mirror of
https://git.FreeBSD.org/ports.git
synced 2025-01-28 10:08:24 +00:00
694ecd186a
- Do not use :: in patch file names. - Patch for CAN-2003-1023 is now contained in patch-vfs-direntry.c. - Bump PORTREVISION. Submitted by: Jakub Jelinek <jakub@redhat.com>
142 lines
4.4 KiB
C
142 lines
4.4 KiB
C
--- vfs/cpio.c.orig Sun Dec 8 07:12:28 2002
|
|
+++ vfs/cpio.c Tue Jun 15 03:15:09 2004
|
|
@@ -103,9 +103,9 @@
|
|
|
|
static struct defer_inode * defer_find(struct defer_inode *l, struct defer_inode *i)
|
|
{
|
|
- if(!l) return NULL;
|
|
- return l->inumber == i->inumber && l->device == i->device ? l :
|
|
- defer_find(l->next, i);
|
|
+ while (l && (l->inumber != i->inumber || l->device != i->device))
|
|
+ l = l->next;
|
|
+ return l;
|
|
}
|
|
|
|
static int cpio_skip_padding(vfs_s_super *super)
|
|
@@ -127,8 +127,14 @@
|
|
|
|
static void cpio_free_archive(vfs *me, vfs_s_super *super)
|
|
{
|
|
+ struct defer_inode *l, *lnext;
|
|
if(super->u.cpio.fd != -1)
|
|
- mc_close(super->u.cpio.fd);
|
|
+ mc_close(super->u.cpio.fd), super->u.cpio.fd = -1;
|
|
+ for (l = super->u.cpio.defered; l; l = lnext) {
|
|
+ lnext = l->next;
|
|
+ g_free (l);
|
|
+ }
|
|
+ super->u.cpio.defered = NULL;
|
|
}
|
|
|
|
static int cpio_open_cpio_file(vfs *me, vfs_s_super *super, char *name)
|
|
@@ -246,26 +252,34 @@
|
|
#define HEAD_LENGTH (26)
|
|
static int cpio_read_bin_head(vfs *me, vfs_s_super *super)
|
|
{
|
|
- struct old_cpio_header buf;
|
|
+ union {
|
|
+ struct old_cpio_header buf;
|
|
+ short shorts[HEAD_LENGTH >> 1];
|
|
+ } u;
|
|
int len;
|
|
char *name;
|
|
struct stat stat;
|
|
|
|
- if((len = mc_read(super->u.cpio.fd, (char *)&buf, HEAD_LENGTH)) < HEAD_LENGTH)
|
|
+ if((len = mc_read(super->u.cpio.fd, (char *)&u.buf, HEAD_LENGTH)) < HEAD_LENGTH)
|
|
return STATUS_EOF;
|
|
CPIO_POS(super) += len;
|
|
if(super->u.cpio.type == CPIO_BINRE) {
|
|
int i;
|
|
for(i = 0; i < (HEAD_LENGTH >> 1); i++)
|
|
- ((short *)&buf)[i] = GUINT16_SWAP_LE_BE(((short *)&buf)[i]);
|
|
+ u.shorts[i] = GUINT16_SWAP_LE_BE(u.shorts[i]);
|
|
}
|
|
- g_assert(buf.c_magic == 070707);
|
|
+ g_assert(u.buf.c_magic == 070707);
|
|
|
|
- name = g_malloc(buf.c_namesize);
|
|
- if((len = mc_read(super->u.cpio.fd, name, buf.c_namesize)) < buf.c_namesize){
|
|
+ if (u.buf.c_namesize == 0 || u.buf.c_namesize > MC_MAXPATHLEN) {
|
|
+ message (1, MSG_ERROR, _("Corrupted cpio header encountered in\n%s"), super->name);
|
|
+ return STATUS_FAIL;
|
|
+ }
|
|
+ name = g_malloc(u.buf.c_namesize);
|
|
+ if((len = mc_read(super->u.cpio.fd, name, u.buf.c_namesize)) < u.buf.c_namesize){
|
|
g_free(name);
|
|
return STATUS_EOF;
|
|
}
|
|
+ name[u.buf.c_namesize - 1] = '\0';
|
|
CPIO_POS(super) += len;
|
|
cpio_skip_padding(super);
|
|
|
|
@@ -274,15 +288,15 @@
|
|
return STATUS_TRAIL;
|
|
}
|
|
|
|
- stat.st_dev = buf.c_dev;
|
|
- stat.st_ino = buf.c_ino;
|
|
- stat.st_mode = buf.c_mode;
|
|
- stat.st_nlink = buf.c_nlink;
|
|
- stat.st_uid = buf.c_uid;
|
|
- stat.st_gid = buf.c_gid;
|
|
- stat.st_rdev = buf.c_rdev;
|
|
- stat.st_size = (buf.c_filesizes[0] << 16) | buf.c_filesizes[1];
|
|
- stat.st_atime = stat.st_mtime = stat.st_ctime = (buf.c_mtimes[0] << 16) | buf.c_mtimes[1];
|
|
+ stat.st_dev = u.buf.c_dev;
|
|
+ stat.st_ino = u.buf.c_ino;
|
|
+ stat.st_mode = u.buf.c_mode;
|
|
+ stat.st_nlink = u.buf.c_nlink;
|
|
+ stat.st_uid = u.buf.c_uid;
|
|
+ stat.st_gid = u.buf.c_gid;
|
|
+ stat.st_rdev = u.buf.c_rdev;
|
|
+ stat.st_size = (u.buf.c_filesizes[0] << 16) | u.buf.c_filesizes[1];
|
|
+ stat.st_atime = stat.st_mtime = stat.st_ctime = (u.buf.c_mtimes[0] << 16) | u.buf.c_mtimes[1];
|
|
|
|
return cpio_create_entry(me, super, &stat, name);
|
|
}
|
|
@@ -310,11 +324,16 @@
|
|
return STATUS_FAIL;
|
|
}
|
|
|
|
+ if (hd.c_namesize == 0 || hd.c_namesize > MC_MAXPATHLEN) {
|
|
+ message (1, MSG_ERROR, _("Corrupted cpio header encountered in\n%s"), super->name);
|
|
+ return STATUS_FAIL;
|
|
+ }
|
|
name = g_malloc(hd.c_namesize);
|
|
if((len = mc_read(super->u.cpio.fd, name, hd.c_namesize)) < hd.c_namesize) {
|
|
g_free (name);
|
|
return STATUS_EOF;
|
|
}
|
|
+ name[hd.c_namesize - 1] = '\0';
|
|
CPIO_POS(super) += len;
|
|
cpio_skip_padding(super);
|
|
|
|
@@ -365,11 +384,16 @@
|
|
(super->u.cpio.type == CPIO_CRC && hd.c_magic != 070702))
|
|
return STATUS_FAIL;
|
|
|
|
+ if (hd.c_namesize == 0 || hd.c_namesize > MC_MAXPATHLEN) {
|
|
+ message (1, MSG_ERROR, _("Corrupted cpio header encountered in\n%s"), super->name);
|
|
+ return STATUS_FAIL;
|
|
+ }
|
|
name = g_malloc(hd.c_namesize);
|
|
if((len = mc_read(super->u.cpio.fd, name, hd.c_namesize)) < hd.c_namesize){
|
|
g_free (name);
|
|
return STATUS_EOF;
|
|
}
|
|
+ name[hd.c_namesize - 1] = '\0';
|
|
CPIO_POS(super) += len;
|
|
cpio_skip_padding(super);
|
|
|
|
@@ -430,7 +454,8 @@
|
|
message_3s(1, MSG_ERROR, _("Inconsistent hardlinks of\n%s\nin cpio archive\n%s"),
|
|
name, super->name);
|
|
inode = NULL;
|
|
- }
|
|
+ } else if (!inode->st.st_size)
|
|
+ inode->st.st_size = stat->st_size;
|
|
}
|
|
}
|
|
|