Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package erofs-utils for openSUSE:Factory checked in at 2024-09-15 12:36:35 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/erofs-utils (Old) and /work/SRC/openSUSE:Factory/.erofs-utils.new.29891 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "erofs-utils" Sun Sep 15 12:36:35 2024 rev:15 rq:1200907 version:1.8.1 Changes: -------- --- /work/SRC/openSUSE:Factory/erofs-utils/erofs-utils.changes 2024-09-04 13:26:34.974682930 +0200 +++ /work/SRC/openSUSE:Factory/.erofs-utils.new.29891/erofs-utils.changes 2024-09-15 12:40:43.547360522 +0200 @@ -1,0 +2,8 @@ +Fri Sep 13 20:27:29 UTC 2024 - Jan Engelhardt <jeng...@inai.de> + +- Update to release 1.8.1 + * lib: fix heap-buffer-overflow on read + * fuse: fix partial decompression for libdeflate + * lib: fix truncated uncompressed files + +------------------------------------------------------------------- Old: ---- v1.8.tar.gz New: ---- v1.8.1.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ erofs-utils.spec ++++++ --- /var/tmp/diff_new_pack.TI9Q40/_old 2024-09-15 12:40:44.019380186 +0200 +++ /var/tmp/diff_new_pack.TI9Q40/_new 2024-09-15 12:40:44.019380186 +0200 @@ -17,7 +17,7 @@ Name: erofs-utils -Version: 1.8 +Version: 1.8.1 Release: 0 Summary: Utilities for the Extendable Read-Only Filesystem (EROFS) License: GPL-2.0-or-later ++++++ _scmsync.obsinfo ++++++ --- /var/tmp/diff_new_pack.TI9Q40/_old 2024-09-15 12:40:44.059381853 +0200 +++ /var/tmp/diff_new_pack.TI9Q40/_new 2024-09-15 12:40:44.067382186 +0200 @@ -1,5 +1,5 @@ -mtime: 1725376244 -commit: 89ca1dfacb27f49776cea4089fb001d354674d70d6bdad9534197a2fb480b60c +mtime: 1726259345 +commit: fc599de483b9f73fa09964f6f8bd19081d1ee8e6b4cd0171524bb668086742b4 url: https://src.opensuse.org/jengelh/erofs-utils revision: master ++++++ build.specials.obscpio ++++++ diff: old/*: No such file or directory diff: new/*: No such file or directory ++++++ v1.8.tar.gz -> v1.8.1.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/erofs-utils-1.8/ChangeLog new/erofs-utils-1.8.1/ChangeLog --- old/erofs-utils-1.8/ChangeLog 2024-08-08 19:27:28.000000000 +0200 +++ new/erofs-utils-1.8.1/ChangeLog 2024-08-09 18:00:00.000000000 +0200 @@ -1,3 +1,12 @@ +erofs-utils 1.8.1 + + * A quick maintenance release includes the following fixes: + - (mkfs.erofs) fix unexpected data truncation of large uncompressed files; + - (erofsfuse) fix decompression errors when using libdeflate compressor; + - (mkfs.erofs) fix an out-of-bound memory read issue with kite-deflate. + + -- Gao Xiang <xi...@kernel.org> Sat, 10 Aug 2024 00:00:00 +0800 + erofs-utils 1.8 * This release includes the following updates: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/erofs-utils-1.8/VERSION new/erofs-utils-1.8.1/VERSION --- old/erofs-utils-1.8/VERSION 2024-08-08 19:27:28.000000000 +0200 +++ new/erofs-utils-1.8.1/VERSION 2024-08-09 18:00:00.000000000 +0200 @@ -1,2 +1,2 @@ -1.8 -2024-08-09 +1.8.1 +2024-08-10 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/erofs-utils-1.8/lib/decompress.c new/erofs-utils-1.8.1/lib/decompress.c --- old/erofs-utils-1.8/lib/decompress.c 2024-08-08 19:27:28.000000000 +0200 +++ new/erofs-utils-1.8.1/lib/decompress.c 2024-08-09 18:00:00.000000000 +0200 @@ -247,32 +247,47 @@ unsigned int inputmargin; struct libdeflate_decompressor *inf; enum libdeflate_result ret; + unsigned int decodedcapacity; inputmargin = z_erofs_fixup_insize(src, rq->inputsize); if (inputmargin >= rq->inputsize) return -EFSCORRUPTED; - if (rq->decodedskip) { - buff = malloc(rq->decodedlength); + decodedcapacity = rq->decodedlength << (4 * rq->partial_decoding); + if (rq->decodedskip || rq->partial_decoding) { + buff = malloc(decodedcapacity); if (!buff) return -ENOMEM; dest = buff; } inf = libdeflate_alloc_decompressor(); - if (!inf) - return -ENOMEM; + if (!inf) { + ret = -ENOMEM; + goto out_free_mem; + } if (rq->partial_decoding) { - ret = libdeflate_deflate_decompress(inf, src + inputmargin, - rq->inputsize - inputmargin, dest, - rq->decodedlength, &actual_out); - if (ret && ret != LIBDEFLATE_INSUFFICIENT_SPACE) { - ret = -EIO; - goto out_inflate_end; + while (1) { + ret = libdeflate_deflate_decompress(inf, src + inputmargin, + rq->inputsize - inputmargin, dest, + decodedcapacity, &actual_out); + if (ret == LIBDEFLATE_SUCCESS) + break; + if (ret != LIBDEFLATE_INSUFFICIENT_SPACE) { + ret = -EIO; + goto out_inflate_end; + } + decodedcapacity = decodedcapacity << 1; + dest = realloc(buff, decodedcapacity); + if (!dest) { + ret = -ENOMEM; + goto out_inflate_end; + } + buff = dest; } - if (actual_out != rq->decodedlength) { + if (actual_out < rq->decodedlength) { ret = -EIO; goto out_inflate_end; } @@ -280,18 +295,19 @@ ret = libdeflate_deflate_decompress(inf, src + inputmargin, rq->inputsize - inputmargin, dest, rq->decodedlength, NULL); - if (ret) { + if (ret != LIBDEFLATE_SUCCESS) { ret = -EIO; goto out_inflate_end; } } - if (rq->decodedskip) + if (rq->decodedskip || rq->partial_decoding) memcpy(rq->out, dest + rq->decodedskip, rq->decodedlength - rq->decodedskip); out_inflate_end: libdeflate_free_decompressor(inf); +out_free_mem: if (buff) free(buff); return ret; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/erofs-utils-1.8/lib/inode.c new/erofs-utils-1.8.1/lib/inode.c --- old/erofs-utils-1.8/lib/inode.c 2024-08-08 19:27:28.000000000 +0200 +++ new/erofs-utils-1.8.1/lib/inode.c 2024-08-09 18:00:00.000000000 +0200 @@ -515,7 +515,8 @@ static int write_uncompressed_file_from_fd(struct erofs_inode *inode, int fd) { int ret; - unsigned int nblocks; + erofs_blk_t nblocks, i; + unsigned int len; struct erofs_sb_info *sbi = inode->sbi; inode->datalayout = EROFS_INODE_FLAT_INLINE; @@ -525,12 +526,16 @@ if (ret) return ret; - ret = erofs_io_xcopy(&sbi->bdev, erofs_pos(sbi, inode->u.i_blkaddr), - &((struct erofs_vfile){ .fd = fd }), - erofs_pos(sbi, nblocks), + for (i = 0; i < nblocks; i += (len >> sbi->blkszbits)) { + len = min_t(u64, round_down(UINT_MAX, 1U << sbi->blkszbits), + erofs_pos(sbi, nblocks - i)); + ret = erofs_io_xcopy(&sbi->bdev, + erofs_pos(sbi, inode->u.i_blkaddr + i), + &((struct erofs_vfile){ .fd = fd }), len, inode->datasource == EROFS_INODE_DATA_SOURCE_DISKBUF); - if (ret) - return ret; + if (ret) + return ret; + } /* read the tail-end data */ inode->idata_size = inode->i_size % erofs_blksiz(sbi); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/erofs-utils-1.8/lib/kite_deflate.c new/erofs-utils-1.8.1/lib/kite_deflate.c --- old/erofs-utils-1.8/lib/kite_deflate.c 2024-08-08 19:27:28.000000000 +0200 +++ new/erofs-utils-1.8.1/lib/kite_deflate.c 2024-08-09 18:00:00.000000000 +0200 @@ -746,7 +746,7 @@ unsigned int v, hv, i, k, p, wsiz; if (mf->end - cur < bestlen + 1) - return 0; + return -1; v = get_unaligned((u16 *)cur); hv = v ^ crc_ccitt_table[cur[2]]; @@ -795,6 +795,14 @@ return k - 1; } +static void kite_mf_hc3_skip(struct kite_matchfinder *mf) +{ + if (kite_mf_getmatches_hc3(mf, 0, 2) >= 0) + return; + mf->offset++; + /* mf->cyclic_pos = (mf->cyclic_pos + 1) & (mf->wsiz - 1); */ +} + /* let's align with zlib */ static const struct kite_matchfinder_cfg { u16 good_length; /* reduce lazy search above this match length */ @@ -1057,7 +1065,7 @@ int matches = kite_mf_getmatches_hc3(mf, mf->depth, kMatchMinLen - 1); - if (matches) { + if (matches > 0) { unsigned int len = mf->matches[matches].len; unsigned int dist = mf->matches[matches].dist; @@ -1072,7 +1080,7 @@ s->pos_in += len; /* skip the rest bytes */ while (--len) - (void)kite_mf_getmatches_hc3(mf, 0, 0); + kite_mf_hc3_skip(mf); } else { nomatch: mf->matches[0].dist = s->in[s->pos_in]; @@ -1115,17 +1123,19 @@ if (len0 < mf->max_lazy) { matches = kite_mf_getmatches_hc3(mf, mf->depth >> (len0 >= mf->good_len), len0); - if (matches) { + if (matches > 0) { len = mf->matches[matches].len; if (len == kMatchMinLen && mf->matches[matches].dist > ZLIB_DISTANCE_TOO_FAR) { matches = 0; len = kMatchMinLen - 1; } + } else { + matches = 0; } } else { matches = 0; - (void)kite_mf_getmatches_hc3(mf, 0, 0); + kite_mf_hc3_skip(mf); } if (len < len0) { @@ -1136,7 +1146,7 @@ s->pos_in += --len0; /* skip the rest bytes */ while (--len0) - (void)kite_mf_getmatches_hc3(mf, 0, 0); + kite_mf_hc3_skip(mf); s->prev_valid = false; s->prev_longest = 0; } else {
