CI: Add DragonflyBSD

Use --disable-nls --enable-external-sha256 because those are used
in the xz Makefile in the OpenBSD ports tree.

.github/workflows/ci.yml

@@ -18,6 +18,8 @@ on:
   # Allows running workflow manually
   workflow_dispatch:
 
+permissions: {}
+
 jobs:
   POSIX:
     strategy:
@@ -26,7 +28,7 @@ jobs:
         build_system: [autotools, cmake]
     runs-on: ${{ matrix.os }}
     steps:
-      - uses: actions/checkout@v4.1.6
+      - uses: actions/checkout@v4
 
       ########################
       # Install Dependencies #
@@ -156,7 +158,7 @@ jobs:
         run: ./build-aux/ci_build.bash -b ${{ matrix.build_system }} -d small -p test -n small
 
       # Attempt to upload the test logs as artifacts if any step has failed
-      - uses: actions/upload-artifact@v4.3.3
+      - uses: actions/upload-artifact@v4
         if: ${{ failure() }}
         with:
           name: ${{ matrix.os }} ${{ matrix.build_system }} Test Logs

.github/workflows/cifuzz.yml

@@ -0,0 +1,54 @@
+# SPDX-License-Identifier: 0BSD
+
+# Authors: Sam James
+#          Lasse Collin
+#
+# This was written based on the OSS-Fuzz docs:
+# https://google.github.io/oss-fuzz/getting-started/continuous-integration/
+
+name: CIFuzz
+
+on:
+  push:
+    branches: [ master ]
+  workflow_dispatch:
+
+permissions: {}
+
+jobs:
+  CIFuzz:
+    runs-on: ubuntu-latest
+
+    strategy:
+      fail-fast: false
+      matrix:
+        sanitizer: [ address, undefined, memory ]
+
+    steps:
+    - name: Build Fuzzers (${{ matrix.sanitizer }})
+      id: build
+      uses: google/oss-fuzz/infra/cifuzz/actions/build_fuzzers@master
+      with:
+        oss-fuzz-project-name: 'xz'
+        # The language must match the one in project.yaml in OSS-Fuzz:
+        # https://github.com/google/oss-fuzz/blob/master/projects/xz/project.yaml
+        # Thus, use C++ even though there are no C++ files in XZ Utils.
+        language: c++
+        sanitizer: ${{ matrix.sanitizer }}
+
+    - name: Run Fuzzers (${{ matrix.sanitizer }})
+      uses: google/oss-fuzz/infra/cifuzz/actions/run_fuzzers@master
+      with:
+        oss-fuzz-project-name: 'xz'
+        language: c++
+        sanitizer: ${{ matrix.sanitizer }}
+        fuzz-seconds: 600
+        report-timeouts: true
+        report-ooms: true
+
+    - name: Upload Crash
+      uses: actions/upload-artifact@v4
+      if: failure() && steps.build.outcome == 'success'
+      with:
+        name: ${{ matrix.sanitizer }}-artifacts
+        path: ./out/artifacts

.github/workflows/dragonflybsd.yml

@@ -0,0 +1,39 @@
+# SPDX-License-Identifier: 0BSD
+
+name: DragonflyBSD
+
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    branches: [ master ]
+  workflow_dispatch:
+
+permissions: {}
+
+jobs:
+  DragonflyBSD:
+    runs-on: ubuntu-latest
+    name: DragonflyBSD
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Test in DragonflyBSD
+        id: test
+        uses: vmactions/dragonflybsd-vm@e3c420e8a2362c2496fca6e76a291abd46f5d8e7 #v1.1.0
+        with:
+          usesh: true
+          prepare: >
+            pkg install -y
+            autoconf
+            automake
+            gettext-tools
+            libtool
+            m4
+          run: |
+            set -e
+            uname -a
+            ./autogen.sh --no-po4a
+            # Innocent putc() triggers strict-overflow warnings.
+            ./configure --disable-static --enable-debug --enable-werror CFLAGS='-g -O2 -pipe -Wno-error=strict-overflow'
+            make -j4 check

.github/workflows/freebsd.yml

@@ -9,24 +9,47 @@ on:
     branches: [ master ]
   workflow_dispatch:
 
+permissions: {}
+
 jobs:
-  FreeBSD-test:
+  FreeBSD:
-    runs-on: ubuntu-latest
+    strategy:
-    name: Test xz on FreeBSD
+      matrix:
+        include:
+          - host: ubuntu-latest
+            version: 12.4
+            arch: x86_64
+          - host: ubuntu-latest
+            version: 15.0
+            arch: x86_64
+          # - host: ubuntu-24.04-arm
+          #   version: 15.0
+          #   arch: aarch64
+
+    runs-on: ${{ matrix.host }}
+
+    name: FreeBSD
+
     steps:
-    - uses: actions/checkout@v4.1.6
+      - uses: actions/checkout@v4
+
       - name: Test in FreeBSD
-      id: test
+        uses: vmactions/freebsd-vm@c3ae29a132c8ef1924775414107a97cac042aad5 #v1.2.0
-      uses: vmactions/FreeBSD-vm@d7b8fcc7711aa41ad45e8d9b737cf90f035a7e3d #v1.1.3
         with:
+          release: ${{ matrix.release }}
+          arch: ${{ matrix.arch }}
           usesh: true
-        prepare: |
+          prepare: >
-         pkg install -y autoconf automake gmake gettext-tools gtar libtool m4 po4a
+            pkg install -y
+            autoconf
+            automake
+            gettext-tools
+            libtool
+            m4
+            po4a
           run: |
             set -e
-          export LC_ALL=C LANG=C
             uname -a
             ./autogen.sh
-          ./configure --enable-werror
+            ./configure --disable-static --enable-debug --enable-werror
-          make
+            make -j4 check
-          make check VERBOSE=1

.github/workflows/msvc.yml

@@ -0,0 +1,91 @@
+# SPDX-License-Identifier: 0BSD
+
+# Author: Lasse Collin
+
+name: Windows-MSVC
+
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    branches: [ master ]
+  workflow_dispatch:
+
+permissions: {}
+
+jobs:
+  MSVC:
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ windows-2019, windows-latest ]
+
+    runs-on: ${{ matrix.os }}
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Configure Win32
+        run: >
+          cmake
+          -A Win32
+          -B build-msvc-win32
+
+      - name: Build Win32 Debug
+        run: >
+          cmake
+          --build build-msvc-win32
+          --config Debug
+
+      - name: Test Win32 Debug
+        run: >
+          ctest
+          --test-dir build-msvc-win32
+          --build-config Debug
+          --output-on-failure
+
+      - name: Build Win32 Release
+        run: >
+          cmake
+          --build build-msvc-win32
+          --config Release
+
+      # This fails with VS 2019 without b5a5d9e3f702.
+      - name: Test Win32 Release
+        run: >
+          ctest
+          --test-dir build-msvc-win32
+          --build-config Release
+          --output-on-failure
+
+      - name: Configure x64
+        run: >
+          cmake
+          -A x64
+          -B build-msvc-x64
+
+      - name: Build x64 Debug
+        run: >
+          cmake
+          --build build-msvc-x64
+          --config Debug
+
+      - name: Test x64 Debug
+        run: >
+          ctest
+          --test-dir build-msvc-x64
+          --build-config Debug
+          --output-on-failure
+
+      - name: Build x64 Release
+        run: >
+          cmake
+          --build build-msvc-x64
+          --config Release
+
+      - name: Test x64 Release
+        run: >
+          ctest
+          --test-dir build-msvc-x64
+          --build-config Release
+          --output-on-failure

.github/workflows/netbsd.yml

@@ -9,24 +9,31 @@ on:
     branches: [ master ]
   workflow_dispatch:
 
+permissions: {}
+
 jobs:
-  NetBSD-test:
+  NetBSD:
     runs-on: ubuntu-latest
-    name: Test xz on NetBSD
+    name: NetBSD
     steps:
-    - uses: actions/checkout@v4.1.6
+      - uses: actions/checkout@v4
+
       - name: Test in NetBSD
         id: test
-      uses: vmactions/NetBSD-vm@dd0161ecbb6386e562fd098acf367633501487a4 #v1.1.3
+        uses: vmactions/netbsd-vm@46a58bbf03682b4cb24142b97fa315ae52bed573 #v1.1.8
         with:
           usesh: true
-        prepare: |
+          prepare: >
-          /usr/sbin/pkg_add -v autoconf automake gmake gettext-tools gtar-base libtool-base m4 po4a
+            /usr/sbin/pkg_add -v
+            cmake
+            gettext-tools
+            ninja-build
+            po4a
           run: |
             set -e
-          export LC_ALL=C LANG=C
             uname -a
-          ./autogen.sh
+            ./po4a/update-po
-          ./configure --enable-werror
+            # Innocent putc() triggers strict-overflow warnings.
-          make
+            cmake -G Ninja -B build -DBUILD_SHARED_LIBS=ON -DCMAKE_C_FLAGS='-g -O2 -pipe -Wno-error=strict-overflow' -DCMAKE_COMPILE_WARNING_AS_ERROR=ON
-          make check VERBOSE=1
+            ninja -C build
+            ctest --test-dir build --output-on-failure

.github/workflows/openbsd.yml

@@ -9,27 +9,31 @@ on:
     branches: [ master ]
   workflow_dispatch:
 
+permissions: {}
+
 jobs:
-  OpenBSD-test:
+  OpenBSD:
     runs-on: ubuntu-latest
-    name: Test xz on OpenBSD
+    name: OpenBSD
     steps:
-    - uses: actions/checkout@v4.1.6
+      - uses: actions/checkout@v4
+
       - name: Test in OpenBSD
-      id: test
+        uses: vmactions/openbsd-vm@284abc8fb4cd88f69946a0d4c27c4eecd82fdde9 #v1.1.7
-      uses: vmactions/OpenBSD-vm@ebafa4eac4adf5e7d04e5bbb4aa764b75dd160df #v1.1.2
         with:
           usesh: true
-        prepare: |
+          prepare: >
-          /usr/sbin/pkg_add -I -v autoconf-2.71 automake-1.16.5 gmake gettext-tools gtar libtool m4
+            /usr/sbin/pkg_add -I -v
+            autoconf-2.72p0
+            automake-1.16.5
+            gettext-tools
+            libtool
+            m4
           run: |
             set -e
-          export LC_ALL=C LANG=C
+            export AUTOCONF_VERSION=2.72
-          export AUTOCONF_VERSION=2.71
             export AUTOMAKE_VERSION=1.16
             uname -a
-          # OpenBSD ports lack po4a
             ./autogen.sh --no-po4a
-          ./configure --enable-werror
+            ./configure --disable-static --enable-debug --enable-werror --disable-nls --enable-external-sha256
-          make
+            make -j4 check
-          make check VERBOSE=1

.github/workflows/solaris.yml

@@ -9,24 +9,25 @@ on:
     branches: [ master ]
   workflow_dispatch:
 
+permissions: {}
+
 jobs:
-  solaris-test:
+  Solaris:
     runs-on: ubuntu-latest
-    name: Test xz on Solaris
+    name: Solaris
     steps:
-    - uses: actions/checkout@v4.1.6
+      - uses: actions/checkout@v4
+
       - name: Test in Solaris
-      id: test
+        uses: vmactions/solaris-vm@cc8f82fa1a7cc746153ec3f71bf11f311f16e225 #v1.1.1
-      uses: vmactions/solaris-vm@960d7483ffd6ac03397964cf6423a2f41332c9c8 #v1.0.9
         with:
+          release: 11.4-gcc
           usesh: true
-        prepare: |
-          pkg install bash libtool automake gnu-m4 tree wget gcc autoconf //solaris/text/gawk pkg://solaris/text/gnu-diffutils pkg://solaris/text/gnu-grep pkg://solaris/text/gnu-sed
           run: |
             set -e
-          export LC_ALL=C LANG=C
             uname -a
+            # /usr/xpg4/bin isn't in PATH by default.
+            echo "Environment variable PATH: $PATH"
             ./autogen.sh --no-po4a
-          ./configure --enable-werror
+            ./configure --disable-static --enable-debug --enable-werror
-          make
+            make check
-          make check VERBOSE=1

CMakeLists.txt

@@ -2171,8 +2171,10 @@ this many MiB of RAM if xz cannot determine the amount at runtime")
     tuklib_progname(xz)
     tuklib_mbstr(xz)
 
+    if(HAVE_GETOPT_LONG)
         check_symbol_exists(optreset getopt.h HAVE_OPTRESET)
         tuklib_add_definition_if(xz HAVE_OPTRESET)
+    endif()
 
     check_symbol_exists(posix_fadvise fcntl.h HAVE_POSIX_FADVISE)
     tuklib_add_definition_if(xz HAVE_POSIX_FADVISE)

NEWS

@@ -2,6 +2,36 @@
 XZ Utils Release Notes
 ======================
 
+5.8.1 (2025-04-03)
+
+    IMPORTANT: This includes a security fix for CVE-2025-31115 which
+    affects XZ Utils from 5.3.3alpha to 5.8.0. No new 5.4.x or 5.6.x
+    releases will be made, but the fix is in the v5.4 and v5.6 branches
+    in the xz Git repository. A standalone patch for all affected
+    versions is available as well.
+
+    * Multithreaded .xz decoder (lzma_stream_decoder_mt()):
+
+        - Fix a bug that could at least result in a crash with
+          invalid input. (CVE-2025-31115)
+
+        - Fix a performance bug: Only one thread was used if the whole
+          input file was provided at once to lzma_code(), the output
+          buffer was big enough, timeout was disabled, and LZMA_FINISH
+          was used. There are no bug reports about this, thus it's
+          possible that no real-world application was affected.
+
+    * Avoid <stdalign.h> even with C11/C17 compilers. This fixes the
+      build with Oracle Developer Studio 12.6 on Solaris 10 when the
+      compiler is in C11 mode (the header doesn't exist).
+
+    * Autotools: Restore compatibility with GNU make versions older
+      than 4.0 by creating the package using GNU gettext 0.23.1
+      infrastructure instead of 0.24.
+
+    * Update Croatian translation.
+
+
 5.8.0 (2025-03-25)
 
     This bumps the minor version of liblzma because new features were

THANKS

@@ -33,6 +33,7 @@ has been important. :-) In alphabetical order:
   - Cristiano Ceglia
   - Marek Černocký
   - Tomer Chachamu
+  - Aziz Chaudhry
   - Vitaly Chikunov
   - Antoine Cœur
   - Elijah Almeida Coimbra
@@ -42,6 +43,7 @@ has been important. :-) In alphabetical order:
   - Vincent Cruz
   - Gabi Davar
   - Ron Desmond
+  - Antonio Diaz Diaz
   - İhsan Doğan
   - Chris Donawa
   - Andrew Dudman
@@ -94,6 +96,7 @@ has been important. :-) In alphabetical order:
   - Thomas Klausner
   - Richard Koch
   - Anton Kochkov
+  - Harri K. Koskinen
   - Ville Koskinen
   - Sergey Kosukhin
   - Marcin Kowalczyk
@@ -105,6 +108,7 @@ has been important. :-) In alphabetical order:
   - James M Leddy
   - Kelvin Lee
   - Vincent Lefevre
+  - Daniel Leonard
   - Hin-Tak Leung
   - Andraž 'ruskie' Levstik
   - Cary Lewis

doc/SHA256SUMS

@@ -228,3 +228,16 @@ c859193b8619f6818326141ee041870d9b76ba83f55c3c94ebcfcb71e1f79e5d  xz-5.7.1alpha.
 b75a932fa38515e5d3953242b1e3c2e7edd882504b24280f0e9776d596e9cc0d  xz-5.7.2beta.tar
 608ed92561c9f27a1eead76653c6f63c6a40d0a20ec91753ed508ba40f9703b3  xz-5.7.2beta.tar.gz
 98a61e45e5917b93ce17d826ef2d11f9331951882b2558675cdf115cdf3f77c8  xz-5.7.2beta.tar.xz
+bdff4615bf19c46042bced4d7b8c52bdacce61261b39db464d482692c948dd02  xz-5.8.0.tar
+8c107270289807e2047f35d687b4d7a5bb029137f7c89ebdcfa909cb3b674440  xz-5.8.0.tar.bz2
+b523c5e47d1490338c5121bdf2a6ecca2bcf0dce05a83ad40a830029cbe6679b  xz-5.8.0.tar.gz
+05ecad9e71919f4fca9f19fbbc979ea28e230188ed123dc6f06b98031ea14542  xz-5.8.0.tar.xz
+397165cedccb8e16700b8fdd026c3fd7ff2d18923e28cfbf7d0c5f89cd6a50af  xz-5.8.0-windows.zip
+078caa9d406018d4d43df343455f57811e9ba69c1340670a85a0ae6341d42ba3  xz-5.8.0-windows.7z
+ee188eabc3220684422f62df7a385541a86d2a5c385407f9d8fd94d49b251c4e  xz-cve-2025-31115.patch
+c9789682496d124fd214e665f6aa2f6d3d9e8527a7f0e120f9180c531d322bd6  xz-5.8.1.tar
+5965c692c4c8800cd4b33ce6d0f6ac9ac9d6ab227b17c512b6561bce4f08d47e  xz-5.8.1.tar.bz2
+507825b599356c10dca1cd720c9d0d0c9d5400b9de300af00e4d1ea150795543  xz-5.8.1.tar.gz
+0b54f79df85912504de0b14aec7971e3f964491af1812d83447005807513cd9e  xz-5.8.1.tar.xz
+62fdfde73d5c5d293bbb4a96211b29d09adbd56bc6736976e4c9fc9942ae3c67  xz-5.8.1-windows.zip
+8ed1403fe6c971a2a6ac85fb7b27c8438b83175bc6f3bc49fec06540c904c84d  xz-5.8.1-windows.7z

dos/Makefile

@@ -45,7 +45,9 @@ SRCS_C = \
 	../src/common/tuklib_cpucores.c \
 	../src/common/tuklib_exit.c \
 	../src/common/tuklib_mbstr_fw.c \
+	../src/common/tuklib_mbstr_nonprint.c \
 	../src/common/tuklib_mbstr_width.c \
+	../src/common/tuklib_mbstr_wrap.c \
 	../src/common/tuklib_open_stdxxx.c \
 	../src/common/tuklib_physmem.c \
 	../src/common/tuklib_progname.c \

po/hr.po

@@ -13,7 +13,7 @@ msgstr ""
 "Project-Id-Version: xz 5.8.0-pre1\n"
 "Report-Msgid-Bugs-To: xz@tukaani.org\n"
 "POT-Creation-Date: 2025-01-29 20:59+0200\n"
-"PO-Revision-Date: 2025-03-09 11:56-0700\n"
+"PO-Revision-Date: 2025-03-26 21:00-0700\n"
 "Last-Translator: Božidar Putanec <bozidarp@yahoo.com>\n"
 "Language-Team: Croatian <lokalizacija@linux.hr>\n"
 "Language: hr\n"
@@ -69,7 +69,7 @@ msgstr "%s: %s"
 #: src/xz/args.c
 #, c-format
 msgid "The environment variable %s contains too many arguments"
-msgstr "Varijabla okoline '%s' sadrži previše argumenata"
+msgstr "Varijabla okruženja '%s' sadrži previše argumenata"
 
 #: src/xz/args.c
 msgid "Compression support was disabled at build time"
@@ -394,7 +394,7 @@ msgstr "Kontrola:"
 
 #: src/xz/list.c
 msgid "Stream Padding:"
-msgstr "Ispuna toka:"
+msgstr "Dopuna toka:"
 
 #: src/xz/list.c
 msgid "Memory needed:"
@@ -454,7 +454,7 @@ msgstr "KontrVrijedn"
 
 #: src/xz/list.c
 msgid "Padding"
-msgstr "Ispuna"
+msgstr "Dopuna"
 
 #: src/xz/list.c
 msgid "Header"
@@ -1013,7 +1013,7 @@ msgstr "Valid OPTS za sve BCJ filtre:"
 #. This is word wrapped at spaces. The Unicode character U+00A0 works as a non-breaking space. Tab (\t) is interpret as a zero-width space (the tab itself is not displayed); U+200B is NOT supported. Manual word wrapping with \n is supported but requires care.
 #: src/xz/message.c
 msgid "start offset for conversions (default=0)"
-msgstr "početni odmak za konverzije (zadano=0)"
+msgstr "početni pomak za konverzije (zadano=0)"
 
 #. This is word wrapped at spaces. The Unicode character U+00A0 works as a non-breaking space. Tab (\t) is interpret as a zero-width space (the tab itself is not displayed); U+200B is NOT supported. Manual word wrapping with \n is supported but requires care.
 #: src/xz/message.c
@@ -1160,12 +1160,12 @@ msgstr "%s: Nevaljana ekstenzija u imenu datoteke"
 
 #: src/xz/util.c src/liblzma/common/string_conversion.c
 msgid "Value is not a non-negative decimal integer"
-msgstr "Vrijednost nije nula ili pozitivni decimalni cijeli broj"
+msgstr "Vrijednost nije nula ili pozitivni dekadski cijeli broj"
 
 #: src/xz/util.c
 #, c-format
 msgid "%s: Invalid multiplier suffix"
-msgstr "%s: Nevaljana sufiks-množitelj"
+msgstr "%s: Nevaljani sufiks-množitelj"
 
 #: src/xz/util.c
 msgid "Valid suffixes are 'KiB' (2^10), 'MiB' (2^20), and 'GiB' (2^30)."

src/common/sysdefs.h

@@ -172,7 +172,9 @@ typedef unsigned char _Bool;
 #if __STDC_VERSION__ >= 202311
 	// alignas is a keyword in C23. Do nothing.
 #elif __STDC_VERSION__ >= 201112
-#	include <stdalign.h>
+	// Oracle Developer Studio 12.6 lacks <stdalign.h>.
+	// For simplicity, avoid the header with all C11/C17 compilers.
+#	define alignas _Alignas
 #elif defined(__GNUC__) || defined(__clang__)
 #	define alignas(n) __attribute__((__aligned__(n)))
 #else

src/liblzma/Makefile.am

@@ -20,7 +20,7 @@ liblzma_la_CPPFLAGS = \
 	-I$(top_srcdir)/src/liblzma/simple \
 	-I$(top_srcdir)/src/common \
 	-DTUKLIB_SYMBOL_PREFIX=lzma_
-liblzma_la_LDFLAGS = -no-undefined -version-info 13:0:8
+liblzma_la_LDFLAGS = -no-undefined -version-info 13:1:8
 
 EXTRA_DIST += liblzma_generic.map liblzma_linux.map validate_map.sh
 if COND_SYMVERS_GENERIC

src/liblzma/api/lzma/container.h

@@ -843,8 +843,7 @@ extern LZMA_API(lzma_ret) lzma_alone_decoder(
 /**
  * \brief       Initialize .lz (lzip) decoder (a foreign file format)
  *
- * This decoder supports the .lz format version 0 and the unextended .lz
+ * This decoder supports the .lz format versions 0 and 1:
- * format version 1:
  *
  *   - Files in the format version 0 were produced by lzip 1.3 and older.
  *     Such files aren't common but may be found from file archives
@@ -853,12 +852,12 @@ extern LZMA_API(lzma_ret) lzma_alone_decoder(
  *     support for the format version 0 was removed in lzip 1.18.
  *
  *   - lzip 1.3 added decompression support for .lz format version 1 files.
- *     Compression support was added in lzip 1.4. In lzip 1.6 the .lz format
+ *     Compression support was added in lzip 1.4.
- *     version 1 was extended to support the Sync Flush marker. This extension
+ *
- *     is not supported by liblzma. lzma_code() will return LZMA_DATA_ERROR
+ *   - lzlib extends version 1 format with the Sync Flush marker. This
- *     at the location of the Sync Flush marker. In practice files with
+ *     extension is only meant for lzlib use; it's not valid in normal .lz
- *     the Sync Flush marker are very rare and thus liblzma can decompress
+ *     files. This extension is not supported by liblzma. lzma_code() will
- *     almost all .lz files.
+ *     return LZMA_DATA_ERROR at the location of the Sync Flush marker.
  *
  * Just like with lzma_stream_decoder() for .xz files, LZMA_CONCATENATED
  * should be used when decompressing normal standalone .lz files.

src/liblzma/api/lzma/version.h

@@ -22,7 +22,7 @@
 #define LZMA_VERSION_MINOR 8
 
 /** \brief Patch version number of the liblzma release. */
-#define LZMA_VERSION_PATCH 0
+#define LZMA_VERSION_PATCH 1
 
 /**
  * \brief Version stability marker

src/liblzma/check/crc64_fast.c

@@ -146,14 +146,6 @@ crc64_dispatch(const uint8_t *buf, size_t size, uint64_t crc)
 extern LZMA_API(uint64_t)
 lzma_crc64(const uint8_t *buf, size_t size, uint64_t crc)
 {
-#if defined(_MSC_VER) && !defined(__INTEL_COMPILER) && !defined(__clang__) \
-		&& defined(_M_IX86) && defined(CRC64_ARCH_OPTIMIZED)
-	// VS2015-2022 might corrupt the ebx register on 32-bit x86 when
-	// the CLMUL code is enabled. This hack forces MSVC to store and
-	// restore ebx. This is only needed here, not in lzma_crc32().
-	__asm  mov ebx, ebx
-#endif
-
 #if defined(CRC64_GENERIC) && defined(CRC64_ARCH_OPTIMIZED)
 	return crc64_func(buf, size, crc);
 

src/liblzma/check/crc_common.h

@@ -134,10 +134,20 @@ extern const uint64_t lzma_crc64_table[4][256];
 	//     built and runtime detection is used even if compiler flags
 	//     were set to allow CLMUL unconditionally.
 	//
-	//   - This doesn't work with MSVC as I don't know how to detect
+	//   - The unconditional use doesn't work with MSVC as I don't know
-	//     the features here.
+	//     how to detect the features here.
 	//
-#	if (defined(__SSSE3__) && defined(__SSE4_1__) && defined(__PCLMUL__) \
+	// Don't enable CLMUL at all on old MSVC that targets 32-bit x86.
+	// There seems to be a compiler bug that produces broken code
+	// in optimized (Release) builds. It results in crashing tests.
+	// It is known that VS 2019 16.11 (MSVC 19.29.30158) is broken
+	// and that VS 2022 17.13 (MSVC 19.43.34808) works.
+#	if defined(_MSC_FULL_VER) && _MSC_FULL_VER < 194334808 \
+			&& !defined(__INTEL_COMPILER) && !defined(__clang__) \
+			&& defined(_M_IX86)
+		// Old MSVC targeting 32-bit x86: Don't enable CLMUL at all.
+#	elif (defined(__SSSE3__) && defined(__SSE4_1__) \
+			&& defined(__PCLMUL__) \
 			&& !defined(HAVE_CRC_X86_ASM)) \
 		|| (defined(__e2k__) && __iset__ >= 6)
 #		define CRC32_ARCH_OPTIMIZED 1

src/liblzma/common/common.c

@@ -96,6 +96,12 @@ lzma_bufcpy(const uint8_t *restrict in, size_t *restrict in_pos,
 		size_t in_size, uint8_t *restrict out,
 		size_t *restrict out_pos, size_t out_size)
 {
+	assert(in != NULL || *in_pos == in_size);
+	assert(out != NULL || *out_pos == out_size);
+
+	assert(*in_pos <= in_size);
+	assert(*out_pos <= out_size);
+
 	const size_t in_avail = in_size - *in_pos;
 	const size_t out_avail = out_size - *out_pos;
 	const size_t copy_size = my_min(in_avail, out_avail);

src/liblzma/common/stream_decoder_mt.c

@@ -23,15 +23,10 @@ typedef enum {
 	THR_IDLE,
 
 	/// Decoding is in progress.
-	/// Main thread may change this to THR_STOP or THR_EXIT.
+	/// Main thread may change this to THR_IDLE or THR_EXIT.
 	/// The worker thread may change this to THR_IDLE.
 	THR_RUN,
 
-	/// The main thread wants the thread to stop whatever it was doing
-	/// but not exit. Main thread may change this to THR_EXIT.
-	/// The worker thread may change this to THR_IDLE.
-	THR_STOP,
-
 	/// The main thread wants the thread to exit.
 	THR_EXIT,
 
@@ -346,27 +341,6 @@ worker_enable_partial_update(void *thr_ptr)
 }
 
 
-/// Things do to at THR_STOP or when finishing a Block.
-/// This is called with thr->mutex locked.
-static void
-worker_stop(struct worker_thread *thr)
-{
-	// Update memory usage counters.
-	thr->coder->mem_in_use -= thr->in_size;
-	thr->in_size = 0; // thr->in was freed above.
-
-	thr->coder->mem_in_use -= thr->mem_filters;
-	thr->coder->mem_cached += thr->mem_filters;
-
-	// Put this thread to the stack of free threads.
-	thr->next = thr->coder->threads_free;
-	thr->coder->threads_free = thr;
-
-	mythread_cond_signal(&thr->coder->cond);
-	return;
-}
-
-
 static MYTHREAD_RET_TYPE
 worker_decoder(void *thr_ptr)
 {
@@ -397,17 +371,6 @@ next_loop_unlocked:
 		return MYTHREAD_RET_VALUE;
 	}
 
-	if (thr->state == THR_STOP) {
-		thr->state = THR_IDLE;
-		mythread_mutex_unlock(&thr->mutex);
-
-		mythread_sync(thr->coder->mutex) {
-			worker_stop(thr);
-		}
-
-		goto next_loop_lock;
-	}
-
 	assert(thr->state == THR_RUN);
 
 	// Update progress info for get_progress().
@@ -472,8 +435,7 @@ next_loop_unlocked:
 	}
 
 	// Either we finished successfully (LZMA_STREAM_END) or an error
-	// occurred. Both cases are handled almost identically. The error
+	// occurred.
-	// case requires updating thr->coder->thread_error.
 	//
 	// The sizes are in the Block Header and the Block decoder
 	// checks that they match, thus we know these:
@@ -481,16 +443,30 @@ next_loop_unlocked:
 	assert(ret != LZMA_STREAM_END
 		|| thr->out_pos == thr->block_options.uncompressed_size);
 
-	// Free the input buffer. Don't update in_size as we need
-	// it later to update thr->coder->mem_in_use.
-	lzma_free(thr->in, thr->allocator);
-	thr->in = NULL;
-
 	mythread_sync(thr->mutex) {
+		// Block decoder ensures this, but do a sanity check anyway
+		// because thr->in_filled < thr->in_size means that the main
+		// thread is still writing to thr->in.
+		if (ret == LZMA_STREAM_END && thr->in_filled != thr->in_size) {
+			assert(0);
+			ret = LZMA_PROG_ERROR;
+		}
+
 		if (thr->state != THR_EXIT)
 			thr->state = THR_IDLE;
 	}
 
+	// Free the input buffer. Don't update in_size as we need
+	// it later to update thr->coder->mem_in_use.
+	//
+	// This step is skipped if an error occurred because the main thread
+	// might still be writing to thr->in. The memory will be freed after
+	// threads_end() sets thr->state = THR_EXIT.
+	if (ret == LZMA_STREAM_END) {
+		lzma_free(thr->in, thr->allocator);
+		thr->in = NULL;
+	}
+
 	mythread_sync(thr->coder->mutex) {
 		// Move our progress info to the main thread.
 		thr->coder->progress_in += thr->in_pos;
@@ -510,7 +486,20 @@ next_loop_unlocked:
 				&& thr->coder->thread_error == LZMA_OK)
 			thr->coder->thread_error = ret;
 
-		worker_stop(thr);
+		// Return the worker thread to the stack of available
+		// threads only if no errors occurred.
+		if (ret == LZMA_STREAM_END) {
+			// Update memory usage counters.
+			thr->coder->mem_in_use -= thr->in_size;
+			thr->coder->mem_in_use -= thr->mem_filters;
+			thr->coder->mem_cached += thr->mem_filters;
+
+			// Put this thread to the stack of free threads.
+			thr->next = thr->coder->threads_free;
+			thr->coder->threads_free = thr;
+		}
+
+		mythread_cond_signal(&thr->coder->cond);
 	}
 
 	goto next_loop_lock;
@@ -544,17 +533,22 @@ threads_end(struct lzma_stream_coder *coder, const lzma_allocator *allocator)
 }
 
 
+/// Tell worker threads to stop without doing any cleaning up.
+/// The clean up will be done when threads_exit() is called;
+/// it's not possible to reuse the threads after threads_stop().
+///
+/// This is called before returning an unrecoverable error code
+/// to the application. It would be waste of processor time
+/// to keep the threads running in such a situation.
 static void
 threads_stop(struct lzma_stream_coder *coder)
 {
 	for (uint32_t i = 0; i < coder->threads_initialized; ++i) {
+		// The threads that are in the THR_RUN state will stop
+		// when they check the state the next time. There's no
+		// need to signal coder->threads[i].cond.
 		mythread_sync(coder->threads[i].mutex) {
-			// The state must be changed conditionally because
+			coder->threads[i].state = THR_IDLE;
-			// THR_IDLE -> THR_STOP is not a valid state change.
-			if (coder->threads[i].state != THR_IDLE) {
-				coder->threads[i].state = THR_STOP;
-				mythread_cond_signal(&coder->threads[i].cond);
-			}
 		}
 	}
 
@@ -1546,10 +1540,17 @@ stream_decode_mt(void *coder_ptr, const lzma_allocator *allocator,
 		// Read output from the output queue. Just like in
 		// SEQ_BLOCK_HEADER, we wait to fill the output buffer
 		// only if waiting_allowed was set to true in the beginning
-		// of this function (see the comment there).
+		// of this function (see the comment there) and there is
+		// no input available. In SEQ_BLOCK_HEADER, there is never
+		// input available when read_output_and_wait() is called,
+		// but here there can be when LZMA_FINISH is used, thus we
+		// need to check if *in_pos == in_size. Otherwise we would
+		// wait here instead of using the available input to start
+		// a new thread.
 		return_if_error(read_output_and_wait(coder, allocator,
 				out, out_pos, out_size,
-				NULL, waiting_allowed,
+				NULL,
+				waiting_allowed && *in_pos == in_size,
 				&wait_abs, &has_blocked));
 
 		if (coder->pending_error != LZMA_OK) {
@@ -1558,6 +1559,10 @@ stream_decode_mt(void *coder_ptr, const lzma_allocator *allocator,
 		}
 
 		// Return if the input didn't contain the whole Block.
+		//
+		// NOTE: When we updated coder->thr->in_filled a few lines
+		// above, the worker thread might by now have finished its
+		// work and returned itself back to the stack of free threads.
 		if (coder->thr->in_filled < coder->thr->in_size) {
 			assert(*in_pos == in_size);
 			return LZMA_OK;
@@ -1941,7 +1946,7 @@ stream_decoder_mt_init(lzma_next_coder *next, const lzma_allocator *allocator,
 	// accounting from scratch, too. Changes in filter and block sizes may
 	// affect number of threads.
 	//
-	// FIXME? Reusing should be easy but unlike the single-threaded
+	// Reusing threads doesn't seem worth it. Unlike the single-threaded
 	// decoder, with some types of input file combinations reusing
 	// could leave quite a lot of memory allocated but unused (first
 	// file could allocate a lot, the next files could use fewer

src/xz/xz.1

@@ -615,7 +615,7 @@ Compression is not supported.
 .IP ""
 The
 .B .lz
-format version 0 and the unextended version 1 are supported.
+format versions 0 and 1 are supported.
 Version 0 files were produced by
 .B lzip
 1.3 and older.
@@ -625,15 +625,8 @@ People might have old personal files in this format too.
 Decompression support for the format version 0 was removed in
 .B lzip
 1.18.
-.IP ""
 .B lzip
 1.4 and later create files in the format version 1.
-The sync flush marker extension to the format version 1 was added in
-.B lzip
-1.6.
-This extension is rarely used and isn't supported by
-.B xz
-(diagnosed as corrupt input).
 .TP
 .B raw
 Compress or uncompress a raw stream (no headers).

tests/ossfuzz/config/fuzz_decode_stream_mt.options

@@ -0,0 +1,4 @@
+# SPDX-License-Identifier: 0BSD
+
+[libfuzzer]
+dict = fuzz_xz.dict

tests/ossfuzz/fuzz_common.h

@@ -20,6 +20,9 @@
 // prevent extreme allocations when fuzzing.
 #define MEM_LIMIT (300 << 20) // 300 MiB
 
+// Amount of input to pass to lzma_code() per call at most.
+#define IN_CHUNK_SIZE 2047
+
 
 static void
 fuzz_code(lzma_stream *stream, const uint8_t *inbuf, size_t inbuf_size) {
@@ -27,15 +30,29 @@ fuzz_code(lzma_stream *stream, const uint8_t *inbuf, size_t inbuf_size) {
 	// cares about the actual data written here.
 	uint8_t outbuf[4096];
 
-	// Give the whole input buffer at once to liblzma.
+	// Pass half of the input on the first call and then proceed in
-	// Output buffer isn't initialized as liblzma only writes to it.
+	// chunks. It's fine that this rounds to 0 when inbuf_size is 1.
 	stream->next_in = inbuf;
-	stream->avail_in = inbuf_size;
+	stream->avail_in = inbuf_size / 2;
-	stream->next_out = outbuf;
+
-	stream->avail_out = sizeof(outbuf);
+	lzma_action action = LZMA_RUN;
 
 	lzma_ret ret;
-	while ((ret = lzma_code(stream, LZMA_FINISH)) == LZMA_OK) {
+	do {
+		if (stream->avail_in == 0 && inbuf_size > 0) {
+			const size_t chunk_size = inbuf_size < IN_CHUNK_SIZE
+					? inbuf_size : IN_CHUNK_SIZE;
+
+			stream->next_in = inbuf;
+			stream->avail_in = chunk_size;
+
+			inbuf += chunk_size;
+			inbuf_size -= chunk_size;
+
+			if (inbuf_size == 0)
+				action = LZMA_FINISH;
+		}
+
 		if (stream->avail_out == 0) {
 			// outbuf became full. We don't care about the
 			// uncompressed data there, so we simply reuse
@@ -43,7 +60,7 @@ fuzz_code(lzma_stream *stream, const uint8_t *inbuf, size_t inbuf_size) {
 			stream->next_out = outbuf;
 			stream->avail_out = sizeof(outbuf);
 		}
-	}
+	} while ((ret = lzma_code(stream, action)) == LZMA_OK);
 
 	// LZMA_PROG_ERROR should never happen as long as the code calling
 	// the liblzma functions is correct. Thus LZMA_PROG_ERROR is a sign

tests/ossfuzz/fuzz_decode_stream_mt.c

@@ -0,0 +1,47 @@
+// SPDX-License-Identifier: 0BSD
+
+///////////////////////////////////////////////////////////////////////////////
+//
+/// \file       fuzz_decode_stream_mt.c
+/// \brief      Fuzz test program for multithreaded .xz decoding
+//
+//  Author:     Lasse Collin
+//
+///////////////////////////////////////////////////////////////////////////////
+
+#include <inttypes.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include "lzma.h"
+#include "fuzz_common.h"
+
+
+extern int
+LLVMFuzzerTestOneInput(const uint8_t *inbuf, size_t inbuf_size)
+{
+	lzma_stream strm = LZMA_STREAM_INIT;
+
+	lzma_mt mt = {
+		.flags = LZMA_CONCATENATED | LZMA_IGNORE_CHECK,
+		.threads = 2,
+		.timeout = 0,
+		.memlimit_threading = MEM_LIMIT / 2,
+		.memlimit_stop = MEM_LIMIT,
+	};
+
+	lzma_ret ret = lzma_stream_decoder_mt(&strm, &mt);
+
+	if (ret != LZMA_OK) {
+		// This should never happen unless the system has
+		// no free memory or address space to allow the small
+		// allocations that the initialization requires.
+		fprintf(stderr, "lzma_stream_decoder_mt() failed (%d)\n", ret);
+		abort();
+	}
+
+	fuzz_code(&strm, inbuf, inbuf_size);
+
+	lzma_end(&strm);
+
+	return 0;
+}