summaryrefslogtreecommitdiff
path: root/Makefile.am
Commit message (Collapse)AuthorAgeFilesLines
* Validate entry_bytes_remaining in pax_attributeBen Wagner2022-07-241-0/+2
| | | | | | | | | | The `size` attribute may contain a negative or too large value. Check the range of the `entry_bytes_remaining` in `pax_attribute` the same way as `header_common`. The test which is added passes both with and without this change in a normal debug build. It is necessary to run with `-fsanitize=undefined` to see that the undefined behavior is avoided. Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=48467
* RAR5 reader: add more checks for invalid extraction parametersGrzegorz Antoniak2022-02-081-0/+1
| | | | | | | | | | | | | | Some specially crafted files declare invalid extraction parameters that can confuse the RAR5 reader. One of the arguments is the declared window size parameter that the archive file can declare for each file stored in the archive. Some crafted files declare window size equal to 0, which is clearly wrong. This commit adds additional safety checks decreasing the tolerance of the RAR5 format. This commit also contains OSSFuzz sample #30459.
* RAR5 reader: fix invalid memory access in some filesGrzegorz Antoniak2022-02-061-0/+1
| | | | | | | | | | | | | | | | | | RAR5 reader uses several variables to manage the window buffer during extraction: the buffer itself (`window_buf`), the current size of the window buffer (`window_size`), and a helper variable (`window_mask`) that is used to constrain read and write offsets to the window buffer. Some specially crafted files can force the unpacker to update the `window_mask` variable to a value that is out of sync with current buffer size. If the `window_mask` will be bigger than the actual buffer size, then an invalid access operation can happen (SIGSEGV). This commit ensures that if the `window_size` and `window_mask` will be changed, the window buffer will be reallocated to the proper size, so no invalid memory operation should be possible. This commit contains a test file from OSSFuzz #30442.
* dist: add missing zipx-zstd test files to Makefile.amMartin Matuska2022-02-051-0/+2
|
* RAR5 reader: fixed out of bounds read in some filesGrzegorz Antoniak2022-01-091-0/+1
| | | | | | | | Added more range checks in the bit stream reading functions (read_bits_16 and read_bits_32) in order to better guard against out of memory reads. This commit contains a test with OSSFuzz sample #30448.
* Merge pull request #1503 from legnaleurc/rar_filterMartin Matuška2022-01-031-0/+2
|\ | | | | support rar filters (without VM filter support)
| * add testWei-Cheng Pan2021-10-041-0/+2
| |
* | Merge pull request #1625 from evelikov/gc-sectionsMartin Matuška2022-01-031-4/+4
|\ \ | | | | | | Instrument gcc/clang to discard unused code during link
| * | autotools: enable -fdata/function-sections and --gc-sectionsEmil Velikov2021-11-211-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Analogue to the parent cmake commit, with linker flag detection. The former two split the functions and data into separate sections within the object file. Which makes it easier for the latter to properly garbage collect and discard unused sections. Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com>
* | | CI: fix ubuntu distcheckMartin Matuska2022-01-031-0/+1
|/ / | | | | | | | | Add missing test_read_format_rar5_sfx.exe.uu Be more verbose on failure
* | tar/test/test_option_ignore_zeros.c: test tar --ignore-zerosRyan Libby2021-11-191-0/+1
| | | | | | | | Add some basic tests for operations on concatenated archives.
* | Merge pull request #1598 from JiaT75/zip_entry_size_unset_store_fix_1547Martin Matuška2021-11-161-0/+1
|\ \ | |/ |/| Zip entry size unset now honors user requested compression level
| * Adding test to Makefile.amjiat752021-10-191-0/+1
| |
* | Added test case for ustar directory handlingSamanta Navarro2021-09-051-0/+2
|/ | | | Based on test_compat_tar_hardlink.c and with input by Tim Kientzle.
* Do not follow symlinks when processing the fixup listMartin Matuska2021-08-221-0/+1
| | | | | | | Use lchmod() instead of chmod() and tell the remaining functions that the real file to be modified is a symbolic link. Fixes #1566
* Merge pull request #1530 from owtaylor/close-short-writesMartin Matuška2021-05-271-0/+1
|\ | | | | On close, handle short writes from archive_write_callback
| * On close, handle short writes from archive_write_callbackOwen W. Taylor2021-05-141-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | The archive_write_callback passed to archive_write_open() is documented as: "each call to the write callback function should translate to a single write(2) system call. On success, the write callback should return the number of bytes actually written" And in most places, the code repeatedly calls the write callback, but when flushing the buffer at close, the write callback was called once, assuming it would write everything. This could result in a truncated archive. A test is added to test short writes in different code paths.
* | Merge pull request #1509 from mariXanna/fix/#1508Martin Matuška2021-05-271-0/+1
|\ \ | |/ |/| Added support of deflate algorithm in symbolic link decompression for zip archives
| * Added support of deflate algorithm in symbolic link decompression for zip ↵Masalskaya, Anna2021-03-161-0/+1
| | | | | | | | archives
* | add support for reading and writing PWB and V7 cpio archivesTom Ivar Helbekkmo2021-03-051-0/+1
| |
* | rearrange cpio output format selectionTom Ivar Helbekkmo2021-03-051-0/+1
|/
* fix test failureMasalskaya, Anna2020-09-301-0/+1
|
* move test to another placeMasalskaya, Anna2020-09-221-1/+0
|
* unit test addedMasalskaya, Anna2020-09-221-0/+1
|
* Introduce archive_read_support_filter_by_code()Martin Matuska2020-06-091-0/+1
| | | | Fixes #1258
* Add test for #1357 (detection of pzstd compressed files)Martin Matuska2020-04-301-0/+1
|
* tar reader: update handling of RHT.security.selinux xattrMartin Matuska2020-04-301-2/+4
| | | | | Add test for PR #1348 Rename test_read_pax_schily_xattr to test_read_pax_xattr_schily
* Add testcase for ZIPX files with LZMA_STREAM_END markerMartin Matuska2020-02-131-0/+1
| | | | Testcase for issue #1257 (PR #1297)
* 7z reader: support Delta filter with values 2-256Martin Matuska2020-02-061-0/+2
| | | | Fixes #987
* RAR5 reader: reject files that declare invalid header flagsGrzegorz Antoniak2020-02-021-0/+1
| | | | | | | | | | | | | | | One of the fields in RAR5's base block structure is the size of the header. Some invalid files declare a 0 header size setting, which can confuse the unpacker. Minimum header size for RAR5 base blocks is 7 bytes (4 bytes for CRC, and 3 bytes for the rest), so block size of 0 bytes should be rejected at header parsing stage. The fix adds an error condition if header size of 0 bytes is detected. In this case, the unpacker will not attempt to unpack the file, as the header is corrupted. The commit also adds OSSFuzz #20459 sample to test further regressions in this area.
* Unify unsupported entry file type error message in writerMartin Matuska2020-01-251-0/+1
| | | | Closes #1320
* Add test_option_safe_writes to tar testsMartin Matuska2020-01-201-0/+1
|
* Add test for reading 7z archives with Digests in PackInfoMartin Matuska2019-12-211-0/+2
| | | | Fixes #1295
* RAR5 reader: verify window size for multivolume archivesGrzegorz Antoniak2019-12-211-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | RAR5 archives can contain files that span across multiple .rar files. If the archive contains a big file that doesn't fit to first .rar file, then this file is continued in another .rar file. In this case, the RAR compressor first emits the FILE base block for this big file in the first .rar file. Then, it finishes first .rar file, and creates the new .rar file. In this new file, it emits the continuation FILE block that marks start of the continuation data for the rest of the huge file. The problem was that the RAR5 reader didn't ignore the window size declaration when parsing through the continuation FILE base block. The malicious file could declare a different window size inside the continuation base block than was declared in the primary FILE base block in the previous volume. The window size from continuation block was applied, but the actual window buffer was not reallocated. This resulted in a potential SIGSEGV error, since bounary checks for accessing the window buffer were working incorrectly (the window size variable didn't match the actual window buffer size). The commit fixes the issue by ignoring the window size declaration in the continuation FILE base block when switching volumes. The commit also contains a test case and OSSFuzz sample #19509.
* Add the "xattrhdr" option to pax write options.Martin Matuska2019-12-111-0/+4
| | | | | | | This allows us to control whether "SCHILY.xattr", "LIBARCHIVE.xattr" or both headers (default) are written when storing extended attributes. Document "hdrcharset" option for pax.
* Add missing testfile to Makefile.amMartin Matuska2019-11-171-0/+1
|
* Added a test case on lha with UTF-16 filenames.Claybird2019-11-061-0/+1
|
* RAR5 reader: verify window size for solid filesGrzegorz Antoniak2019-09-271-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | RAR5 archives can contain files compressed independently of each other, and files that share a common window buffer, so files which are compressed using 'solid' method. In the latter case, all files are required to use the same window buffer, so window size should also be the same. OSSFuzz sample #15482 declares a different window size for multiple solid files. RAR5 reader doesn't reallocate window buffer when decompressing solid files, so it was possible to perform an out-of-bounds read by declaring two solid files, where the second solid file declared the window size parameter that was bigger than window size used in first solid file. This commit introduces additional checks to ensure all solid files are using the same window size. The commit also adds a test case using OSSFuzz sample #15482 to hunt down regressions in the future. Some other test cases had to be adjusted as well, because other OSSFuzz samples were also declaring different window sizes for solid files. So this commit has changed the error reporting for those invalid sample files.
* RAR5 reader: fix ARM filter going beyond window buffer boundaryGrzegorz Antoniak2019-06-241-0/+1
| | | | | | | | | | | | | | | | | RAR5 uses filters in order to mutate data just before compression, to achieve a better compression ratio. After decompression, this mutation needs to be reversed by processing various filters that the compressor uses. One of such filters is an ARM executable file filter, which changes some bytes in the input stream if the stream is recognized as an executable file with ARM native code. This commit fixes the situation when the decompressor using an ARM filter was referencing a byte outside current window buffer. Such action is invalid and can produce segmentation faults. This commit also adds a test using OSSFuzz sample #15431.
* Add test_read_format_rar5_different_window_size.rar.uu to Makefile.amMartin Matuska2019-06-171-0/+1
|
* RAR reader: extend fix user after freeMartin Matuska2019-06-151-0/+1
| | | | | | | | If read_data_compressed() returns ARCHIVE_FAILED, the caller is allowed to continue with next archive headers. In addition to rar->start_new_table=1 we need to set rar->ppmd_valid=0. Reported by: OSS-Fuzz issue 15120
* Merge pull request #1109 from kientzle/Issue1055Martin Matuška2019-05-181-0/+2
|\ | | | | Issue #1055: Ignore padding in Zip extra field data
| * Merge branch 'master' into Issue1055Tim Kientzle2019-05-041-2/+39
| |\
| * | Issue #1055: Ignore padding in Zip extra field dataTim Kientzle2018-12-151-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | PKWare's APPNOTE.TXT simply documents the extra field as a concatenation of <header><data> objects. It does not explicitly allow nor prohibit additional padding. Libarchive originally treated any extraneous data in the extra field as an indication of corruption and issued an error. However, some Zip writers do appear to include additional zero bytes in the extra field and expect them to be ignored. This works if: * We consider a field type of 0000 to be a padding field. * In particular, 0000 0000 is then a valid field with type zero and zero bytes of data. * If there are fewer than 4 bytes left at the end of the extra data (too few to be a valid extra field object), ignore it. With the above conventions, zero padding can occur anywhere in the extra field as long as the padding occurs in a multiple of four bytes. Any number of bytes can occur at the end: groups of four bytes will be skipped as valid empty fields; any final group of less than four bytes will be simply ignored. The test exercises all of the above options; the extra field data for the file in this archive has: * Four zero bytes at the beginning * A valid UX field * A pad field of type zero with a non-zero length * An additional three final bytes By verifying that the UX data was read correctly and that there were no errors, we can be confident that all of the padding here was handled correctly.
* | | tar reader: treat empty archives with a GNU volume header as validMartin Matuska2019-05-181-0/+2
| | | | | | | | | | | | Fixes #1062
* | | Add test_read_format_rar_ppmd_use_after_free.rar.uu to Makefile.amMartin Matuska2019-05-121-0/+1
| | | | | | | | | | | | Entry was missing in PR #1199
* | | Add missing distcheck files to Makefile.amMartin Matuska2019-05-111-0/+12
| | |
* | | add new raw test file to the distributionMike Frysinger2019-05-111-0/+1
| | |
* | | zip: add support for Info-ZIP Unicode Path Extra FieldTomasz Mikolajewski2019-04-261-0/+2
| |/ |/| | | | | | | The zip specification supports storing path names in UTF-8 encoding via the Info-ZIP Unicode Path Extra Field (0x7075).
* | RAR5 reader: add support for symlinks, hardlinks, owner and group dataMartin Matuska2019-04-181-0/+33
| | | | | | | | Add missing test archives to Makefile.am
View Lorry Controller Status