[gentoo-commits] repo/gentoo:master commit in: sys-fs/squashfs-tools/, sys-fs/squashfs-tools/files/

["Mike Frysinger" <vapier@gentoo.org>]

commit:     10ca2cce4bb831646697d5308fed2bbee33a9f0f
Author:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
AuthorDate: Fri Jun 17 15:07:20 2016 +0000
Commit:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
CommitDate: Fri Jun 17 15:08:09 2016 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=10ca2cce

sys-fs/squashfs-tools: add a few more various fixes

 .../files/squashfs-tools-4.3-2gb.patch             | 30 ++++++++++
 .../files/squashfs-tools-4.3-local-cve-fix.patch   | 19 ++++++
 .../files/squashfs-tools-4.3-mem-overflow.patch    | 35 +++++++++++
 .../files/squashfs-tools-4.3-xattrs.patch          | 34 +++++++++++
 sys-fs/squashfs-tools/squashfs-tools-4.3-r2.ebuild | 67 ++++++++++++++++++++++
 5 files changed, 185 insertions(+)

diff --git a/sys-fs/squashfs-tools/files/squashfs-tools-4.3-2gb.patch b/sys-fs/squashfs-tools/files/squashfs-tools-4.3-2gb.patch
new file mode 100644
index 0000000..467448f
--- /dev/null
+++ b/sys-fs/squashfs-tools/files/squashfs-tools-4.3-2gb.patch
@@ -0,0 +1,30 @@
+From 9c1db6d13a51a2e009f0027ef336ce03624eac0d Mon Sep 17 00:00:00 2001
+From: "Guan, Xin" <guanx.bac@gmail.com>
+Date: Sat, 13 Sep 2014 13:15:26 +0200
+Subject: [PATCH] Fix 2GB-limit of the is_fragment(...) function.
+
+Applies to squashfs-tools 4.3.
+
+Reported-by: Bruno Wolff III <bruno@wolff.to>
+Signed-off-by: Guan, Xin <guanx.bac@gmail.com>
+Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
+---
+ squashfs-tools/mksquashfs.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/squashfs-tools/mksquashfs.c b/squashfs-tools/mksquashfs.c
+index f1fcff1cc284..d221c35865a0 100644
+--- a/squashfs-tools/mksquashfs.c
++++ b/squashfs-tools/mksquashfs.c
+@@ -2029,7 +2029,7 @@ struct file_info *duplicate(long long file_size, long long bytes,
+ 
+ inline int is_fragment(struct inode_info *inode)
+ {
+-	int file_size = inode->buf.st_size;
++	off_t file_size = inode->buf.st_size;
+ 
+ 	/*
+ 	 * If this block is to be compressed differently to the
+-- 
+2.8.2
+

diff --git a/sys-fs/squashfs-tools/files/squashfs-tools-4.3-local-cve-fix.patch b/sys-fs/squashfs-tools/files/squashfs-tools-4.3-local-cve-fix.patch
new file mode 100644
index 0000000..7637f67
--- /dev/null
+++ b/sys-fs/squashfs-tools/files/squashfs-tools-4.3-local-cve-fix.patch
@@ -0,0 +1,19 @@
+taken from Fedora
+
+commit af393379e34c5677f95bbec11645b6c3028195b4
+Author: Bruno Wolff III <bruno@wolff.to>
+Date:   Wed Jun 24 14:27:31 2015 -0500
+
+Update printf formats to match datatypes after CVE patch
+
+--- squashfs-tools/unsquash-4.c
++++ squashfs-tools/unsquash-4.c
+@@ -35,7 +35,7 @@
+ 	size_t indexes = SQUASHFS_FRAGMENT_INDEXES(sBlk.s.fragments);
+ 	long long *fragment_table_index;
+ 
+-	TRACE("read_fragment_table: %d fragments, reading %d fragment indexes "
++	TRACE("read_fragment_table: %u fragments, reading %zu fragment indexes "
+ 		"from 0x%llx\n", sBlk.s.fragments, indexes,
+ 		sBlk.s.fragment_table_start);
+ 

diff --git a/sys-fs/squashfs-tools/files/squashfs-tools-4.3-mem-overflow.patch b/sys-fs/squashfs-tools/files/squashfs-tools-4.3-mem-overflow.patch
new file mode 100644
index 0000000..a9b0001
--- /dev/null
+++ b/sys-fs/squashfs-tools/files/squashfs-tools-4.3-mem-overflow.patch
@@ -0,0 +1,35 @@
+taken from Fedora
+
+From 604b607d8ac91eb8afc0b6e3d917d5c073096103 Mon Sep 17 00:00:00 2001
+From: Phillip Lougher <phillip@squashfs.org.uk>
+Date: Wed, 11 Jun 2014 04:51:37 +0100
+Subject: mksquashfs: ensure value does not overflow a signed int in -mem
+ option
+
+Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
+
+diff --git a/squashfs-tools/mksquashfs.c b/squashfs-tools/mksquashfs.c
+index 5370ecf..9676dc8 100644
+--- a/squashfs-tools/mksquashfs.c
++++ b/squashfs-tools/mksquashfs.c
+@@ -5193,7 +5193,16 @@ print_compressor_options:
+ 					 argv[0]);
+ 				exit(1);
+ 			}
+-			/* convert from bytes to Mbytes */
++
++			/*
++			 * convert from bytes to Mbytes, ensuring the value
++			 * does not overflow a signed int
++			 */
++			if(number >= (1LL << 51)) {
++				ERROR("%s: -mem invalid mem size\n", argv[0]);
++				exit(1);
++			}
++
+ 			total_mem = number / 1048576;
+ 			if(total_mem < (SQUASHFS_LOWMEM / SQUASHFS_TAKE)) {
+ 				ERROR("%s: -mem should be %d Mbytes or "
+-- 
+cgit v0.10.1
+

diff --git a/sys-fs/squashfs-tools/files/squashfs-tools-4.3-xattrs.patch b/sys-fs/squashfs-tools/files/squashfs-tools-4.3-xattrs.patch
new file mode 100644
index 0000000..47b0ea5
--- /dev/null
+++ b/sys-fs/squashfs-tools/files/squashfs-tools-4.3-xattrs.patch
@@ -0,0 +1,34 @@
+From ffe9e55c4993422ce36213fa86d4fc29c22646ea Mon Sep 17 00:00:00 2001
+From: Wessel Dankers <wsl-debian-804194@fruit.je>
+Date: Fri, 17 Jun 2016 09:46:42 +0800
+Subject: [PATCH] unsquashfs: Correctly set file capabilities
+
+As posted on https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=804194.
+---
+ squashfs-tools/unsquashfs.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/squashfs-tools/unsquashfs.c b/squashfs-tools/unsquashfs.c
+index 1323dd6..a5f0117 100644
+--- a/squashfs-tools/unsquashfs.c
++++ b/squashfs-tools/unsquashfs.c
+@@ -821,8 +821,6 @@ int set_attributes(char *pathname, int mode, uid_t uid, gid_t guid, time_t time,
+ {
+ 	struct utimbuf times = { time, time };
+ 
+-	write_xattr(pathname, xattr);
+-
+ 	if(utime(pathname, &times) == -1) {
+ 		ERROR("set_attributes: failed to set time on %s, because %s\n",
+ 			pathname, strerror(errno));
+@@ -845,6 +843,8 @@ int set_attributes(char *pathname, int mode, uid_t uid, gid_t guid, time_t time,
+ 		return FALSE;
+ 	}
+ 
++	write_xattr(pathname, xattr);
++
+ 	return TRUE;
+ }
+ 
+-- 
+2.8.0.rc3.226.g39d4020

diff --git a/sys-fs/squashfs-tools/squashfs-tools-4.3-r2.ebuild b/sys-fs/squashfs-tools/squashfs-tools-4.3-r2.ebuild
new file mode 100644
index 0000000..74247ab
--- /dev/null
+++ b/sys-fs/squashfs-tools/squashfs-tools-4.3-r2.ebuild
@@ -0,0 +1,67 @@
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="5"
+
+inherit eutils toolchain-funcs
+
+DEB_VER="3"
+
+DESCRIPTION="Tool for creating compressed filesystem type squashfs"
+HOMEPAGE="http://squashfs.sourceforge.net"
+SRC_URI="mirror://sourceforge/squashfs/squashfs${PV}.tar.gz
+	mirror://debian/pool/main/${PN:0:1}/${PN}/${PN}_${PV}-${DEB_VER}.debian.tar.xz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
+IUSE="lz4 lzma lzo xattr +xz"
+
+RDEPEND="
+	sys-libs/zlib
+	!xz? ( !lzo? ( sys-libs/zlib ) )
+	lz4? ( app-arch/lz4 )
+	lzma? ( app-arch/xz-utils )
+	lzo? ( dev-libs/lzo )
+	xattr? ( sys-apps/attr )
+	xz? ( app-arch/xz-utils )
+"
+DEPEND="${RDEPEND}"
+
+S="${WORKDIR}/squashfs${PV}/${PN}"
+
+src_prepare() {
+	epatch "${WORKDIR}"/debian/patches/*.patch
+	epatch "${FILESDIR}"/${P}-sysmacros.patch
+	epatch "${FILESDIR}"/${P}-aligned-data.patch
+	epatch "${FILESDIR}"/${P}-2gb.patch
+	epatch "${FILESDIR}"/${P}-local-cve-fix.patch
+	epatch "${FILESDIR}"/${P}-mem-overflow.patch
+	epatch "${FILESDIR}"/${P}-xattrs.patch
+}
+
+use10() { usex $1 1 0 ; }
+
+src_configure() {
+	# set up make command line variables in EMAKE_SQUASHFS_CONF
+	EMAKE_SQUASHFS_CONF=(
+		LZMA_XZ_SUPPORT=$(use10 lzma)
+		LZO_SUPPORT=$(use10 lzo)
+		LZ4_SUPPORT=$(use10 lz4)
+		XATTR_SUPPORT=$(use10 xattr)
+		XZ_SUPPORT=$(use10 xz)
+	)
+
+	tc-export CC
+}
+
+src_compile() {
+	emake "${EMAKE_SQUASHFS_CONF[@]}"
+}
+
+src_install() {
+	dobin mksquashfs unsquashfs
+	cd ..
+	dodoc CHANGES PERFORMANCE.README pseudo-file.example README* OLD-READMEs/*
+	doman "${WORKDIR}"/debian/manpages/*.[0-9]
+}