Bump libarchive-clib to 3.8.6

hasufell · hasufell · commit 260ddbbfd332 · 2026-03-16T17:45:04.000+08:00
diff --git a/libarchive-clib/c/archive.h b/libarchive-clib/c/archive.h
@@ -34,7 +34,7 @@
  * assert that ARCHIVE_VERSION_NUMBER >= 2012108.
  */
 /* Note: Compiler will complain if this does not match archive_entry.h! */
-#define	ARCHIVE_VERSION_NUMBER 3008005
+#define	ARCHIVE_VERSION_NUMBER 3008006
 
 #include <sys/stat.h>
 #include <stddef.h>  /* for wchar_t */
@@ -177,7 +177,7 @@ __LA_DECL int		archive_version_number(void);
 /*
  * Textual name/version of the library, useful for version displays.
  */
-#define	ARCHIVE_VERSION_ONLY_STRING "3.8.5"
+#define	ARCHIVE_VERSION_ONLY_STRING "3.8.6"
 #define	ARCHIVE_VERSION_STRING "libarchive " ARCHIVE_VERSION_ONLY_STRING
 __LA_DECL const char *	archive_version_string(void);
 
diff --git a/libarchive-clib/c/archive_acl.c b/libarchive-clib/c/archive_acl.c
@@ -1256,8 +1256,12 @@ archive_acl_from_text_w(struct archive_acl *acl, const wchar_t *text,
 
 			tag = 0;
 			s = field[n].start;
-			st = field[n].start + 1;
 			len = field[n].end - field[n].start;
+			if (len == 0) {
+				ret = ARCHIVE_WARN;
+				continue;
+			}
+			st = s + 1;
 
 			switch (*s) {
 			case L'u':
diff --git a/libarchive-clib/c/archive_cryptor_private.h b/libarchive-clib/c/archive_cryptor_private.h
@@ -109,6 +109,10 @@ typedef struct {
 #include <nettle/version.h>
 #define	ARCHIVE_CRYPTOR_USE_NETTLE 1
 
+#ifndef AES_MAX_KEY_SIZE
+#define AES_MAX_KEY_SIZE AES256_KEY_SIZE
+#endif
+
 typedef struct {
 #if NETTLE_VERSION_MAJOR < 3
 	struct aes_ctx	ctx;
diff --git a/libarchive-clib/c/archive_entry.h b/libarchive-clib/c/archive_entry.h
@@ -28,7 +28,7 @@
 #define	ARCHIVE_ENTRY_H_INCLUDED
 
 /* Note: Compiler will complain if this does not match archive.h! */
-#define	ARCHIVE_VERSION_NUMBER 3008005
+#define	ARCHIVE_VERSION_NUMBER 3008006
 
 /*
  * Note: archive_entry.h is for use outside of libarchive; the
diff --git a/libarchive-clib/c/archive_hmac.c b/libarchive-clib/c/archive_hmac.c
@@ -198,6 +198,7 @@ static void __hmac_sha1_cleanup(archive_hmac_sha1_ctx *ctx)
 }
 
 #elif defined(HAVE_LIBNETTLE) && defined(HAVE_NETTLE_HMAC_H)
+#include <nettle/version.h>
 
 static int
 __hmac_sha1_init(archive_hmac_sha1_ctx *ctx, const uint8_t *key, size_t key_len)
@@ -216,7 +217,12 @@ __hmac_sha1_update(archive_hmac_sha1_ctx *ctx, const uint8_t *data,
 static void
 __hmac_sha1_final(archive_hmac_sha1_ctx *ctx, uint8_t *out, size_t *out_len)
 {
+#if NETTLE_VERSION_MAJOR < 4
 	hmac_sha1_digest(ctx, (unsigned)*out_len, out);
+#else
+	hmac_sha1_digest(ctx, out);
+	*out_len = SHA1_DIGEST_SIZE;
+#endif
 }
 
 static void
diff --git a/libarchive-clib/c/archive_read_open_filename.c b/libarchive-clib/c/archive_read_open_filename.c
@@ -122,13 +122,14 @@ archive_read_open_filenames(struct archive *a, const char **filenames,
 	archive_clear_error(a);
 	do
 	{
+		size_t len;
 		if (filename == NULL)
 			filename = "";
-		mine = calloc(1,
-			sizeof(*mine) + strlen(filename));
+		len = strlen(filename);
+		mine = calloc(1, sizeof(*mine) + len);
 		if (mine == NULL)
 			goto no_memory;
-		strcpy(mine->filename.m, filename);
+		memcpy(mine->filename.m, filename, len + 1);
 		mine->block_size = block_size;
 		mine->fd = -1;
 		mine->buffer = NULL;
diff --git a/libarchive-clib/c/archive_read_support_filter_program.c b/libarchive-clib/c/archive_read_support_filter_program.c
@@ -149,6 +149,8 @@ archive_read_support_filter_program_signature(struct archive *_a,
 	if (signature != NULL && signature_len > 0) {
 		state->signature_len = signature_len;
 		state->signature = malloc(signature_len);
+		if (state->signature == NULL)
+			goto memerr;
 		memcpy(state->signature, signature, signature_len);
 	}
 
diff --git a/libarchive-clib/c/archive_read_support_format_7zip.c b/libarchive-clib/c/archive_read_support_format_7zip.c
@@ -34,6 +34,9 @@
 #ifdef HAVE_STDLIB_H
 #include <stdlib.h>
 #endif
+#ifdef HAVE_LIMITS_H
+#include <limits.h>
+#endif
 #ifdef HAVE_BZLIB_H
 #include <bzlib.h>
 #endif
@@ -80,7 +83,7 @@
 /*
  * ELF format
  */
-#define ELF_HDR_MIN_LEN 0x3f
+#define ELF_HDR_MIN_LEN 0x40 /* sizeof(Elf64_Ehdr) */
 #define ELF_HDR_EI_CLASS_OFFSET 0x04
 #define ELF_HDR_EI_DATA_OFFSET 0x05
 
@@ -855,13 +858,18 @@ find_elf_data_sec(struct archive_read *a)
 		while (e_shnum > 0) {
 			name_offset = (*dec32)(h + sec_tbl_offset);
 			if (name_offset == data_sym_offset) {
+				uint64_t sel_offset;
+
 				if (format_64) {
-					min_addr = (*dec64)(
+					sel_offset = (*dec64)(
 					    h + sec_tbl_offset + 0x18);
 				} else {
-					min_addr = (*dec32)(
+					sel_offset = (*dec32)(
 					    h + sec_tbl_offset + 0x10);
 				}
+				if (sel_offset > SSIZE_MAX)
+					break;
+				min_addr = (ssize_t)sel_offset;
 				break;
 			}
 			sec_tbl_offset += e_shentsize;
diff --git a/libarchive-clib/c/archive_read_support_format_cab.c b/libarchive-clib/c/archive_read_support_format_cab.c
@@ -383,8 +383,10 @@ archive_read_support_format_cab(struct archive *_a)
 	    NULL,
 	    NULL);
 
-	if (r != ARCHIVE_OK)
+	if (r != ARCHIVE_OK) {
+		archive_wstring_free(&cab->ws);
 		free(cab);
+	}
 	return (ARCHIVE_OK);
 }
 
diff --git a/libarchive-clib/c/archive_read_support_format_lha.c b/libarchive-clib/c/archive_read_support_format_lha.c
@@ -1101,6 +1101,13 @@ lha_read_file_header_3(struct archive_read *a, struct lha *lha)
 	header_crc = lha_crc16(0, p, H3_FIXED_SIZE);
 	__archive_read_consume(a, H3_FIXED_SIZE);
 
+	/* Reject rediculously large header */
+	if (lha->header_size > 65536) {
+		archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,
+		    "LHa header size too large");
+		return (ARCHIVE_FATAL);
+	}
+
 	/* Read extended headers */
 	err = lha_read_file_extended_header(a, lha, &header_crc, 4,
 		  lha->header_size - H3_FIXED_SIZE, &extdsize);
diff --git a/libarchive-clib/c/archive_read_support_format_mtree.c b/libarchive-clib/c/archive_read_support_format_mtree.c
@@ -300,7 +300,12 @@ cleanup(struct archive_read *a)
 	struct mtree_entry *p, *q;
 
 	mtree = (struct mtree *)(a->format->data);
-
+	
+	/* Close any dangling file descriptor before freeing */
+    if (mtree->fd >= 0) {
+        close(mtree->fd);
+        mtree->fd = -1;
+    }
 	p = mtree->entries;
 	while (p != NULL) {
 		q = p->next;
diff --git a/libarchive-clib/c/archive_read_support_format_rar5.c b/libarchive-clib/c/archive_read_support_format_rar5.c
@@ -375,6 +375,7 @@ static int rar5_read_data_skip(struct archive_read *a);
 static int push_data_ready(struct archive_read* a, struct rar5* rar,
 	const uint8_t* buf, size_t size, int64_t offset);
 static void clear_data_ready_stack(struct rar5* rar);
+static void rar5_deinit(struct rar5* rar);
 
 /* CDE_xxx = Circular Double Ended (Queue) return values. */
 enum CDE_RETURN_VALUES {
@@ -429,8 +430,7 @@ static int cdeque_front(struct cdeque* d, void** value) {
 		return CDE_OUT_OF_BOUNDS;
 }
 
-/* Pushes a new element into the end of this circular deque object. If current
- * size will exceed capacity, the oldest element will be overwritten. */
+/* Pushes a new element into the end of this circular deque object. */
 static int cdeque_push_back(struct cdeque* d, void* item) {
 	if(d == NULL)
 		return CDE_PARAM;
@@ -554,7 +554,11 @@ static struct filter_info* add_new_filter(struct rar5* rar) {
 		return NULL;
 	}
 
-	cdeque_push_back(&rar->cstate.filters, cdeque_filter(f));
+	if (CDE_OK != cdeque_push_back(&rar->cstate.filters, cdeque_filter(f))) {
+		free(f);
+		return NULL;
+	}
+
 	return f;
 }
 
@@ -3040,7 +3044,9 @@ static int parse_filter(struct archive_read* ar, const uint8_t* p) {
 	if(block_length < 4 ||
 	    block_length > 0x400000 ||
 	    filter_type > FILTER_ARM ||
-	    !is_valid_filter_block_start(rar, block_start))
+	    !is_valid_filter_block_start(rar, block_start) ||
+	    (rar->cstate.window_size > 0 &&
+	     (ssize_t)block_length > rar->cstate.window_size >> 1))
 	{
 		archive_set_error(&ar->archive, ARCHIVE_ERRNO_FILE_FORMAT,
 		    "Invalid filter encountered");
@@ -4328,7 +4334,7 @@ static int rar5_cleanup(struct archive_read *a) {
 	free(rar->vol.push_buf);
 
 	free_filters(rar);
-	cdeque_free(&rar->cstate.filters);
+	rar5_deinit(rar);
 
 	free(rar);
 	a->format->data = NULL;
@@ -4353,6 +4359,7 @@ static int rar5_has_encrypted_entries(struct archive_read *_a) {
 	return ARCHIVE_READ_FORMAT_ENCRYPTION_DONT_KNOW;
 }
 
+/* Must match deallocations in rar5_deinit */
 static int rar5_init(struct rar5* rar) {
 	memset(rar, 0, sizeof(struct rar5));
 
@@ -4368,6 +4375,11 @@ static int rar5_init(struct rar5* rar) {
 	return ARCHIVE_OK;
 }
 
+/* Must match allocations in rar5_init */
+static void rar5_deinit(struct rar5* rar) {
+	cdeque_free(&rar->cstate.filters);
+}
+
 int archive_read_support_format_rar5(struct archive *_a) {
 	struct archive_read* ar;
 	int ret;
@@ -4404,8 +4416,9 @@ int archive_read_support_format_rar5(struct archive *_a) {
 	    rar5_has_encrypted_entries);
 
 	if(ret != ARCHIVE_OK) {
-		(void) rar5_cleanup(ar);
+		rar5_deinit(rar);
+		free(rar);
 	}
 
-	return ret;
+	return ARCHIVE_OK;
 }
diff --git a/libarchive-clib/c/archive_string.c b/libarchive-clib/c/archive_string.c
@@ -772,7 +772,7 @@ archive_string_append_from_wcs_in_codepage(struct archive_string *as,
 			int r;
 
 			defchar_used = 0;
-			if (to_cp == CP_UTF8 || sc == NULL)
+			if (to_cp == CP_UTF8)
 				dp = NULL;
 			else
 				dp = &defchar_used;
@@ -1873,6 +1873,9 @@ archive_string_conversion_free(struct archive *a)
 const char *
 archive_string_conversion_charset_name(struct archive_string_conv *sc)
 {
+	if (sc == NULL) {
+		return "current locale";
+	}
 	if (sc->flag & SCONV_TO_CHARSET)
 		return (sc->to_charset);
 	else
@@ -4123,7 +4126,12 @@ archive_mstring_get_mbs_l(struct archive *a, struct archive_mstring *aes,
 	 * character-set. */
 	if ((aes->aes_set & AES_SET_MBS) == 0) {
 		const char *pm; /* unused */
-		archive_mstring_get_mbs(a, aes, &pm); /* ignore errors, we'll handle it later */
+		if (archive_mstring_get_mbs(a, aes, &pm) != 0) {
+			/* We have another form, but failed to convert it to
+			 * the native locale.  Transitively, we've failed to
+			 * convert it to the specified character set. */
+			ret = -1;
+		}
 	}
 	/* If we already have an MBS form, use it to be translated to
 	 * specified character-set. */
@@ -4141,6 +4149,8 @@ archive_mstring_get_mbs_l(struct archive *a, struct archive_mstring *aes,
 		if (length != NULL)
 			*length = aes->aes_mbs_in_locale.length;
 	} else {
+		/* Either we have no string in any form,
+		 * or conversion failed and set 'ret != 0'.  */
 		*p = NULL;
 		if (length != NULL)
 			*length = 0;
diff --git a/libarchive-clib/c/archive_write_disk_posix.c b/libarchive-clib/c/archive_write_disk_posix.c
@@ -1975,7 +1975,7 @@ archive_write_disk_gid(struct archive *_a, const char *name, la_int64_t id)
                return (a->lookup_gid)(a->lookup_gid_data, name, id);
        return (id);
 }
- 
+
 int64_t
 archive_write_disk_uid(struct archive *_a, const char *name, la_int64_t id)
 {
@@ -2406,7 +2406,7 @@ create_filesystem_object(struct archive_write_disk *a)
 	 */
 	mode = final_mode & 0777 & ~a->user_umask;
 
-	/* 
+	/*
 	 * Always create writable such that [f]setxattr() works if we're not
 	 * root.
 	 */
@@ -3024,7 +3024,7 @@ check_symlinks_fsobj(char *path, int *a_eno, struct archive_string *a_estr,
 				/*
 				 * We are not the last element and we want to
 				 * follow symlinks if they are a directory.
-				 * 
+				 *
 				 * This is needed to extract hardlinks over
 				 * symlinks.
 				 */
@@ -3435,7 +3435,7 @@ create_dir(struct archive_write_disk *a, char *path)
 			le = new_fixup(a, path);
 			if (le == NULL)
 				return (ARCHIVE_FATAL);
-			le->fixup |=TODO_MODE_BASE;
+			le->fixup |= TODO_MODE_BASE;
 			le->mode = mode_final;
 		}
 		return (ARCHIVE_OK);
@@ -3447,8 +3447,17 @@ create_dir(struct archive_write_disk *a, char *path)
 	 * don't add it to the fixup list here, as it's already been
 	 * added.
 	 */
-	if (la_stat(path, &st) == 0 && S_ISDIR(st.st_mode))
-		return (ARCHIVE_OK);
+	if (errno == EEXIST) {
+		if (la_stat(path, &st) == 0) {
+			if (S_ISDIR(st.st_mode))
+				return (ARCHIVE_OK);
+			/* path exists but is not a directory */
+			errno = ENOTDIR;
+		} else {
+			/* restore original errno */
+			errno = EEXIST;
+		}
+	}
 
 	archive_set_error(&a->archive, errno, "Failed to create dir '%s'",
 	    path);
@@ -4767,4 +4776,3 @@ static void close_file_descriptor(struct archive_write_disk* a)
 
 
 #endif /* !_WIN32 || __CYGWIN__ */
-
diff --git a/libarchive-clib/c/archive_write_set_format_gnutar.c b/libarchive-clib/c/archive_write_set_format_gnutar.c
diff --git a/libarchive-clib/c/archive_write_set_format_ustar.c b/libarchive-clib/c/archive_write_set_format_ustar.c
diff --git a/libarchive-clib/c/archive_write_set_format_v7tar.c b/libarchive-clib/c/archive_write_set_format_v7tar.c
diff --git a/libarchive-clib/c/archive_write_set_format_zip.c b/libarchive-clib/c/archive_write_set_format_zip.c
diff --git a/libarchive-clib/libarchive-clib.cabal b/libarchive-clib/libarchive-clib.cabal

Original file line number	Diff line number	Diff line change
`@@ -198,6 +198,7 @@ static void __hmac_sha1_cleanup(archive_hmac_sha1_ctx *ctx)`
`198`	`198`	`}`
`199`	`199`
`200`	`200`	`#elif defined(HAVE_LIBNETTLE) && defined(HAVE_NETTLE_HMAC_H)`
	`201`	`+#include <nettle/version.h>`
`201`	`202`
`202`	`203`	`static int`
`203`	`204`	`__hmac_sha1_init(archive_hmac_sha1_ctx ctx, const uint8_t key, size_t key_len)`
`@@ -216,7 +217,12 @@ __hmac_sha1_update(archive_hmac_sha1_ctx ctx, const uint8_t data,`
`216`	`217`	`static void`
`217`	`218`	`__hmac_sha1_final(archive_hmac_sha1_ctx ctx, uint8_t out, size_t *out_len)`
`218`	`219`	`{`
	`220`	`+#if NETTLE_VERSION_MAJOR < 4`
`219`	`221`	`hmac_sha1_digest(ctx, (unsigned)*out_len, out);`
	`222`	`+#else`
	`223`	`+ hmac_sha1_digest(ctx, out);`
	`224`	`+ *out_len = SHA1_DIGEST_SIZE;`
	`225`	`+#endif`
`220`	`226`	`}`
`221`	`227`
`222`	`228`	`static void`
Original file line number	Diff line number	Diff line change
`@@ -149,6 +149,8 @@ archive_read_support_filter_program_signature(struct archive *_a,`
`149`	`149`	`if (signature != NULL && signature_len > 0) {`
`150`	`150`	`state->signature_len = signature_len;`
`151`	`151`	`state->signature = malloc(signature_len);`
	`152`	`+ if (state->signature == NULL)`
	`153`	`+ goto memerr;`
`152`	`154`	`memcpy(state->signature, signature, signature_len);`
`153`	`155`	`}`
`154`	`156`