Commit Graph

722 Commits

Author SHA1 Message Date
Lasse Collin 85da31d8b8 liblzma: Fix comments.
Thanks to Bruce Stark.
2019-12-31 22:19:18 +02:00
Lasse Collin 6a73a78895 liblzma: Fix one more unaligned read to use unaligned_read16ne(). 2019-12-31 22:19:18 +02:00
Lasse Collin 94aa3fb568 liblzma: memcmplen: Use ctz32() from tuklib_integer.h.
The same compiler-specific #ifdefs are already in tuklib_integer.h
2019-12-31 22:19:18 +02:00
Lasse Collin 412791486d tuklib_integer: Cleanup MSVC-specific code. 2019-12-31 22:19:18 +02:00
Lasse Collin efbf6e5f09 liblzma: Use unaligned_readXXne functions instead of type punning.
Now gcc -fsanitize=undefined should be clean.

Thanks to Jeffrey Walton.
2019-12-31 22:19:18 +02:00
Lasse Collin 29afef0348 tuklib_integer: Improve unaligned memory access.
Now memcpy() or GNU C packed structs for unaligned access instead
of type punning. See the comment in this commit for details.

Avoiding type punning with unaligned access is needed to
silence gcc -fsanitize=undefined.

New functions: unaliged_readXXne and unaligned_writeXXne where
XX is 16, 32, or 64.
2019-12-31 22:19:12 +02:00
Lasse Collin 596ed3de44 liblzma: Avoid memcpy(NULL, foo, 0) because it is undefined behavior.
I should have always known this but I didn't. Here is an example
as a reminder to myself:

    int mycopy(void *dest, void *src, size_t n)
    {
        memcpy(dest, src, n);
        return dest == NULL;
    }

In the example, a compiler may assume that dest != NULL because
passing NULL to memcpy() would be undefined behavior. Testing
with GCC 8.2.1, mycopy(NULL, NULL, 0) returns 1 with -O0 and -O1.
With -O2 the return value is 0 because the compiler infers that
dest cannot be NULL because it was already used with memcpy()
and thus the test for NULL gets optimized out.

In liblzma, if a null-pointer was passed to memcpy(), there were
no checks for NULL *after* the memcpy() call, so I cautiously
suspect that it shouldn't have caused bad behavior in practice,
but it's hard to be sure, and the problematic cases had to be
fixed anyway.

Thanks to Jeffrey Walton.
2019-07-13 17:56:28 +03:00
Lasse Collin 8d4906262b xz: Update xz man page date. 2019-07-13 17:54:52 +03:00
Antoine Cœur 0d318402f8 spelling 2019-07-13 17:53:33 +03:00
Lasse Collin 3ca432d9cc xz: Fix a crash in progress indicator when in passthru mode.
"xz -dcfv not_an_xz_file" crashed (all four options are
required to trigger it). It caused xz to call
lzma_get_progress(&strm, ...) when no coder was initialized
in strm. In this situation strm.internal is NULL which leads
to a crash in lzma_get_progress().

The bug was introduced when xz started using lzma_get_progress()
to get progress info for multi-threaded compression, so the
bug is present in versions 5.1.3alpha and higher.

Thanks to Filip Palian <Filip.Palian@pjwstk.edu.pl> for
the bug report.
2019-07-13 17:37:55 +03:00
Lasse Collin fcc419e3c3 xz: Update man page timestamp. 2019-07-13 17:36:27 +03:00
Pavel Raiskup 5a2fc3cd01 'have have' typos 2019-07-13 17:36:27 +03:00
Lasse Collin 7143b04fe4 xzless: Rename unused variables to silence static analysers.
In this particular case I don't see this affecting readability
of the code.

Thanks to Pavel Raiskup.
2019-07-13 17:17:00 +03:00
Lasse Collin 273c33297b liblzma: Remove an always-true condition from lzma_index_cat().
This should help static analysis tools to see that newg
isn't leaked.

Thanks to Pavel Raiskup.
2019-07-13 17:17:00 +03:00
Lasse Collin 65b4aba6d0 liblzma: Improve lzma_properties_decode() API documentation. 2019-07-13 17:17:00 +03:00
Lasse Collin b5be61cc06 Bump version and soname for 5.2.4. 2018-04-29 19:00:06 +03:00
Ben Boeckel c4a616f453 nothrow: use noexcept for C++11 and newer
In C++11, the `throw()` specifier is deprecated and `noexcept` is
preffered instead.
2018-03-28 19:24:39 +03:00
Lasse Collin 0b8947782f liblzma: Remove incorrect #ifdef from range_common.h.
In most cases it was harmless but it could affect some
custom build systems.

Thanks to Pippijn van Steenhoven.
2018-03-28 19:24:39 +03:00
Lasse Collin a3ce3e9023 tuklib_integer: New Intel C compiler needs immintrin.h.
Thanks to Melanie Blower (Intel) for the patch.
2018-03-28 19:24:39 +03:00
Lasse Collin 06eebd4543 Fix or hide warnings from GCC 7's -Wimplicit-fallthrough. 2018-03-28 19:16:06 +03:00
Lasse Collin eb2ef4c79b xz: Fix "xz --list --robot missing_or_bad_file.xz".
It ended up printing an uninitialized char-array when trying to
print the check names (column 7) on the "totals" line.

This also changes the column 12 (minimum xz version) to
50000002 (xz 5.0.0) instead of 0 when there are no valid
input files.

Thanks to kidmin for the bug report.
2018-03-28 19:16:06 +03:00
Lasse Collin 70f4792119 Update the home page URLs to HTTPS. 2018-03-28 19:16:06 +03:00
Lasse Collin 2a4b2fa75d xz: Use POSIX_FADV_RANDOM for in "xz --list" mode.
xz --list is random access so POSIX_FADV_SEQUENTIAL was clearly
wrong.
2017-03-30 22:02:10 +03:00
Lasse Collin eb25743ade liblzma: Fix lzma_memlimit_set(strm, 0).
The 0 got treated specially in a buggy way and as a result
the function did nothing. The API doc said that 0 was supposed
to return LZMA_PROG_ERROR but it didn't.

Now 0 is treated as if 1 had been specified. This is done because
0 is already used to indicate an error from lzma_memlimit_get()
and lzma_memusage().

In addition, lzma_memlimit_set() no longer checks that the new
limit is at least LZMA_MEMUSAGE_BASE. It's counter-productive
for the Index decoder and was actually needed only by the
auto decoder. Auto decoder has now been modified to check for
LZMA_MEMUSAGE_BASE.
2017-03-30 19:52:24 +03:00
Lasse Collin ef36c6362f liblzma: Similar memlimit fix for stream_, alone_, and auto_decoder. 2017-03-30 19:52:24 +03:00
Lasse Collin 5761603265 liblzma: Fix handling of memlimit == 0 in lzma_index_decoder().
It returned LZMA_PROG_ERROR, which was done to avoid zero as
the limit (because it's a special value elsewhere), but using
LZMA_PROG_ERROR is simply inconvenient and can cause bugs.

The fix/workaround is to treat 0 as if it were 1 byte. It's
effectively the same thing. The only weird consequence is
that then lzma_memlimit_get() will return 1 even when 0 was
specified as the limit.

This fixes a very rare corner case in xz --list where a specific
memory usage limit and a multi-stream file could print the
error message "Internal error (bug)" instead of saying that
the memory usage limit is too low.
2017-03-30 19:52:24 +03:00
Lasse Collin 3d566cd519 Bump version and soname for 5.2.3. 2016-12-30 13:26:36 +02:00
Lasse Collin cae412b2b7 xz: Fix the Capsicum rights on user_abort_pipe. 2016-12-30 13:13:57 +02:00
Lasse Collin e013a337d3 liblzma: Avoid multiple definitions of lzma_coder structures.
Only one definition was visible in a translation unit.
It avoided a few casts and temp variables but seems that
this hack doesn't work with link-time optimizations in compilers
as it's not C99/C11 compliant.

Fixes:
http://www.mail-archive.com/xz-devel@tukaani.org/msg00279.html
2016-12-28 19:59:32 +02:00
Lasse Collin ce2542d220 xz: Add support for sandboxing with Capsicum (disabled by default).
In the v5.2 branch this feature is considered experimental
and thus disabled by default.

The sandboxing is used conditionally as described in main.c.
This isn't optimal but it was much easier to implement than
a full sandboxing solution and it still covers the most common
use cases where xz is writing to standard output. This should
have practically no effect on performance even with small files
as fork() isn't needed.

C and locale libraries can open files as needed. This has been
fine in the past, but it's a problem with things like Capsicum.
io_sandbox_enter() tries to ensure that various locale-related
files have been loaded before cap_enter() is called, but it's
possible that there are other similar problems which haven't
been seen yet.

Currently Capsicum is available on FreeBSD 10 and later
and there is a port to Linux too.

Thanks to Loganaden Velvindron for help.
2016-12-26 20:40:27 +02:00
Lasse Collin d74377e62b liblzma: Fix a memory leak in error path of lzma_index_dup().
lzma_index_dup() calls index_dup_stream() which, in case of
an error, calls index_stream_end() to free memory allocated
by index_stream_init(). However, it illogically didn't
actually free the memory. To make it logical, the tree
handling code was modified a bit in addition to changing
index_stream_end().

Thanks to Evan Nemerson for the bug report.
2016-12-26 17:57:51 +02:00
Lasse Collin 88d7a7fd15 tuklib_cpucores: Add support for sched_getaffinity().
It's available in glibc (GNU/Linux, GNU/kFreeBSD). It's better
than sysconf(_SC_NPROCESSORS_ONLN) because sched_getaffinity()
gives the number of cores available to the process instead of
the total number of cores online.

As a side effect, this commit fixes a bug on GNU/kFreeBSD where
configure would detect the FreeBSD-specific cpuset_getaffinity()
but it wouldn't actually work because on GNU/kFreeBSD it requires
using -lfreebsd-glue when linking. Now the glibc-specific function
will be used instead.

Thanks to Sebastian Andrzej Siewior for the original patch
and testing.
2016-12-26 17:24:09 +02:00
Lasse Collin 51baf68437 xz: Fix copying of timestamps on Windows.
xz used to call utime() on Windows, but its result gets lost
on close(). Using _futime() seems to work.

Thanks to Martok for reporting the bug:
http://www.mail-archive.com/xz-devel@tukaani.org/msg00261.html
2016-06-30 21:00:49 +03:00
Lasse Collin 1ddc479851 xz: Silence warnings from -Wlogical-op.
Thanks to Evan Nemerson.
2016-06-28 21:11:02 +03:00
Lasse Collin be647ff5ed Build: Fix = to += for xz_SOURCES in src/xz/Makefile.am.
Thanks to Christian Kujau.
2016-06-28 21:09:46 +03:00
Lasse Collin 74f8dad9f9 liblzma: Disable external SHA-256 by default.
This is the sane thing to do. The conflict with OpenSSL
on some OSes and especially that the OS-provided versions
can be significantly slower makes it clear that it was
a mistake to have the external SHA-256 support enabled by
default.

Those who want it can now pass --enable-external-sha256 to
configure. INSTALL was updated with notes about OSes where
this can be a bad idea.

The SHA-256 detection code in configure.ac had some bugs that
could lead to a build failure in some situations. These were
fixed, although it doesn't matter that much now that the
external SHA-256 is disabled by default.

MINIX >= 3.2.0 uses NetBSD's libc and thus has SHA256_Init
in libc instead of libutil. Support for the libutil version
was removed.
2016-06-28 21:09:46 +03:00
Lasse Collin 5daae12391 tuklib_physmem: Hopefully silence a warning on Windows. 2016-06-28 21:09:46 +03:00
Lasse Collin 8173ff8790 liblzma: Make Valgrind happier with optimized (gcc -O2) liblzma.
When optimizing, GCC can reorder code so that an uninitialized
value gets used in a comparison, which makes Valgrind unhappy.
It doesn't happen when compiled with -O0, which I tend to use
when running Valgrind.

Thanks to Rich Prohaska. I remember this being mentioned long
ago by someone else but nothing was done back then.
2016-06-28 21:09:46 +03:00
Lasse Collin 013de2b5ab liblzma: Rename lzma_presets.c back to lzma_encoder_presets.c.
It would be too annoying to update other build systems
just because of this.
2016-06-28 21:09:46 +03:00
Lasse Collin 2296778f3c xz: Make xz buildable even when encoders or decoders are disabled.
The patch is quite long but it's mostly about adding new #ifdefs
to omit code when encoders or decoders have been disabled.

This adds two new #defines to config.h: HAVE_ENCODERS and
HAVE_DECODERS.
2016-06-28 21:09:46 +03:00
Lasse Collin 97a3109281 Build: Build LZMA1/2 presets also when only decoder is wanted.
People shouldn't rely on the presets when decoding raw streams,
but xz uses the presets as the starting point for raw decoder
options anyway.

lzma_encocder_presets.c was renamed to lzma_presets.c to
make it clear it's not used solely by the encoder code.
2016-06-28 21:09:46 +03:00
Lasse Collin 46d76c9cd3 Build: Don't omit lzma_cputhreads() unless using --disable-threads.
Previously it was omitted if encoders were disabled
with --disable-encoders. It didn't make sense and
it also broke the build.
2016-06-28 21:09:46 +03:00
Lasse Collin 16d68f874d liblzma: Fix a build failure related to external SHA-256 support.
If an appropriate header and structure were found by configure,
but a library with a usable SHA-256 functions wasn't, the build
failed.
2016-06-28 21:09:46 +03:00
Lasse Collin d9311647fc xz: Always close the file before trying to delete it.
unlink() can return EBUSY in errno for open files on some
operating systems and file systems.
2016-06-28 21:09:46 +03:00
Lasse Collin e10bfdb0fc liblzma: Fix lzma_index_dup() for empty Streams.
Stream Flags and Stream Padding weren't copied from
empty Streams.
2016-06-28 21:09:46 +03:00
Lasse Collin 06f434bd89 liblzma: Add a note to index.c for those using static analyzers. 2016-06-28 21:09:46 +03:00
Lasse Collin 9815cdf698 Bump version and soname for 5.2.2. 2015-09-29 13:59:35 +03:00
Lasse Collin 119a004349 liblzma: A MSVC-specific hack isn't needed with MSVC 2013 and newer. 2015-09-25 14:03:24 +03:00
Lasse Collin ff96ed6d25 xz: Document that threaded decompression hasn't been implemented yet. 2015-05-11 21:26:40 +03:00
Lasse Collin db190a832c Revert "xz: Use pipe2() if available."
This reverts commit 7a11c4a8e5.
It is a problem when libc has pipe2() but the kernel is too
old to have pipe2() and thus pipe2() fails. In xz it's pointless
to have a fallback for non-functioning pipe2(); it's better to
avoid pipe2() completely.

Thanks to Michael Fox for the bug report.
2015-04-20 19:59:18 +03:00