Commit Graph

1403 Commits

Author SHA1 Message Date
Lasse Collin 596ed3de44 liblzma: Avoid memcpy(NULL, foo, 0) because it is undefined behavior.
I should have always known this but I didn't. Here is an example
as a reminder to myself:

    int mycopy(void *dest, void *src, size_t n)
    {
        memcpy(dest, src, n);
        return dest == NULL;
    }

In the example, a compiler may assume that dest != NULL because
passing NULL to memcpy() would be undefined behavior. Testing
with GCC 8.2.1, mycopy(NULL, NULL, 0) returns 1 with -O0 and -O1.
With -O2 the return value is 0 because the compiler infers that
dest cannot be NULL because it was already used with memcpy()
and thus the test for NULL gets optimized out.

In liblzma, if a null-pointer was passed to memcpy(), there were
no checks for NULL *after* the memcpy() call, so I cautiously
suspect that it shouldn't have caused bad behavior in practice,
but it's hard to be sure, and the problematic cases had to be
fixed anyway.

Thanks to Jeffrey Walton.
2019-07-13 17:56:28 +03:00
Lasse Collin b4b83555c5 Update THANKS. 2019-07-13 17:54:52 +03:00
Lasse Collin 8d4906262b xz: Update xz man page date. 2019-07-13 17:54:52 +03:00
Antoine Cœur 0d318402f8 spelling 2019-07-13 17:53:33 +03:00
Lasse Collin aeb3be8ac4 README: Update translation instructions.
XZ Utils is now part of the Translation Project
<https://translationproject.org/>.
2019-07-13 17:37:55 +03:00
Lasse Collin 0c238dc3fe Update THANKS. 2019-07-13 17:37:55 +03:00
Lasse Collin 3ca432d9cc xz: Fix a crash in progress indicator when in passthru mode.
"xz -dcfv not_an_xz_file" crashed (all four options are
required to trigger it). It caused xz to call
lzma_get_progress(&strm, ...) when no coder was initialized
in strm. In this situation strm.internal is NULL which leads
to a crash in lzma_get_progress().

The bug was introduced when xz started using lzma_get_progress()
to get progress info for multi-threaded compression, so the
bug is present in versions 5.1.3alpha and higher.

Thanks to Filip Palian <Filip.Palian@pjwstk.edu.pl> for
the bug report.
2019-07-13 17:37:55 +03:00
Lasse Collin fcc419e3c3 xz: Update man page timestamp. 2019-07-13 17:36:27 +03:00
Pavel Raiskup 5a2fc3cd01 'have have' typos 2019-07-13 17:36:27 +03:00
Lasse Collin 7143b04fe4 xzless: Rename unused variables to silence static analysers.
In this particular case I don't see this affecting readability
of the code.

Thanks to Pavel Raiskup.
2019-07-13 17:17:00 +03:00
Lasse Collin 273c33297b liblzma: Remove an always-true condition from lzma_index_cat().
This should help static analysis tools to see that newg
isn't leaked.

Thanks to Pavel Raiskup.
2019-07-13 17:17:00 +03:00
Lasse Collin 65b4aba6d0 liblzma: Improve lzma_properties_decode() API documentation. 2019-07-13 17:17:00 +03:00
Lasse Collin 531e78e5a2 Update THANKS. 2019-05-01 16:53:55 +03:00
Lasse Collin 905de7e935 Windows: Update VS version in windows/vs2019/config.h. 2019-05-01 16:53:50 +03:00
Julien Marrec 0ffd30e172 Windows: Upgrade solution itself 2019-05-01 16:49:49 +03:00
Julien Marrec c2ef96685f Windows: Upgrade solution with VS2019 2019-05-01 16:49:49 +03:00
Julien Marrec 25fccaf00b Windows: Duplicate windows/vs2017 before upgrading 2019-05-01 16:49:29 +03:00
Lasse Collin 1424078d63 Windows/VS2017: Omit WindowsTargetPlatformVersion from project files.
I understood that if a WTPV is specified, it's often wrong
because different VS installations have different SDK version
installed. Omitting the WTPV tag makes VS2017 default to
Windows SDK 8.1 which often is also missing, so in any case
people may need to specify the WTPV before building. But some
day in the future a missing WTPV tag will start to default to
the latest installed SDK which sounds reasonable:

https://developercommunity.visualstudio.com/content/problem/140294/windowstargetplatformversion-makes-it-impossible-t.html

Thanks to "dom".
2019-05-01 16:47:57 +03:00
Lasse Collin b5be61cc06 Bump version and soname for 5.2.4. 2018-04-29 19:00:06 +03:00
Lasse Collin c47fa6d067 extra/scanlzma: Fix compiler warnings. 2018-04-29 18:59:42 +03:00
Lasse Collin 7b350fe21a Add NEWS for 5.2.4. 2018-04-29 18:15:37 +03:00
Lasse Collin 5801591162 Update THANKS. 2018-03-28 19:24:39 +03:00
Ben Boeckel c4a616f453 nothrow: use noexcept for C++11 and newer
In C++11, the `throw()` specifier is deprecated and `noexcept` is
preffered instead.
2018-03-28 19:24:39 +03:00
Lasse Collin 0b8947782f liblzma: Remove incorrect #ifdef from range_common.h.
In most cases it was harmless but it could affect some
custom build systems.

Thanks to Pippijn van Steenhoven.
2018-03-28 19:24:39 +03:00
Lasse Collin 48f3b9f73f Update THANKS. 2018-03-28 19:24:39 +03:00
Lasse Collin a3ce3e9023 tuklib_integer: New Intel C compiler needs immintrin.h.
Thanks to Melanie Blower (Intel) for the patch.
2018-03-28 19:24:39 +03:00
Lasse Collin 4505ca4839 Update THANKS. 2018-03-28 19:23:09 +03:00
Lasse Collin 1ef3cc226e Windows: Fix paths in VS project files.
Some paths use slashes instead of backslashes as directory
separators... now it should work (I tested VS2013 version).
2018-03-28 19:23:09 +03:00
Lasse Collin e775d2a818 Windows: Add project files for VS2017.
These files match the v5.2 branch (no file info decoder).
2018-03-28 19:23:09 +03:00
Lasse Collin 10e02e0fbb Windows: Move VS2013 files into windows/vs2013 directory. 2018-03-28 19:23:09 +03:00
Lasse Collin 06eebd4543 Fix or hide warnings from GCC 7's -Wimplicit-fallthrough. 2018-03-28 19:16:06 +03:00
Alexey Tourbin ea4ea1dffa Docs: Fix a typo in a comment in doc/examples/02_decompress.c. 2018-03-28 19:16:06 +03:00
Lasse Collin eb2ef4c79b xz: Fix "xz --list --robot missing_or_bad_file.xz".
It ended up printing an uninitialized char-array when trying to
print the check names (column 7) on the "totals" line.

This also changes the column 12 (minimum xz version) to
50000002 (xz 5.0.0) instead of 0 when there are no valid
input files.

Thanks to kidmin for the bug report.
2018-03-28 19:16:06 +03:00
Lasse Collin 3ea5dbd9b0 Build: Omit pre-5.0.0 entries from the generated ChangeLog.
It makes ChangeLog significantly smaller.
2018-03-28 19:16:06 +03:00
Lasse Collin bae2467593 Update the Git repository URL to HTTPS in ChangeLog. 2018-03-28 19:16:06 +03:00
Lasse Collin 70f4792119 Update the home page URLs to HTTPS. 2018-03-28 19:16:06 +03:00
Lasse Collin 2a4b2fa75d xz: Use POSIX_FADV_RANDOM for in "xz --list" mode.
xz --list is random access so POSIX_FADV_SEQUENTIAL was clearly
wrong.
2017-03-30 22:02:10 +03:00
Lasse Collin eb25743ade liblzma: Fix lzma_memlimit_set(strm, 0).
The 0 got treated specially in a buggy way and as a result
the function did nothing. The API doc said that 0 was supposed
to return LZMA_PROG_ERROR but it didn't.

Now 0 is treated as if 1 had been specified. This is done because
0 is already used to indicate an error from lzma_memlimit_get()
and lzma_memusage().

In addition, lzma_memlimit_set() no longer checks that the new
limit is at least LZMA_MEMUSAGE_BASE. It's counter-productive
for the Index decoder and was actually needed only by the
auto decoder. Auto decoder has now been modified to check for
LZMA_MEMUSAGE_BASE.
2017-03-30 19:52:24 +03:00
Lasse Collin ef36c6362f liblzma: Similar memlimit fix for stream_, alone_, and auto_decoder. 2017-03-30 19:52:24 +03:00
Lasse Collin 5761603265 liblzma: Fix handling of memlimit == 0 in lzma_index_decoder().
It returned LZMA_PROG_ERROR, which was done to avoid zero as
the limit (because it's a special value elsewhere), but using
LZMA_PROG_ERROR is simply inconvenient and can cause bugs.

The fix/workaround is to treat 0 as if it were 1 byte. It's
effectively the same thing. The only weird consequence is
that then lzma_memlimit_get() will return 1 even when 0 was
specified as the limit.

This fixes a very rare corner case in xz --list where a specific
memory usage limit and a multi-stream file could print the
error message "Internal error (bug)" instead of saying that
the memory usage limit is too low.
2017-03-30 19:52:24 +03:00
Lasse Collin 3d566cd519 Bump version and soname for 5.2.3. 2016-12-30 13:26:36 +02:00
Lasse Collin 053e624fe3 Update NEWS for 5.2.3. 2016-12-30 13:25:10 +02:00
Lasse Collin cae412b2b7 xz: Fix the Capsicum rights on user_abort_pipe. 2016-12-30 13:13:57 +02:00
Lasse Collin 9ccbae4100 Mention potential sandboxing bugs in INSTALL. 2016-12-28 21:05:22 +02:00
Lasse Collin e013a337d3 liblzma: Avoid multiple definitions of lzma_coder structures.
Only one definition was visible in a translation unit.
It avoided a few casts and temp variables but seems that
this hack doesn't work with link-time optimizations in compilers
as it's not C99/C11 compliant.

Fixes:
http://www.mail-archive.com/xz-devel@tukaani.org/msg00279.html
2016-12-28 19:59:32 +02:00
Lasse Collin 8e0f1af3dc Document --enable-sandbox configure option in INSTALL. 2016-12-26 20:50:25 +02:00
Lasse Collin ce2542d220 xz: Add support for sandboxing with Capsicum (disabled by default).
In the v5.2 branch this feature is considered experimental
and thus disabled by default.

The sandboxing is used conditionally as described in main.c.
This isn't optimal but it was much easier to implement than
a full sandboxing solution and it still covers the most common
use cases where xz is writing to standard output. This should
have practically no effect on performance even with small files
as fork() isn't needed.

C and locale libraries can open files as needed. This has been
fine in the past, but it's a problem with things like Capsicum.
io_sandbox_enter() tries to ensure that various locale-related
files have been loaded before cap_enter() is called, but it's
possible that there are other similar problems which haven't
been seen yet.

Currently Capsicum is available on FreeBSD 10 and later
and there is a port to Linux too.

Thanks to Loganaden Velvindron for help.
2016-12-26 20:40:27 +02:00
Lasse Collin 3ca1d5e632 Fix bugs and otherwise improve ax_check_capsicum.m4.
AU_ALIAS was removed because the new version is incompatible
with the old version.

It no longer checks for <sys/capability.h> separately.
It's enough to test for it as part of AC_CHECK_DECL.
The defines HAVE_CAPSICUM_SYS_CAPSICUM_H and
HAVE_CAPSICUM_SYS_CAPABILITY_H were removed as unneeded.
HAVE_SYS_CAPSICUM_H from AC_CHECK_HEADERS is enough.

It no longer does a useless search for the Capsicum library
if the header wasn't found.

Fixed a bug in ACTION-IF-FOUND (the first argument). Specifying
the argument omitted the default action but the given action
wasn't used instead.

AC_DEFINE([HAVE_CAPSICUM]) is now always called when Capsicum
support is found. Previously it was part of the default
ACTION-IF-FOUND which a custom action would override. Now
the default action only prepends ${CAPSICUM_LIB} to LIBS.

The documentation was updated.

Since there as no serial number, "#serial 2" was added.
2016-12-26 20:37:40 +02:00
Lasse Collin 5f3a742b64 Add m4/ax_check_capsicum.m4 for detecting Capsicum support.
The file was loaded from this web page:
https://github.com/google/capsicum-test/blob/dev/autoconf/m4/ax_check_capsicum.m4

Thanks to Loganaden Velvindron for pointing it out for me.
2016-12-26 20:37:40 +02:00
Lasse Collin d74377e62b liblzma: Fix a memory leak in error path of lzma_index_dup().
lzma_index_dup() calls index_dup_stream() which, in case of
an error, calls index_stream_end() to free memory allocated
by index_stream_init(). However, it illogically didn't
actually free the memory. To make it logical, the tree
handling code was modified a bit in addition to changing
index_stream_end().

Thanks to Evan Nemerson for the bug report.
2016-12-26 17:57:51 +02:00