644 ---- a/tests/Makefile.am -+++ b/tests/Makefile.am -@@ -52,6 +52,8 @@ TESTSUITE_AT = \ - setstat04.at\ - setstat05.at\ - symlink.at\ -+ symlink-bad-length.at\ -+ symlink-long.at\ - version.at - - TESTSUITE = $(srcdir)/testsuite -diff --git a/tests/symlink-bad-length.at b/tests/symlink-bad-length.at -new file mode 100644 -index 0000000..cbf4aa7 ---- /dev/null -+++ b/tests/symlink-bad-length.at -@@ -0,0 +1,49 @@ -+# Process this file with autom4te to create testsuite. -*- Autotest -*- -+# Copyright (C) 2014 Free Software Foundation, Inc. -+ -+# This program is free software; you can redistribute it and/or modify -+# it under the terms of the GNU General Public License as published by -+# the Free Software Foundation; either version 3, or (at your option) -+# any later version. -+ -+# This program is distributed in the hope that it will be useful, -+# but WITHOUT ANY WARRANTY; without even the implied warranty of -+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+# GNU General Public License for more details. -+ -+# You should have received a copy of the GNU General Public License -+# along with this program; if not, write to the Free Software -+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -+# 02110-1301 USA. -+ -+# Cpio v2.11 did segfault with badly set symlink length. -+# References: -+# http://lists.gnu.org/archive/html/bug-cpio/2014-11/msg00007.html -+ -+AT_SETUP([symlink-bad-length]) -+AT_KEYWORDS([symlink-long copyout]) -+ -+AT_DATA([ARCHIVE.base64], -+[x3EjAIBAtIEtJy8nAQAAAHRUYW0FAAAADQBGSUxFAABzb21lIGNvbnRlbnQKAMdxIwBgQ/+hLScv -+JwEAAAB0VEhuBQD/////TElOSwAARklMRcdxAAAAAAAAAAAAAAEAAAAAAAAACwAAAAAAVFJBSUxF -+UiEhIQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA -+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA -+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA -+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA -+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA -+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA -+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA= -+]) -+ -+AT_CHECK([ -+base64 -d ARCHIVE.base64 > ARCHIVE || AT_SKIP_TEST -+cpio -ntv < ARCHIVE -+test $? -eq 2 -+], -+[0], -+[-rw-rw-r-- 1 10029 10031 13 Nov 25 13:52 FILE -+],[cpio: LINK: stored filename length is out of range -+cpio: premature end of file -+]) -+ -+AT_CLEANUP -diff --git a/tests/symlink-long.at b/tests/symlink-long.at -new file mode 100644 -index 0000000..d3def2d ---- /dev/null -+++ b/tests/symlink-long.at -@@ -0,0 +1,46 @@ -+# Process this file with autom4te to create testsuite. -*- Autotest -*- -+# Copyright (C) 2014 Free Software Foundation, Inc. -+ -+# This program is free software; you can redistribute it and/or modify -+# it under the terms of the GNU General Public License as published by -+# the Free Software Foundation; either version 3, or (at your option) -+# any later version. -+ -+# This program is distributed in the hope that it will be useful, -+# but WITHOUT ANY WARRANTY; without even the implied warranty of -+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+# GNU General Public License for more details. -+ -+# You should have received a copy of the GNU General Public License -+# along with this program; if not, write to the Free Software -+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -+# 02110-1301 USA. -+ -+# Cpio v2.11.90 changed the way symlink name is read from archive. -+# References: -+# http://lists.gnu.org/archive/html/bug-cpio/2014-11/msg00007.html -+ -+AT_SETUP([symlink-long]) -+AT_KEYWORDS([symlink-long copyout]) -+ -+AT_CHECK([ -+ -+# len(dirname) > READBUFSIZE -+dirname= -+for i in {1..52}; do -+ dirname="xxxxxxxxx/$dirname" -+ mkdir "$dirname" -+done -+ln -s "$dirname" x || AT_SKIP_TEST -+ -+echo x | cpio -o > ar -+list=`cpio -tv < ar | sed 's|.*-> ||'` -+test "$list" = "$dirname" && echo success || echo fail -+], -+[0], -+[success -+],[2 blocks -+2 blocks -+]) -+ -+AT_CLEANUP -diff --git a/tests/testsuite.at b/tests/testsuite.at -index 8f3330b..590bdcb 100644 ---- a/tests/testsuite.at -+++ b/tests/testsuite.at -@@ -31,6 +31,8 @@ m4_include([version.at]) - - m4_include([inout.at]) - m4_include([symlink.at]) -+m4_include([symlink-bad-length.at]) -+m4_include([symlink-long.at]) - m4_include([interdir.at]) - - m4_include([setstat01.at]) diff --git a/cpio-2.11-crc-fips-nit.patch b/cpio-2.11-crc-fips-nit.patch index 56efa35..bd447b5 100644 --- a/cpio-2.11-crc-fips-nit.patch +++ b/cpio-2.11-crc-fips-nit.patch @@ -1,8 +1,14 @@ +From: Pavel Raiskup +Date: Mon, 14 Sep 2015 09:51:12 +0200 +Subject: [PATCH 7/7] Note that cpio uses Sum32 checksum only + +Related to Package Wrangler and FIPS check. + diff --git a/src/main.c b/src/main.c -index 38fb3eb..9b9bf74 100644 +index a875a13..13cdfcf 100644 --- a/src/main.c +++ b/src/main.c -@@ -151,7 +151,7 @@ static struct argp_option options[] = { +@@ -167,7 +167,7 @@ static struct argp_option options[] = { {"pattern-file", 'E', N_("FILE"), 0, N_("Read additional patterns specifying filenames to extract or list from FILE"), 210}, {"only-verify-crc", ONLY_VERIFY_CRC_OPTION, 0, 0, diff --git a/cpio-2.11-crc-large-files.patch b/cpio-2.11-crc-large-files.patch deleted file mode 100644 index b84dccc..0000000 --- a/cpio-2.11-crc-large-files.patch +++ /dev/null @@ -1,96 +0,0 @@ -diff --git a/src/copyin.c b/src/copyin.c -index 09f226b..d505407 100644 ---- a/src/copyin.c -+++ b/src/copyin.c -@@ -178,7 +178,7 @@ list_file(struct cpio_file_stat* file_hdr, int in_file_des) - #endif - if (crc != file_hdr->c_chksum) - { -- error (0, 0, _("%s: checksum error (0x%lx, should be 0x%lx)"), -+ error (0, 0, _("%s: checksum error (0x%x, should be 0x%x)"), - file_hdr->c_name, crc, file_hdr->c_chksum); - } - } -@@ -525,7 +525,7 @@ copyin_regular_file (struct cpio_file_stat* file_hdr, int in_file_des) - if (archive_format == arf_crcascii) - { - if (crc != file_hdr->c_chksum) -- error (0, 0, _("%s: checksum error (0x%lx, should be 0x%lx)"), -+ error (0, 0, _("%s: checksum error (0x%x, should be 0x%x)"), - file_hdr->c_name, crc, file_hdr->c_chksum); - } - tape_skip_padding (in_file_des, file_hdr->c_filesize); -@@ -550,7 +550,7 @@ copyin_regular_file (struct cpio_file_stat* file_hdr, int in_file_des) - if (archive_format == arf_crcascii) - { - if (crc != file_hdr->c_chksum) -- error (0, 0, _("%s: checksum error (0x%lx, should be 0x%lx)"), -+ error (0, 0, _("%s: checksum error (0x%x, should be 0x%x)"), - file_hdr->c_name, crc, file_hdr->c_chksum); - } - -@@ -1442,7 +1442,7 @@ process_copy_in () - tape_skip_padding (in_file_des, file_hdr.c_filesize); - if (crc != file_hdr.c_chksum) - { -- error (0, 0, _("%s: checksum error (0x%lx, should be 0x%lx)"), -+ error (0, 0, _("%s: checksum error (0x%x, should be 0x%x)"), - file_hdr.c_name, crc, file_hdr.c_chksum); - } - /* Debian hack: -v and -V now work with --only-verify-crc. -diff --git a/src/copyout.c b/src/copyout.c -index 72f1989..03eaf88 100644 ---- a/src/copyout.c -+++ b/src/copyout.c -@@ -33,10 +33,10 @@ - /* Read FILE_SIZE bytes of FILE_NAME from IN_FILE_DES and - compute and return a checksum for them. */ - --static unsigned long -+static uint32_t - read_for_checksum (int in_file_des, int file_size, char *file_name) - { -- unsigned long crc; -+ uint32_t crc; - char buf[BUFSIZ]; - int bytes_left; - int bytes_read; -diff --git a/src/cpiohdr.h b/src/cpiohdr.h -index bb1ad6b..1c11998 100644 ---- a/src/cpiohdr.h -+++ b/src/cpiohdr.h -@@ -123,7 +123,7 @@ struct cpio_file_stat /* Internal representation of a CPIO header */ - long c_rdev_maj; - long c_rdev_min; - size_t c_namesize; -- unsigned long c_chksum; -+ uint32_t c_chksum; - char *c_name; - char *c_tar_linkname; - }; -diff --git a/src/extern.h b/src/extern.h -index 4f94d40..3530bf6 100644 ---- a/src/extern.h -+++ b/src/extern.h -@@ -75,7 +75,7 @@ extern char *new_media_message_after_number; - extern int archive_des; - extern char *archive_name; - extern char *rsh_command_option; --extern unsigned long crc; -+extern uint32_t crc; - extern int delayed_seek_count; - #ifdef DEBUG_CPIO - extern int debug_flag; -diff --git a/src/global.c b/src/global.c -index cff9720..336941e 100644 ---- a/src/global.c -+++ b/src/global.c -@@ -144,7 +144,7 @@ char *archive_name = NULL; - char *rsh_command_option = NULL; - - /* CRC checksum. */ --unsigned long crc; -+uint32_t crc; - - /* Input and output buffers. */ - char *input_buffer, *output_buffer; diff --git a/cpio-2.11-ru-translation.patch b/cpio-2.11-ru-translation.patch deleted file mode 100644 index f05ab7a..0000000 --- a/cpio-2.11-ru-translation.patch +++ /dev/null @@ -1,13 +0,0 @@ -diff --git a/po/ru.po b/po/ru.po -index 8bb24e2..39110a3 100644 ---- a/po/ru.po -+++ b/po/ru.po -@@ -1132,7 +1132,7 @@ msgid "" - "You must specify one of -oipt options.\n" - "Try `%s --help' or `%s --usage' for more information.\n" - msgstr "" --"Необходимо указать один из апарметров -oipt.\n" -+"Необходимо указать один из параметров -oipt.\n" - "Попробуйте указать `%s --help' или `%s --usage',\n" - "чтобы получить дополнительную информацию.\n" - diff --git a/cpio-2.11-stdio.in.patch b/cpio-2.11-stdio.in.patch deleted file mode 100644 index f7016ba..0000000 --- a/cpio-2.11-stdio.in.patch +++ /dev/null @@ -1,13 +0,0 @@ -diff -urNp cpio-2.11-orig/gnu/stdio.in.h cpio-2.11/gnu/stdio.in.h ---- cpio-2.11-orig/gnu/stdio.in.h 2010-03-10 10:27:03.000000000 +0100 -+++ cpio-2.11/gnu/stdio.in.h 2012-06-04 10:23:23.804471185 +0200 -@@ -139,7 +139,9 @@ _GL_WARN_ON_USE (fflush, "fflush is not - so any use of gets warrants an unconditional warning. Assume it is - always declared, since it is required by C89. */ - #undef gets -+#if HAVE_RAW_DECL_GETS - _GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead"); -+#endif - - #if @GNULIB_FOPEN@ - # if @REPLACE_FOPEN@ diff --git a/cpio-2.11-testsuite-CVE-2014-9112.patch b/cpio-2.11-testsuite-CVE-2014-9112.patch deleted file mode 100644 index d59ad1f..0000000 --- a/cpio-2.11-testsuite-CVE-2014-9112.patch +++ /dev/null @@ -1,30 +0,0 @@ -diff --git a/tests/symlink-bad-length.at b/tests/symlink-bad-length.at -index cbf4aa7..d8d250b 100644 ---- a/tests/symlink-bad-length.at -+++ b/tests/symlink-bad-length.at -@@ -37,13 +37,20 @@ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA= - - AT_CHECK([ - base64 -d ARCHIVE.base64 > ARCHIVE || AT_SKIP_TEST --cpio -ntv < ARCHIVE --test $? -eq 2 -+TZ=UTC cpio -ntv < ARCHIVE 2>stderr -+rc=$? -+cat stderr | grep -v \ -+ -e 'stored filename length is out of range' \ -+ -e 'premature end of file' \ -+ -e 'archive header has reverse byte-order' \ -+ -e 'memory exhausted' \ -+ >&2 -+echo >&2 STDERR -+test "$rc" -ne 0 - ], - [0], --[-rw-rw-r-- 1 10029 10031 13 Nov 25 13:52 FILE --],[cpio: LINK: stored filename length is out of range --cpio: premature end of file -+[-rw-rw-r-- 1 10029 10031 13 Nov 25 2014 FILE -+],[STDERR - ]) - - AT_CLEANUP diff --git a/cpio-2.11-treat-read-errors.patch b/cpio-2.11-treat-read-errors.patch deleted file mode 100644 index b15b8be..0000000 --- a/cpio-2.11-treat-read-errors.patch +++ /dev/null @@ -1,22 +0,0 @@ -diff --git a/src/util.c b/src/util.c -index 00953d5..2a821c7 100644 ---- a/src/util.c -+++ b/src/util.c -@@ -203,7 +203,7 @@ tape_fill_input_buffer (int in_des, int num_bytes) - get_next_reel (in_des); - input_size = rmtread (in_des, input_buffer, num_bytes); - } -- if (input_size < 0) -+ if (input_size == SAFE_READ_ERROR) - error (1, errno, _("read error")); - if (input_size == 0) - { -@@ -224,7 +224,7 @@ disk_fill_input_buffer (int in_des, off_t num_bytes) - in_buff = input_buffer; - num_bytes = (num_bytes < DISK_IO_BLOCK_SIZE) ? num_bytes : DISK_IO_BLOCK_SIZE; - input_size = read (in_des, input_buffer, num_bytes); -- if (input_size < 0) -+ if (input_size == SAFE_READ_ERROR) - { - input_size = 0; - return (-1); diff --git a/cpio-2.9-dev_number.patch b/cpio-2.9-dev_number.patch index 5eb751b..cf6d242 100644 --- a/cpio-2.9-dev_number.patch +++ b/cpio-2.9-dev_number.patch @@ -1,7 +1,12 @@ -diff -ruN cpio-2.9.90.orig/src/copyin.c cpio-2.9.90/src/copyin.c ---- cpio-2.9.90.orig/src/copyin.c 2008-07-11 13:20:27.000000000 +0200 -+++ cpio-2.9.90/src/copyin.c 2008-07-18 10:16:24.000000000 +0200 -@@ -1269,15 +1269,15 @@ +From: Kamil Dudka +Date: Mon, 14 Sep 2015 09:37:15 +0200 +Subject: [PATCH 3/7] Support major/minor device numbers over 127 (bz#450109) + +diff --git a/src/copyin.c b/src/copyin.c +index cde911e..12bd27c 100644 +--- a/src/copyin.c ++++ b/src/copyin.c +@@ -1196,15 +1196,15 @@ read_in_binary (struct cpio_file_stat *file_hdr, swab_array ((char *) short_hdr, 13); } diff --git a/cpio-2.9-exitCode.patch b/cpio-2.9-exitCode.patch index 4a05ecf..e4a4781 100644 --- a/cpio-2.9-exitCode.patch +++ b/cpio-2.9-exitCode.patch @@ -1,6 +1,13 @@ ---- cpio-2.9/src/copyout.c.exitCode 2007-06-28 10:54:43.000000000 +0200 -+++ cpio-2.9/src/copyout.c 2007-07-16 16:23:05.000000000 +0200 -@@ -297,7 +297,7 @@ to_ascii (char *where, uintmax_t v, size +From: Peter Vrabec +Date: Mon, 14 Sep 2015 09:31:08 +0200 +Subject: [PATCH 2/7] set exit code to 1 when cpio fails to store file > 4GB + (#183224) + +diff --git a/src/copyout.c b/src/copyout.c +index 1f0987a..dcae449 100644 +--- a/src/copyout.c ++++ b/src/copyout.c +@@ -287,7 +287,7 @@ to_ascii (char *where, uintmax_t v, size_t digits, unsigned logbase) static void field_width_error (const char *filename, const char *fieldname) { diff --git a/cpio-2.9-rh.patch b/cpio-2.9-rh.patch index 02b9be0..23d70db 100644 --- a/cpio-2.9-rh.patch +++ b/cpio-2.9-rh.patch @@ -1,30 +1,68 @@ ---- cpio-2.9/doc/cpio.info.rh 2007-06-28 15:25:08.000000000 +0200 -+++ cpio-2.9/doc/cpio.info 2007-07-16 15:10:20.000000000 +0200 -@@ -266,7 +266,8 @@ File: cpio.info, Node: Options, Prev: - Set the I/O block size to BLOCK-SIZE * 512 bytes. +From: Pavel Raiskup +Date: Mon, 14 Sep 2015 09:27:21 +0200 +Subject: [PATCH 1/7] make '-c' equivalent to '-H newc' + +diff --git a/doc/cpio.texi b/doc/cpio.texi +index e631934..a788b5d 100644 +--- a/doc/cpio.texi ++++ b/doc/cpio.texi +@@ -261,7 +261,8 @@ Sets the I/O block size to @var{block-size} * 512 bytes. + @item -B + Set the I/O block size to 5120 bytes. + @item -c +-Use the old portable (ASCII) archive format. ++Identical to "-H newc", use the new (SVR4) portable format. If you wish the old ++portable (ASCII) archive format, use "-H odc" instead. + @item -C @var{number} + @itemx --io-size=@var{number} + Set the I/O block size to the given @var{number} of bytes. +@@ -343,7 +344,8 @@ Equivalent to @option{-sS}. + @item -B + Set the I/O block size to 5120 bytes. + @item -c +-Use the old portable (ASCII) archive format. ++Identical to "-H newc", use the new (SVR4) portable format. If you wish the old ++portable (ASCII) archive format, use "-H odc" instead. + @item -C @var{number} + @itemx --io-size=@var{number} + Set the I/O block size to the given @var{number} of bytes. +@@ -454,7 +456,8 @@ Sets the I/O block size to @var{block-size} * 512 bytes. + @item -B + Set the I/O block size to 5120 bytes. + @item -c +-Use the old portable (ASCII) archive format. ++Identical to "-H newc", use the new (SVR4) portable format. If you wish the old ++portable (ASCII) archive format, use "-H odc" instead. + @item -C @var{number} + @itemx --io-size=@var{number} + Set the I/O block size to the given @var{number} of bytes. +@@ -600,7 +603,8 @@ block size is 512 bytes. - `-c' -- Use the old portable (ASCII) archive format. -+ Identical to "-H newc", use the new (SVR4) portable format. -+ If you wish the old portable (ASCII) archive format, use "-H odc" instead. + @item -c + [@ref{copy-in},@ref{copy-out},@ref{copy-pass}] +-@*Use the old portable (ASCII) archive format. ++@*Identical to "-H newc", use the new (SVR4) portable format. If you wish the ++old portable (ASCII) archive format, use "-H odc" instead. - `-C IO-SIZE' - `--io-size=IO-SIZE' ---- cpio-2.9/src/main.c.rh 2007-06-28 12:46:41.000000000 +0200 -+++ cpio-2.9/src/main.c 2007-07-16 15:09:10.000000000 +0200 -@@ -111,7 +111,7 @@ static struct argp_option options[] = { + @item -C @var{io-size} + @itemx --io-size=@var{io-size} +diff --git a/src/main.c b/src/main.c +index a13861f..a875a13 100644 +--- a/src/main.c ++++ b/src/main.c +@@ -124,7 +124,7 @@ static struct argp_option options[] = { {"block-size", BLOCK_SIZE_OPTION, N_("BLOCK-SIZE"), 0, N_("Set the I/O block size to BLOCK-SIZE * 512 bytes"), GRID+1 }, {NULL, 'c', NULL, 0, - N_("Use the old portable (ASCII) archive format"), GRID+1 }, -+ N_("Identical to \"-H newc\", use the new (SVR4) portable format.If you wish the old portable (ASCII) archive format, use \"-H odc\" instead."), GRID+1 }, ++ N_("Identical to \"-H newc\", use the new (SVR4) portable format. If you wish the old portable (ASCII) archive format, use \"-H odc\" instead."), GRID+1 }, {"dot", 'V', NULL, 0, N_("Print a \".\" for each file processed"), GRID+1 }, {"io-size", 'C', N_("NUMBER"), 0, -@@ -338,6 +338,7 @@ parse_opt (int key, char *arg, struct ar +@@ -329,6 +329,7 @@ parse_opt (int key, char *arg, struct argp_state *state) case 'c': /* Use the old portable ASCII format. */ if (archive_format != arf_unknown) - error (0, EXIT_FAILURE, _("Archive format multiply defined")); + USAGE_ERROR ((0, 0, _("Archive format multiply defined"))); +#define SVR4_COMPAT #ifdef SVR4_COMPAT archive_format = arf_newascii; /* -H newc. */ diff --git a/cpio-2.9.90-defaultremoteshell.patch b/cpio-2.9.90-defaultremoteshell.patch index 6733c3b..01dbd5d 100644 --- a/cpio-2.9.90-defaultremoteshell.patch +++ b/cpio-2.9.90-defaultremoteshell.patch @@ -1,6 +1,12 @@ -diff -urNp cpio-2.9.90-orig/lib/rtapelib.c cpio-2.9.90/lib/rtapelib.c ---- cpio-2.9.90-orig/lib/rtapelib.c 2007-08-12 09:57:15.000000000 +0200 -+++ cpio-2.9.90/lib/rtapelib.c 2009-03-09 18:06:43.000000000 +0100 +From: =?UTF-8?q?Ond=C5=99ej=20Va=C5=A1=C3=ADk?= +Date: Mon, 14 Sep 2015 09:39:13 +0200 +Subject: [PATCH 4/7] define default remote shell as /usr/bin/ssh(#452904), use + /etc/rmt as default rmt command + +diff --git a/lib/rtapelib.c b/lib/rtapelib.c +index 7213031..7d0bd52 100644 +--- a/lib/rtapelib.c ++++ b/lib/rtapelib.c @@ -59,6 +59,10 @@ # include #endif diff --git a/cpio.spec b/cpio.spec index 1183514..95eb704 100644 --- a/cpio.spec +++ b/cpio.spec @@ -1,55 +1,41 @@ Summary: A GNU archiving program Name: cpio -Version: 2.11 -Release: 36%{?dist} +Version: 2.12 +Release: 1%{?dist} License: GPLv3+ Group: Applications/Archiving URL: http://www.gnu.org/software/cpio/ Source: ftp://ftp.gnu.org/gnu/cpio/cpio-%{version}.tar.bz2 + # help2man generated manual page distributed only in RHEL/Fedora Source1: cpio.1 -#We use SVR4 portable format as default . + +# We use SVR4 portable format as default. Patch1: cpio-2.9-rh.patch -#fix warn_if_file_changed() and set exit code to 1 when cpio -# fails to store file > 4GB (#183224) + +# fix warn_if_file_changed() and set exit code to 1 when cpio fails to store +# file > 4GB (#183224) +# http://lists.gnu.org/archive/html/bug-cpio/2006-11/msg00000.html Patch2: cpio-2.9-exitCode.patch -#Support major/minor device numbers over 127 (bz#450109) -Patch3: cpio-2.9-dev_number.patch -#define default remote shell as /usr/bin/ssh(#452904) -Patch4: cpio-2.9.90-defaultremoteshell.patch -#fix segfault with nonexisting file with patternnames(#567022) -Patch5: cpio-2.10-patternnamesigsegv.patch -#fix rawhide buildfailure by updating gnulib's stdio.in.h -Patch6: cpio-2.11-stdio.in.patch -# fix bad file name splitting while creating ustar archive (#866467) -Patch7: cpio-2.10-longnames-split.patch -# cpio does Sum32 checksum, not CRC -Patch8: cpio-2.11-crc-fips-nit.patch -# Properly trim "crc" checksum to 32 bit number -# ~> upstream -Patch9: cpio-2.11-crc-large-files.patch +# Support major/minor device numbers over 127 (bz#450109) +# http://lists.gnu.org/archive/html/bug-cpio/2008-07/msg00000.html +Patch3: cpio-2.9-dev_number.patch -# Allow treat read() errors by checking for SAFE_READ_ERROR -# ~> downstream -# ~> http://lists.gnu.org/archive/html/bug-cpio/2013-09/msg00005.html -# ~> http://lists.gnu.org/archive/html/bug-cpio/2014-05/msg00001.html -Patch10: cpio-2.11-treat-read-errors.patch +# Define default remote shell as /usr/bin/ssh (#452904) +Patch4: cpio-2.9.90-defaultremoteshell.patch -# Small typo in RU translation -# ~> #1075510 -# ~> downstream? -Patch11: cpio-2.11-ru-translation.patch +# Fix segfault with nonexisting file with patternnames (#567022) +# http://savannah.gnu.org/bugs/index.php?28954 +# We have slightly different solution than upstream. +Patch5: cpio-2.10-patternnamesigsegv.patch -# heap-based buffer overrun -# ~> #1167573 -# ~> upstream: git diff 3945f9db..58df4f1b -Patch12: cpio-2.11-CVE-2014-9112.patch +# Fix bad file name splitting while creating ustar archive (#866467) +# (fix backported from tar's source) +Patch7: cpio-2.10-longnames-split.patch -# Related to CVE-2014-9112 patch. -# ~> reported upstream: -# http://lists.gnu.org/archive/html/bug-cpio/2014-12/msg00005.html -Patch13: cpio-2.11-testsuite-CVE-2014-9112.patch +# Cpio does Sum32 checksum, not CRC (downstream) +Patch8: cpio-2.11-crc-fips-nit.patch Requires(post): /sbin/install-info Requires(preun): /sbin/install-info @@ -73,22 +59,7 @@ and can read archives created on machines with a different byte-order. Install cpio if you need a program to manage file archives. %prep -%setup -q -%patch1 -p1 -b .rh -%patch2 -p1 -b .exitCode -%patch3 -p1 -b .dev_number -%patch4 -p1 -b .defaultremote -%patch5 -p1 -b .patternsegv -%patch6 -p1 -b .gnulib %{?_rawbuild} -%patch7 -p1 -b .longnames -%patch8 -p1 -b .sum32-fips -%patch9 -p1 -b .crc-big-files -%patch10 -p1 -b .treat-read-errors -%patch11 -p1 -b .ru-translation -%patch12 -p1 -b .CVE-2014-9112 -%patch13 -p1 -b .testsuite-cve - -autoreconf -vfi +%autosetup -p1 %build export CFLAGS="$RPM_OPT_FLAGS -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -D_LARGEFILE64_SOURCE -pedantic -fno-strict-aliasing -Wall $CFLAGS" @@ -143,6 +114,10 @@ fi %{_infodir}/*.info* %changelog +* Mon Sep 14 2015 Pavel Raiskup - 2.12-1 +- rebase, per release notes + http://lists.gnu.org/archive/html/bug-cpio/2015-09/msg00004.html + * Mon Jul 06 2015 Ondrej Vasik - 2.11-36 - in 2015, file name in CVE-2014-9112 shows in a bit different timestamp format (fix FTBFS, #1239416) diff --git a/sources b/sources index fa55cfa..c087492 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -20fc912915c629e809f80b96b2e75d7d cpio-2.11.tar.bz2 +93eea9f07c0058c097891c73e4955456 cpio-2.12.tar.bz2