Commit 36160e4f authored by Natanael Copa's avatar Natanael Copa

main/bzip2: upgrade to 1.0.6. security fix for CVE-2010-0405

parent 9740e74c
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=bzip2
pkgver=1.0.5
pkgrel=1
pkgver=1.0.6
pkgrel=0
pkgdesc="A high-quality data compression program"
url="http://sources.redhat.com/bzip2"
license="BZIP2"
depends="uclibc"
install="$pkgname.post-deinstall"
source="http://www.bzip.org/$pkgver/$pkgname-$pkgver.tar.gz
$install
bzip2-1.0.4-POSIX-shell.patch
bzip2-1.0.4-makefile-CFLAGS.patch
bzip2-1.0.6-saneso.patch
bzip2-1.0.4-man-links.patch
bzip2-1.0.4-saneso.patch
bzip2-1.0.2-progress.patch
bzip2-1.0.3-no-test.patch
bzip2-1.0.4-POSIX-shell.patch
"
subpackages="$pkgname-dev $pkgname-doc"
subpackages="$pkgname-dev $pkgname-doc libbz2"
build () {
_builddir="$srcdir"/$pkgname-$pkgver
prepare() {
local i
cd "$srcdir"/$pkgname-$pkgver
for i in ../*.patch; do
msg "Applying ${i##*/}"
patch -p1 < $i || return 1
cd "$_builddir"
for i in $source; do
case $i in
*.patch)
msg "Applying $i"
patch -p1 -i "$srcdir"/$i || return 1
;;
esac
done
# Fix man path
......@@ -36,13 +42,32 @@ build () {
-e "s:1\.0\.4:$pkgver:" \
bzip2.1 bzip2.txt Makefile-libbz2_so manual.* || return 1
}
build () {
cd "$_builddir"
make -f Makefile-libbz2_so all || return 1
make all || return 1
}
package() {
cd "$_builddir"
make PREFIX="$pkgdir"/usr install || return 1
install -D libbz2.so.$pkgver "$pkgdir"/usr/lib/libbz2.so.$pkgver
ln -s libbz2.so.$pkgver "$pkgdir"/usr/lib/libbz2.so
ln -s libbz2.so.$pkgver "$pkgdir"/usr/lib/libbz2.so.${pkgver%%.*}
}
md5sums="3c15a0c8d1d3ee1c46a1634d00617b1a bzip2-1.0.5.tar.gz
b84506d253e04db3c5af9016fead45a3 bzip2.post-deinstall
2e9bcfeb1614b55f5ba2d087ac65a3fe bzip2-1.0.4-POSIX-shell.patch
56b90131e3c2ae425b758de9c7be7682 bzip2-1.0.4-makefile-CFLAGS.patch
libbz2() {
pkgdesc="Shared library for bz2"
mkdir -p "$subpkgdir"/usr/lib
mv "$pkgdir"/usr/lib/*.so.* "$subpkgdir"/usr/lib/
}
md5sums="00b516f4704d4a7cb50a1d97e6e8e15b bzip2-1.0.6.tar.gz
3675cd4db6affe64e1d7d40bc2ad4f26 bzip2-1.0.4-makefile-CFLAGS.patch
d47a4aa8f08d101aa5aa0dd2030338d1 bzip2-1.0.6-saneso.patch
fd13ef6bc55276c7e3adc346bde56cd1 bzip2-1.0.4-man-links.patch
643983e8134723ebe53c858b1a3938ad bzip2-1.0.4-saneso.patch"
5f7a98f0aaaed6554126d30e28383ee0 bzip2-1.0.2-progress.patch
804bd17c96297968a89fc4eddc9a6713 bzip2-1.0.3-no-test.patch
55ac0e9be7821190b99376e0205707be bzip2-1.0.4-POSIX-shell.patch"
Ripped from Mandrake.
http://bugs.gentoo.org/show_bug.cgi?id=82192
--- bzip2-1.0.2.org/bzip2.1
+++ bzip2-1.0.2/bzip2.1
@@ -235,6 +235,10 @@
Suppress non-essential warning messages. Messages pertaining to
I/O errors and other critical events will not be suppressed.
.TP
+.B \-p --show-progress
+Show percentage of input-file done and while compressing show the percentage
+of the original file the new file is.
+.TP
.B \-v --verbose
Verbose mode -- show the compression ratio for each file processed.
Further \-v's increase the verbosity level, spewing out lots of
--- bzip2-1.0.2.org/bzip2.c
+++ bzip2-1.0.2/bzip2.c
@@ -145,6 +145,7 @@
#include <signal.h>
#include <math.h>
#include <errno.h>
+#include <time.h>
#include <ctype.h>
#include "bzlib.h"
@@ -301,6 +302,7 @@
Char progNameReally[FILE_NAME_LEN];
FILE *outputHandleJustInCase;
Int32 workFactor;
+Char showProgress;
static void panic ( Char* ) NORETURN;
static void ioError ( void ) NORETURN;
@@ -425,6 +427,12 @@
UInt32 nbytes_in_lo32, nbytes_in_hi32;
UInt32 nbytes_out_lo32, nbytes_out_hi32;
Int32 bzerr, bzerr_dummy, ret;
+ double fileSize = 0; /* initialized to make the compiler stop crying */
+ /* double because big files might otherwhise give
+ * overflows. not long long since not all compilers
+ * support that one
+ */
+ time_t startTime, currentTime;
SET_BINARY_MODE(stream);
SET_BINARY_MODE(zStream);
@@ -432,12 +440,21 @@
if (ferror(stream)) goto errhandler_io;
if (ferror(zStream)) goto errhandler_io;
+ if ((srcMode == SM_F2F || srcMode == SM_F2O) && showProgress == True) {
+ (void)fseek(stream, 0, SEEK_END);
+ fileSize = (double)ftell(stream);
+ rewind(stream);
+ if (verbosity >= 1)
+ fprintf(stderr, "Input-file size: %ld\n", (long)fileSize);
+ }
+
bzf = BZ2_bzWriteOpen ( &bzerr, zStream,
blockSize100k, verbosity, workFactor );
if (bzerr != BZ_OK) goto errhandler;
if (verbosity >= 2) fprintf ( stderr, "\n" );
+ time(&startTime);
while (True) {
if (myfeof(stream)) break;
@@ -446,13 +463,32 @@
if (nIbuf > 0) BZ2_bzWrite ( &bzerr, bzf, (void*)ibuf, nIbuf );
if (bzerr != BZ_OK) goto errhandler;
+ if ((srcMode == SM_F2F || srcMode == SM_F2O) && showProgress == True)
+ {
+ time(&currentTime);
+
+ if ((currentTime - startTime) > 1) { /* show progress every 2 seconds */
+ double curInPos = (double)ftell(stream);
+ double curOutPos = (double)ftell(zStream);
+
+ startTime = currentTime;
+
+ fprintf(stderr, "%.2f%% done", (curInPos * 100.0) / fileSize);
+ if (srcMode == SM_F2F)
+ {
+ fprintf(stderr, ", new size: %.2f%%", (curOutPos * 100.0) / curInPos);
+ }
+
+ fprintf(stderr, " \r");
+ }
+ }
}
BZ2_bzWriteClose64 ( &bzerr, bzf, 0,
&nbytes_in_lo32, &nbytes_in_hi32,
&nbytes_out_lo32, &nbytes_out_hi32 );
if (bzerr != BZ_OK) goto errhandler;
-
+
if (ferror(zStream)) goto errhandler_io;
ret = fflush ( zStream );
if (ret == EOF) goto errhandler_io;
@@ -526,6 +562,8 @@
UChar unused[BZ_MAX_UNUSED];
Int32 nUnused;
UChar* unusedTmp;
+ double fileSize = 0; /* initialized to make the compiler stop crying */
+ time_t startTime, currentTime;
nUnused = 0;
streamNo = 0;
@@ -533,9 +571,19 @@
SET_BINARY_MODE(stream);
SET_BINARY_MODE(zStream);
+ if ((srcMode == SM_F2F || srcMode == SM_F2O) && showProgress == True) {
+ long dummy = ftell(zStream);
+ (void)fseek(zStream, 0, SEEK_END);
+ fileSize = (double)ftell(zStream);
+ (void)fseek(zStream, dummy, SEEK_SET);
+ if (verbosity >= 1)
+ fprintf(stderr, "Input-file size: %ld\n", (long)fileSize);
+ }
+
if (ferror(stream)) goto errhandler_io;
if (ferror(zStream)) goto errhandler_io;
+ time(&startTime);
while (True) {
bzf = BZ2_bzReadOpen (
@@ -551,6 +599,17 @@
if ((bzerr == BZ_OK || bzerr == BZ_STREAM_END) && nread > 0)
fwrite ( obuf, sizeof(UChar), nread, stream );
if (ferror(stream)) goto errhandler_io;
+
+ if ((srcMode == SM_F2F || srcMode == SM_F2O) && showProgress == True) {
+ time(&currentTime);
+ if ((currentTime - startTime) >= 2)
+ {
+ double curInPos = (double)ftell(zStream);
+ startTime = currentTime;
+
+ fprintf(stderr, "%.2f%% done\r", (curInPos * 100.0) / fileSize);
+ }
+ }
}
if (bzerr != BZ_STREAM_END) goto errhandler;
@@ -1872,6 +1931,7 @@
deleteOutputOnInterrupt = False;
exitValue = 0;
i = j = 0; /* avoid bogus warning from egcs-1.1.X */
+ showProgress = False;
/*-- Set up signal handlers for mem access errors --*/
signal (SIGSEGV, mySIGSEGVorSIGBUScatcher);
@@ -1949,6 +2009,7 @@
case 'k': keepInputFiles = True; break;
case 's': smallMode = True; break;
case 'q': noisy = False; break;
+ case 'p': showProgress = True; break;
case '1': blockSize100k = 1; break;
case '2': blockSize100k = 2; break;
case '3': blockSize100k = 3; break;
@@ -1985,6 +2046,7 @@
if (ISFLAG("--keep")) keepInputFiles = True; else
if (ISFLAG("--small")) smallMode = True; else
if (ISFLAG("--quiet")) noisy = False; else
+ if (ISFLAG("--show-progress")) showProgress = True; else
if (ISFLAG("--version")) license(); else
if (ISFLAG("--license")) license(); else
if (ISFLAG("--exponential")) workFactor = 1; else
--- ./Makefile
+++ ./Makefile
@@ -23,5 +23,5 @@
bzlib.o
-all: libbz2.a bzip2 bzip2recover test
+all: libbz2.a bzip2 bzip2recover
bzip2: libbz2.a bzip2.o
......@@ -3,8 +3,8 @@ with calls to sed so POSIX shells work
http://bugs.gentoo.org/193365
--- a/bzgrep
+++ b/bzgrep
--- ./bzgrep
+++ ./bzgrep
@@ -63,10 +63,9 @@
bzip2 -cdfq "$i" | $grep $opt "$pat"
r=$?
......
--- a/Makefile
+++ b/Makefile
--- ./Makefile
+++ ./Makefile
@@ -18,10 +18,9 @@
CC=gcc
AR=ar
......@@ -8,18 +8,18 @@
BIGFILES=-D_FILE_OFFSET_BITS=64
-CFLAGS=-Wall -Winline -O2 -g $(BIGFILES)
+CFLAGS+=-Wall -Winline $(BIGFILES)
+CFLAGS+=-Wall -Winline $(BIGFILES) $(CPPFLAGS)
# Where you want it installed when you do 'make install'
PREFIX=/usr/local
--- a/Makefile-libbz2_so
+++ b/Makefile-libbz2_so
--- ./Makefile-libbz2_so
+++ ./Makefile-libbz2_so
@@ -24,7 +24,7 @@
SHELL=/bin/sh
CC=gcc
BIGFILES=-D_FILE_OFFSET_BITS=64
-CFLAGS=-fpic -fPIC -Wall -Winline -O2 -g $(BIGFILES)
+CFLAGS+=-fpic -fPIC -Wall -Winline $(BIGFILES)
+CFLAGS+=-fpic -fPIC -Wall -Winline $(BIGFILES) $(CPPFLAGS)
OBJS= blocksort.o \
huffman.o \
--- a/Makefile-libbz2_so
+++ b/Makefile-libbz2_so
--- ./Makefile-libbz2_so
+++ ./Makefile-libbz2_so
@@ -35,8 +35,8 @@
bzlib.o
all: $(OBJS)
- $(CC) -shared -Wl,-soname -Wl,libbz2.so.1.0 -o libbz2.so.1.0.4 $(OBJS)
- $(CC) $(CFLAGS) -o bzip2-shared bzip2.c libbz2.so.1.0.4
+ $(CC) $(LDFLAGS) -shared -Wl,-soname -Wl,libbz2.so.1 -o libbz2.so.1.0.4 $(OBJS)
+ $(CC) $(LDFLAGS) $(CFLAGS) -o bzip2-shared bzip2.c libbz2.so.1.0.4
- $(CC) -shared -Wl,-soname -Wl,libbz2.so.1.0 -o libbz2.so.1.0.6 $(OBJS)
- $(CC) $(CFLAGS) -o bzip2-shared bzip2.c libbz2.so.1.0.6
+ $(CC) $(LDFLAGS) -shared -Wl,-soname -Wl,libbz2.so.1 -o libbz2.so.1.0.6 $(OBJS)
+ $(CC) $(LDFLAGS) $(CFLAGS) -o bzip2-shared bzip2.c libbz2.so.1.0.6
rm -f libbz2.so.1.0
ln -s libbz2.so.1.0.4 libbz2.so.1.0
ln -s libbz2.so.1.0.6 libbz2.so.1.0
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment