1
0
mirror of https://git.tukaani.org/xz.git synced 2025-10-25 18:42:52 +00:00

2477 Commits

Author SHA1 Message Date
Lasse Collin
7413383e42 xz: Fix white space error.
Thanks to xx on #tukaani.

(cherry picked from commit eeca8f7c5baf1ad69606bb734d5001763466d58f)
2024-05-22 14:32:36 +03:00
Sam James
eed2f26c0e xz: add missing noreturn for message_filters_help
Fixes: a165d7df1964121eb9df715e6f836a31c865beef
(cherry picked from commit 462ca9409940a19f743daee6b3bcc611277d0007)
2024-05-22 14:32:36 +03:00
Sam James
2633d8df61 xz: signals: suppress -Wsign-conversion on macOS
On macOS, we get:
```
signals.c: In function 'signals_init':
signals.c:76:17: error: conversion to 'sigset_t' {aka 'unsigned int'} from 'int' may change the sign of the result [-Werror=sign-conversion]
   76 |                 sigaddset(&hooked_signals, sigs[i]);
      |                 ^~~~~~~~~
signals.c:81:17: error: conversion to 'sigset_t' {aka 'unsigned int'} from 'int' may change the sign of the result [-Werror=sign-conversion]
   81 |                 sigaddset(&hooked_signals, message_progress_sigs[i]);
      |                 ^~~~~~~~~
signals.c:86:9: error: conversion to 'sigset_t' {aka 'unsigned int'} from 'int' may change the sign of the result [-Werror=sign-conversion]
   86 |         sigaddset(&hooked_signals, SIGTSTP);
      |         ^~~~~~~~~
```

We use `int` for `hooked_signals` but we can't just cast to whatever
`sigset_t` is because `sigset_t` is an opaque type. It's an unsigned int
on macOS. On macOS, `sigaddset` is implemented as a macro.

Just suppress -Wsign-conversion for `signals_init` for macOS given
there's no real nice way of fixing this.

(cherry picked from commit 863f13d2828b99b0539ce73f9cf85bde32358034)
2024-05-22 14:32:36 +03:00
Lasse Collin
50fb269c7a Tests: test_microlzma: Add a "FIXME?" about LZMA_FINISH handling
(cherry picked from commit fcbd0d199933a69713cb293cbd7409a757d854cd)
2024-05-22 14:32:36 +03:00
Lasse Collin
3e2ff2d38c Tests: test_microlzma: Tweak comments, coding style, and minor details
A few lines were reordered, a few ARRAY_SIZE were changed to sizeof,
and a few uint32_t were changed to size_t. No real functional changes
were intended.

(cherry picked from commit 0fe2dfa68355d2b165544b2bc8babf77dcc2039e)
2024-05-22 14:32:36 +03:00
Ryan Carsten Schmidt
ebc8b8de19 CI: Use only the active CPUs on macOS
hw.ncpu counts all CPUs including inactive ones. hw.activecpu counts
only the active CPUs.

(cherry picked from commit 97f0ee0f1f903f4e7c4ea23e9b89d687025d2992)
2024-05-22 14:26:59 +03:00
Sam James
1e63f7d536 ci: rename ci_build.sh -> ci_build.bash
We discussed the name and it's less cognitive load to just call it '.bash'
so you don't have an immediate question about if bashisms are OK.

(cherry picked from commit 73f629e321b74f68c9954728fa4f19261afccf46)
2024-05-22 14:26:59 +03:00
Sam James
aea54a4724 ci: build in parallel by default
(cherry picked from commit 8709407a9ef8e7e8aec117879400e4dd3e227ada)
2024-05-22 14:26:59 +03:00
Sam James
4381fcf00b ci: default to -O2
We need this for when we're passing sanitizer flags or -gdwarf-4 for Clang
with Valgrind. Just always start with -O2 if CFLAGS isn't set in the
environment and append what was passed on the command line.

(cherry picked from commit 65bf7e0a1ca6386f17608e8afb84ac470c18d23f)
2024-05-22 14:26:59 +03:00
Sam James
752ba5ed99 ci: make automake's test runner verbose on failures
This is a lot easier to work with than the save-logs thing the action
tries to do...

(cherry picked from commit bc899f9e0700ad153bd65f4804c4de7515c8a847)
2024-05-22 14:26:59 +03:00
Sam James
cc21af1715 ci: make UBSAN abort on errors
Unfortunately, UBSAN doesn't do this by default. See also the change
I made in Meson for this in October [0].

[0] 7b7d2e060b

(cherry picked from commit b5e3470442531717b2457b40ab412740296af1bc)
2024-05-22 14:26:59 +03:00
Sam James
2d2d5f14b3 ci: test Valgrind
Using `--trace-children=yes` has a trade-off here, as it makes
`test_scripts.sh` pretty slow when calling various non-xz utilities.

But I also feel like it's not useless to have Valgrind used there and it's
not easy to exclude Valgrind just for that one test...

I did consider using AX_VALGRIND_CHECK [0][1] but I couldn't get it working
immediately with some conditionally-built tests and I wondered if it was
worth spending time on at least while we're debating xz's future build
system situation.

[0] https://www.gnu.org/software/autoconf-archive/ax_valgrind_check.html
[1] https://tecnocode.co.uk/2014/12/23/automatically-valgrinding-code-with-ax_valgrind_check/

(cherry picked from commit 6c095a98fbec70b790253a663173ecdb669108c4)
2024-05-22 14:26:59 +03:00
Lasse Collin
5d20a61205 liblzma: CRC: Simplify table omission macros
A macro is useful to prevent a single #if directive from
getting too ugly but only one macro is needed for all archs.

(cherry picked from commit 6286c1900c2d2ca33d9b1b397122c7bcdb9a4d59)
2024-05-22 14:26:03 +03:00
Lasse Collin
2a80827e23 liblzma: ARM64 CRC: Fix omission of CRC32 table
The macro name had an odd typo so the table wasn't omitted
when it should have.

Fixes: 1940f0ec28f08c0ac72c1413d9706fb82eabe6ad
(cherry picked from commit 45da936c879acf4f053a3055665bf1b10ded4462)
2024-05-22 14:26:03 +03:00
Lasse Collin
a541173771 Build: If ARM64 feature detection func is found, stop looking for others
This can speed up configure a tiny bit.

Fixes: c5f6d79cc9515a7f22d7ea4860c6cc394b295732
(cherry picked from commit 308a9af85400b0e2019f0f012c8354e831d06d65)
2024-05-22 14:26:03 +03:00
Lasse Collin
9223ad6e78 liblzma: ARM64 CRC32: Change style of the macOS code to match FreeBSD
I didn't test this but it shouldn't change any functionality.

Fixes: 761f5b69a4c778c8bcb09279b845b07c28790575
(cherry picked from commit fc43cecd32bf9d5f8caa599206b15c9569af1eb6)
2024-05-22 14:26:03 +03:00
Lasse Collin
32ceb2c36a liblzma: ARM64 CRC32: Add error checking to FreeBSD-specific code
Also add parenthesis to the return statement.

I didn't test this.

Fixes: 761f5b69a4c778c8bcb09279b845b07c28790575
(cherry picked from commit 1024cd4cd966b998fedec51e385e9ee9a49b3c57)
2024-05-22 14:26:03 +03:00
Lasse Collin
42915101e9 liblzma: ARM64 CRC32: Use negation instead of subtracting from 8
Subtracting from 0 is negation, this just keeps warnings away.

Fixes: 761f5b69a4c778c8bcb09279b845b07c28790575
(cherry picked from commit 2337f7021c860b026e3e849e60a9ae8d09ec0ea0)
2024-05-22 14:26:03 +03:00
Lasse Collin
42a9482b48 liblzma: ARM64 CRC32: Tweak coding style and comments
(cherry picked from commit d8fffd01aa1a3c18e437a222abd34699e23ff5e7)
2024-05-22 14:26:03 +03:00
Lasse Collin
38a3ec5a7e CI: Remove ifunc support.
(cherry picked from commit 986865ea2f9d1f8dbef4a130926df106b0f6d41a)
2024-05-22 14:12:43 +03:00
Lasse Collin
34d1252f09 liblzma: Remove ifunc support.
This is *NOT* done for security reasons even though the backdoor
relied on the ifunc code. Instead, the reason is that in this
project ifunc provides little benefits but it's quite a bit of
extra code to support it. The only case where ifunc *might* matter
for performance is if the CRC functions are used directly by an
application. In normal compression use it's completely irrelevant.

(cherry picked from commit 689ae2427342a2ea1206eb5ca08301baf410e7e0)
2024-05-22 14:12:43 +03:00
Lasse Collin
a594b39685 tests/files/README: Update the main heading.
(cherry picked from commit 6b4c859059a7eb9b0547590c081668e14ecf8af6)
2024-05-22 14:12:43 +03:00
Lasse Collin
fa76e3ef59 tests/files/README: Explain how to recreate the ARM64 test files.
(cherry picked from commit 2a851e06b891ce894f918faff32a6cca6fdecee6)
2024-05-22 14:12:43 +03:00
Lasse Collin
112fa0aba6 debug: Add generator for the ARM64 test file data.
(cherry picked from commit 3d09b721b94e18fe1f853a04799697f5de10b291)
2024-05-22 14:12:43 +03:00
Lasse Collin
1a1f3d0323 xz man page: Use .ft CR instead of CW to silence warnings from groff.
(cherry picked from commit 31ef676567c9d6fcc4ec9fc833c312f7a7c21c48)
2024-05-22 14:12:43 +03:00
Lasse Collin
9f9203f574 Fix NEWS for 5.6.0 and 5.6.1.
(cherry picked from commit 780cbf29d5a88db2b546e9b7b019c4c33ca72685)
2024-05-22 14:12:43 +03:00
Lasse Collin
12876b33c7 Remove the XZ logo.
(cherry picked from commit bfd0c7c478e93a1911b845459549ff94587b6ea2)
2024-05-22 14:12:43 +03:00
Lasse Collin
879295d91f Update maintainer and author info.
The other maintainer suddenly disappeared.

(cherry picked from commit 77a294d98a9d2d48f7e4ac273711518bf689f5c4)
2024-05-22 14:12:43 +03:00
Lasse Collin
859617d30d Docs: Update .xz file format specification to 1.2.1.
This only reverts the XZ URL changes.

(cherry picked from commit 8dd03d4484ccf80022722a16d0ed9b37f2b58072)
2024-05-22 14:12:43 +03:00
Lasse Collin
eeb74fba1f Update website URLs back to tukaani.org.
The XZ projects were moved back to their original URLs.

(cherry picked from commit 17aa2e1a796d3f758802df29afc89dcf335db567)
2024-05-22 14:12:39 +03:00
Lasse Collin
a7b9cd7000 xzdec: Tweak coding style and comments.
(cherry picked from commit 2739db981023373a2ddabc7b456c7e658bb4f582)
2024-05-22 14:12:13 +03:00
Lasse Collin
ebe9d6d8cb tests/ossfuzz: Tiny fix to a comment.
(cherry picked from commit 408b6adb2a07d07c6535f859571cca38837caaf3)
2024-05-22 14:12:13 +03:00
Lasse Collin
78ab47d65d CMake: Fix sabotaged Landlock sandbox check.
It never enabled it.

(cherry picked from commit f9cf4c05edd14dedfe63833f8ccbe41b55823b00)
2024-05-22 14:10:54 +03:00
Lasse Collin
5f178c364c Delete SECURITY.md from v5.6
It's too easily out of date in the stable branches.
It's not included in the release packages anyway.
2024-05-22 14:08:33 +03:00
Lasse Collin
b3a7561880 liblzma: memcmplen.h: Add a comment why subtraction is used.
(cherry picked from commit 0b99783d63f27606936bb79a16c52d0d70c0b56f)
2024-05-22 14:07:37 +03:00
Lasse Collin
94939a145f INSTALL: Document arguments of --enable-symbol-versions.
(cherry picked from commit 8a25ba024d55610c448c6e4f1400a00bae51b493)
2024-05-22 14:07:37 +03:00
Lasse Collin
fa14c8aaf0 Build: Use only the generic symbol versioning with NVIDIA HPC Compiler.
This does the previous commit with CMake.

AC_EGREP_CPP uses AC_REQUIRE so the outermost if-commands must
be changed to AS_IF to ensure that things wont break some day.
See 5a5bd7f871818029d5ccbe189f087f591258c294.

(cherry picked from commit 49324b711f9d42b3543bf2f3ae598eaa03360bd5)
2024-05-22 14:07:37 +03:00
Lasse Collin
73baa8d99b CMake: Use only the generic symbol versioning with NVIDIA HPC Compiler.
It doesn't support the __symver__ attribute or __asm__(".symver ...").
The generic symbol versioning can still be used since it only needs
linker support.

(cherry picked from commit c273123ed0ebaebf49994057a7fe98aae7f42c40)
2024-05-22 14:07:37 +03:00
Lasse Collin
886633f423 Update THANKS.
(cherry picked from commit df7f487648d18a3992386a59b8a061edca862d17)
2024-05-22 14:07:37 +03:00
Lasse Collin
760f622f0d liblzma: Minor comment edits.
(cherry picked from commit 3217b82b3ec023bf8338249134a076bea0ea30ec)
2024-05-22 14:07:37 +03:00
Sergey Kosukhin
403b4c78b8 liblzma: Fix building with NVHPC (NVIDIA HPC SDK).
NVHPC compiler has several issues that make it impossible to
build liblzma:
  - the compiler cannot handle unions that contain pointers that
    are not the first members;
  - the compiler cannot handle the assembler code in range_decoder.h
    (LZMA_RANGE_DECODER_CONFIG has to be set to zero);
  - the compiler fails to produce valid code for delta_decode if the
    vectorization is enabled, which results in failed tests.

This introduces NVHPC-specific workarounds that address the issues.

(cherry picked from commit 096bc0e3f8fb4bfc4d2f3f64a7f219401ffb4c31)
2024-05-22 14:07:37 +03:00
Lasse Collin
1888fb49f6 CMake: Disable symbol versioning on non-glibc Linux.
This better matches what configure.ac does. For example, musl has
only basic symbol versioning support:

https://wiki.musl-libc.org/functional-differences-from-glibc.html#Symbol_versioning

configure.ac tries to enable symbol versioning only with glibc
so now CMake does the same.

(cherry picked from commit 2ad7fad67080e88fa7fc191f9d613d8b7add9c62)
2024-05-22 14:07:37 +03:00
Lasse Collin
4b3c84e8ee CMake: Make symbol versioning configurable.
(cherry picked from commit 82f0c0d39eb2c026b1d96ee706f70ace868d4ed4)
2024-05-22 14:07:37 +03:00
Lasse Collin
69d1e20208 Build: Style tweaks to configure.ac.
The AC_MSG_ERROR line is overlong anyway as are a few other
AC_MSG_ERROR lines already.

(cherry picked from commit 45d33bfc45e4295b8ad743bc2ae61cc724f98076)
2024-05-22 14:07:37 +03:00
Sergey Kosukhin
051d6b5c85 Build: Let the users override the symbol versioning variant.
There are cases when the users want to decide themselves whether
they want to have the generic (even on GNU/Linux) or the linux
(even if we do not recommend that) symbol versioning variant.
The former might be needed to circumvent compiler issues (i.e.
the compiler does not support all features that are required
for the linux versioning), the latter might help in overriding
the assumptions made in the configure script.

(cherry picked from commit f56ed6fac6619b56b005878d3b5210e2f0d721c0)
2024-05-22 14:07:37 +03:00
Lasse Collin
95dcea4b5d Update THANKS. 2024-04-09 18:38:37 +03:00
Lasse Collin
1107712e37 Remove the backdoor found in 5.6.0 and 5.6.1 (CVE-2024-3094).
While the backdoor was inactive (and thus harmless) without inserting
a small trigger code into the build system when the source package was
created, it's good to remove this anyway:

  - The executable payloads were embedded as binary blobs in
    the test files. This was a blatant violation of the
    Debian Free Software Guidelines.

  - On machines that see lots bots poking at the SSH port, the backdoor
    noticeably increased CPU load, resulting in degraded user experience
    and thus overwhelmingly negative user feedback.

  - The maintainer who added the backdoor has disappeared.

  - Backdoors are bad for security.

This reverts the following without making any other changes:

6e636819 Tests: Update two test files.
a3a29bbd Tests: Test --single-stream can decompress bad-3-corrupt_lzma2.xz.
0b4ccc91 Tests: Update RISC-V test files.
8c9b8b20 liblzma: Fix typos in crc32_fast.c and crc64_fast.c.
82ecc538 liblzma: Fix false Valgrind error report with GCC.
cf44e4b7 Tests: Add a few test files.
3060e107 Tests: Use smaller dictionary size in RISC-V test files.
e2870db5 Tests: Add two RISC-V Filter test files.

The RISC-V test files also have real content that tests the filter
but the real content would fit into much smaller files. A generator
program would need to be available as well.

Thanks to Andres Freund for finding and reporting it and making
it public quickly so others could act without a delay.
See: https://www.openwall.com/lists/oss-security/2024/03/29/4
2024-04-09 18:38:37 +03:00
Jia Tan
fd1b975b78 Bump version and soname for 5.6.1. v5.6.1 2024-03-09 11:42:50 +08:00
Jia Tan
a2cda57249 Add NEWS for 5.6.1 2024-03-09 11:27:27 +08:00
Jia Tan
8583c60211 Translations: Add missing --riscv option to man page translations. 2024-03-09 10:43:20 +08:00