Home | History | Annotate | Download | only in gzip
History log of /src/usr.bin/gzip/zuncompress.c
RevisionDateAuthorComments
 1.11  16-Aug-2011  joerg Do proper input validation without penalizing performance.
 1.10  16-Aug-2011  christos set errno on overflow return.
 1.9  16-Aug-2011  christos provisional fix for CVS-2011-2895, buffer overflow when uncompressing
 1.8  06-Nov-2010  mrg pull across a few changes from the freebsd folks:

http://svn.freebsd.org/changeset/base/213044
- fixes gunzip issues
http://svn.freebsd.org/changeset/base/213927
- fixes various typos and comments

and also an older change to add support for bzip2's "-k" option:
don't delete the input file


thanks!
 1.7  12-Apr-2009  lukem fix sign-compare issues
 1.6  22-Nov-2005  mrg branches: 1.6.6; 1.6.16; 1.6.28; 1.6.30; 1.6.32; 1.6.36;
apply a patch from onno van der linden in PR#32070 that fixes
these problems:
1) gzip -vt just prints the contents of a .Z file
2) gzip -vt will print OK even if the .gz file is corrupt
3) gzip -vt prints nothing with a .bz2 file
4) gzip can loop endlessly with a corrupt .bz2 file
 1.5  30-Aug-2004  dsl branches: 1.5.2;
Redo suffix handling so that gunzip xxx.tgx => xxx.tar
Rework logic of gz_{un}compress to make it much less likely to leak fds
(at least 2 non-error paths leaked them!)
Make -S ".xyz" and -S "" both do something sensible.
Make in-situ compression work - only lose the file on error.
Pass an open fd to zopen (renamed zdopen) to avoid fd leakage (was badly borked)
Write header into first 64k output block to writes are aligned.
(more efficient and might avoid some problem with code that doesn't
like receiving partial buffers)
Check file size on compression - double checks against fs full.
Remove some pointless casts, and otherwise simplify some logic.
 1.4  25-May-2004  mrg - fix "gzip -t" to not output anything by default. PR#25507
- fix any decompression on corrupted gzip files. PR#25508
- ask to overwrite files if we have a tty, rather than failing the
operation. PR#25509.
- clean up maybe_err()/maybe_warn(): use maybe_err() only for fatal
errors. maybe_warn() is for processing errors. this allows
"gzip -d file1.gz file2.gz" to decompress file2.gz even if file1.gz
is corrupted, etc.
- change the internal compressor/decompressor API to return "-1" on
failure, not 0. this allows for 0-sized files to be decompressed
correctly.
 1.3  25-Apr-2004  mrg significantly rototill. don't use the high-level gzio functions
anymore, use the low-level inflate()/deflate() directly. this
allows support file-type detection on stdin; now can decompress
.Z and .bz2 files fed to stdin (fixes PR#25192) additionally it
makes -v work with stdin or stdout (fixes PR#25215.)

(with these changes, we no longer need gzopenfull(3) in libz.)

thanks to martin@ for the code gzip.c:gz_uncompress() is based on.
 1.2  18-Feb-2004  he branches: 1.2.2;
Fix mismatched type error in fropen() usage by converting return
type of zread() from ssize_t to int.
 1.1  18-Feb-2004  mrg support decompressing "compress"ed files. from rtr@ with a few minor edits
from me. code in zuncompress liberally borrowed from usr.bin/compress.
 1.2.2.2  30-May-2004  tron branches: 1.2.2.2.2;
Pull up revision 1.4 (requested by mrg in ticket #420):
- fix "gzip -t" to not output anything by default. PR#25507
- fix any decompression on corrupted gzip files. PR#25508
- ask to overwrite files if we have a tty, rather than failing the
operation. PR#25509.
- clean up maybe_err()/maybe_warn(): use maybe_err() only for fatal
errors. maybe_warn() is for processing errors. this allows
"gzip -d file1.gz file2.gz" to decompress file2.gz even if file1.gz
is corrupted, etc.
- change the internal compressor/decompressor API to return "-1" on
failure, not 0. this allows for 0-sized files to be decompressed
correctly.
 1.2.2.1  29-Apr-2004  jmc Pullup rev 1.3 (requested by mrg in ticket #223)

Mega patch fixes several issues & bugs in gzip:
- stdin bz2/compress support
- gzip -v pipe support
- various robustness issues
- no more .Sh BUGS in gzip.1
 1.2.2.2.2.2  14-Dec-2005  jmc Pullup rev 1.6 (requested by mrg in ticket #10172)

Fix a few issues:
gzip -vt just prints the contents of a .Z file
gzip -vt will print OK even if the .gz file is corrupt
gzip -vt prints nothing with a .bz2 file
gzip can loop endlessly with a corrupt .bz2 file
Don't warn about >4GB files not having their size correctly stored.
PR#32105 PR#32070
 1.2.2.2.2.1  24-Jul-2005  tron Apply patch (requested by riz in ticket #1111):
Synchronize gzip(1) with NetBSD-current.
 1.5.2.1  27-Nov-2005  riz Pull up following revision(s) (requested by mrg in ticket #1009):
usr.bin/gzip/unbzip2.c: revision 1.9
usr.bin/gzip/gzip.c: revision 1.78
usr.bin/gzip/zuncompress.c: revision 1.6
apply a patch from onno van der linden in PR#32070 that fixes
these problems:
1) gzip -vt just prints the contents of a .Z file
2) gzip -vt will print OK even if the .gz file is corrupt
3) gzip -vt prints nothing with a .bz2 file
4) gzip can loop endlessly with a corrupt .bz2 file
 1.6.36.2  15-Mar-2015  snj Pull up following revision(s) (requested by mrg in ticket #1951):
usr.bin/gzip/Makefile: patch
usr.bin/gzip/gzip.1: revisions 1.20-1.24
usr.bin/gzip/gzip.c: revisions 1.98-1.107
usr.bin/gzip/zuncompress.c: revisions 1.7-1.8
Sync gzip core with HEAD.
 1.6.36.1  19-Aug-2011  riz Pull up following revision(s) (requested by joerg in ticket #1661):
xsrc/external/mit/libXfont/dist/src/fontfile/decompress.c: revision 1.2
xsrc/external/mit/libXfont/dist/src/fontfile/decompress.c: revision 1.3
src/usr.bin/gzip/zuncompress.c: revision 1.9-1.11
src/usr.bin/compress/zopen.c: revision 1.14-1.15
xsrc/xfree/xc/lib/font/fontfile/decompress.c: revision 1.2
xsrc/xfree/xc/extras/freetype2/src/lzw/zopen.c: revision 1.2
xsrc/external/mit/freetype/dist/src/lzw/ftzopen.c: revision 1.4
P
Fix CVS-2011-2895, buffer overflow in decompress
provisional fix for CVS-2011-2895, buffer overflow when uncompressing
provisional fix for CVE-2011-2895, buffer overflow in decompression
set errno on overflow return.
Do proper input validation without penalizing performance.
Do proper input validation. Allow decompressing all input streams.
Increase robustness of LZW decoding to avoid buffer overflow on
arbitrary manipulated input streams in combination with uninitalised
memory.
Increase strictness of LZW parser.
 1.6.32.1  19-Aug-2011  riz Pull up following revision(s) (requested by joerg in ticket #1661):
xsrc/external/mit/libXfont/dist/src/fontfile/decompress.c: revision 1.2
xsrc/external/mit/libXfont/dist/src/fontfile/decompress.c: revision 1.3
src/usr.bin/gzip/zuncompress.c: revision 1.9-1.11
src/usr.bin/compress/zopen.c: revision 1.14-1.15
xsrc/xfree/xc/lib/font/fontfile/decompress.c: revision 1.2
xsrc/xfree/xc/extras/freetype2/src/lzw/zopen.c: revision 1.2
xsrc/external/mit/freetype/dist/src/lzw/ftzopen.c: revision 1.4
P
Fix CVS-2011-2895, buffer overflow in decompress
provisional fix for CVS-2011-2895, buffer overflow when uncompressing
provisional fix for CVE-2011-2895, buffer overflow in decompression
set errno on overflow return.
Do proper input validation without penalizing performance.
Do proper input validation. Allow decompressing all input streams.
Increase robustness of LZW decoding to avoid buffer overflow on
arbitrary manipulated input streams in combination with uninitalised
memory.
Increase strictness of LZW parser.
 1.6.30.1  13-May-2009  jym Sync with HEAD.

Third (and last) commit. See http://mail-index.netbsd.org/source-changes/2009/05/13/msg221222.html
 1.6.28.2  15-Mar-2015  snj Pull up following revision(s) (requested by mrg in ticket #1951):
usr.bin/gzip/Makefile: patch
usr.bin/gzip/gzip.1: revisions 1.20-1.24
usr.bin/gzip/gzip.c: revisions 1.98-1.107
usr.bin/gzip/zuncompress.c: revisions 1.7-1.8
Sync gzip core with HEAD.
 1.6.28.1  19-Aug-2011  riz branches: 1.6.28.1.2;
Pull up following revision(s) (requested by joerg in ticket #1661):
xsrc/external/mit/libXfont/dist/src/fontfile/decompress.c: revision 1.2
xsrc/external/mit/libXfont/dist/src/fontfile/decompress.c: revision 1.3
src/usr.bin/gzip/zuncompress.c: revision 1.9-1.11
src/usr.bin/compress/zopen.c: revision 1.14-1.15
xsrc/xfree/xc/lib/font/fontfile/decompress.c: revision 1.2
xsrc/xfree/xc/extras/freetype2/src/lzw/zopen.c: revision 1.2
xsrc/external/mit/freetype/dist/src/lzw/ftzopen.c: revision 1.4
P
Fix CVS-2011-2895, buffer overflow in decompress
provisional fix for CVS-2011-2895, buffer overflow when uncompressing
provisional fix for CVE-2011-2895, buffer overflow in decompression
set errno on overflow return.
Do proper input validation without penalizing performance.
Do proper input validation. Allow decompressing all input streams.
Increase robustness of LZW decoding to avoid buffer overflow on
arbitrary manipulated input streams in combination with uninitalised
memory.
Increase strictness of LZW parser.
 1.6.28.1.2.1  15-Mar-2015  snj Pull up following revision(s) (requested by mrg in ticket #1951):
usr.bin/gzip/Makefile: patch
usr.bin/gzip/gzip.1: revisions 1.20-1.24
usr.bin/gzip/gzip.c: revisions 1.98-1.107
usr.bin/gzip/zuncompress.c: revisions 1.7-1.8
Sync gzip core with HEAD.
 1.6.16.1  19-Aug-2011  riz Pull up following revision(s) (requested by joerg in ticket #1433):
usr.bin/compress/zopen.c: revision 1.14-1.15
xfree/xc/lib/font/fontfile/decompress.c: revision 1.2
xfree/xc/extras/freetype2/src/lzw/zopen.c: revision 1.2
usr.bin/gzip/zuncompress.c: revision 1.9-1.11

Fix CVS-2011-2895, buffer overflow in decompress
provisional fix for CVS-2011-2895, buffer overflow when uncompressing
provisional fix for CVE-2011-2895, buffer overflow in decompression
set errno on overflow return.
Do proper input validation without penalizing performance.
Do proper input validation. Allow decompressing all input streams.
Increase robustness of LZW decoding to avoid buffer overflow on
arbitrary manipulated input streams in combination with uninitalised
memory.
Increase strictness of LZW parser.
 1.6.6.1  19-Aug-2011  riz Pull up following revision(s) (requested by joerg in ticket #1433):
usr.bin/compress/zopen.c: revision 1.14-1.15
xfree/xc/lib/font/fontfile/decompress.c: revision 1.2
xfree/xc/extras/freetype2/src/lzw/zopen.c: revision 1.2
usr.bin/gzip/zuncompress.c: revision 1.9-1.11

Fix CVS-2011-2895, buffer overflow in decompress
provisional fix for CVS-2011-2895, buffer overflow when uncompressing
provisional fix for CVE-2011-2895, buffer overflow in decompression
set errno on overflow return.
Do proper input validation without penalizing performance.
Do proper input validation. Allow decompressing all input streams.
Increase robustness of LZW decoding to avoid buffer overflow on
arbitrary manipulated input streams in combination with uninitalised
memory.
Increase strictness of LZW parser.

RSS XML Feed