summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorjoerg <joerg>2010-09-22 14:32:11 +0000
committerjoerg <joerg>2010-09-22 14:32:11 +0000
commit73070f8562b81e495a6989372babe40f16e0e73c (patch)
tree83bcf6d102d5301c98c994b3f3ca61b8382118f3
parent75cba570c00bbeebd50aba92448b469a1118888f (diff)
downloadpkgsrc-BZIP2.tar.gz
Import stripped down bzip2-1.0.6.BZIP2
-rw-r--r--archivers/bzip2/files/CHANGES17
-rw-r--r--archivers/bzip2/files/LICENSE7
-rw-r--r--archivers/bzip2/files/README14
-rw-r--r--archivers/bzip2/files/blocksort.c4
-rw-r--r--archivers/bzip2/files/bzdiff76
-rw-r--r--archivers/bzip2/files/bzdiff.147
-rw-r--r--archivers/bzip2/files/bzgrep75
-rw-r--r--archivers/bzip2/files/bzgrep.156
-rw-r--r--archivers/bzip2/files/bzip2.16
-rw-r--r--archivers/bzip2/files/bzip2.c8
-rw-r--r--archivers/bzip2/files/bzip2recover.c6
-rw-r--r--archivers/bzip2/files/bzlib.c7
-rw-r--r--archivers/bzip2/files/bzlib.h4
-rw-r--r--archivers/bzip2/files/bzlib_private.h16
-rw-r--r--archivers/bzip2/files/compress.c4
-rw-r--r--archivers/bzip2/files/crctable.c4
-rw-r--r--archivers/bzip2/files/decompress.c24
-rw-r--r--archivers/bzip2/files/huffman.c4
-rw-r--r--archivers/bzip2/files/randtable.c4
19 files changed, 343 insertions, 40 deletions
diff --git a/archivers/bzip2/files/CHANGES b/archivers/bzip2/files/CHANGES
index 0959ea0ac6d..81e97ca6fa2 100644
--- a/archivers/bzip2/files/CHANGES
+++ b/archivers/bzip2/files/CHANGES
@@ -2,8 +2,8 @@
This file is part of bzip2/libbzip2, a program and library for
lossless, block-sorting data compression.
- bzip2/libbzip2 version 1.0.4 of 20 December 2006
- Copyright (C) 1996-2006 Julian Seward <jseward@bzip.org>
+ bzip2/libbzip2 version 1.0.6 of 6 September 2010
+ Copyright (C) 1996-2010 Julian Seward <jseward@bzip.org>
Please read the WARNING, DISCLAIMER and PATENTS sections in the
README file.
@@ -312,3 +312,16 @@ Fixes some minor bugs since the last version, 1.0.3.
* Fix minor doc/comment bugs.
+
+1.0.5 (10 Dec 07)
+~~~~~~~~~~~~~~~~~
+Security fix only. Fixes CERT-FI 20469 as it applies to bzip2.
+
+
+1.0.6 (6 Sept 10)
+~~~~~~~~~~~~~~~~~
+
+* Security fix for CVE-2010-0405. This was reported by Mikolaj
+ Izdebski.
+
+* Make the documentation build on Ubuntu 10.04
diff --git a/archivers/bzip2/files/LICENSE b/archivers/bzip2/files/LICENSE
index 4458e35bb51..cc614178cf7 100644
--- a/archivers/bzip2/files/LICENSE
+++ b/archivers/bzip2/files/LICENSE
@@ -2,7 +2,7 @@
--------------------------------------------------------------------------
This program, "bzip2", the associated library "libbzip2", and all
-documentation, are copyright (C) 1996-2006 Julian R Seward. All
+documentation, are copyright (C) 1996-2010 Julian R Seward. All
rights reserved.
Redistribution and use in source and binary forms, with or without
@@ -36,8 +36,7 @@ WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-Julian Seward, Cambridge, UK.
-jseward@bzip.org
-bzip2/libbzip2 version 1.0.4 of 20 December 2006
+Julian Seward, jseward@bzip.org
+bzip2/libbzip2 version 1.0.6 of 6 September 2010
--------------------------------------------------------------------------
diff --git a/archivers/bzip2/files/README b/archivers/bzip2/files/README
index b18c096b9e8..9fb0f636013 100644
--- a/archivers/bzip2/files/README
+++ b/archivers/bzip2/files/README
@@ -6,8 +6,8 @@ This version is fully compatible with the previous public releases.
This file is part of bzip2/libbzip2, a program and library for
lossless, block-sorting data compression.
-bzip2/libbzip2 version 1.0.4 of 20 December 2006
-Copyright (C) 1996-2006 Julian Seward <jseward@bzip.org>
+bzip2/libbzip2 version 1.0.6 of 6 September 2010
+Copyright (C) 1996-2010 Julian Seward <jseward@bzip.org>
Please read the WARNING, DISCLAIMER and PATENTS sections in this file.
@@ -177,6 +177,14 @@ WHAT'S NEW IN 1.0.4 ?
See the CHANGES file.
+WHAT'S NEW IN 1.0.5 ?
+
+ See the CHANGES file.
+
+WHAT'S NEW IN 1.0.6 ?
+
+ See the CHANGES file.
+
I hope you find bzip2 useful. Feel free to contact me at
jseward@bzip.org
@@ -203,3 +211,5 @@ Cambridge, UK.
30 December 2001 (bzip2, version 1.0.2pre1)
15 February 2005 (bzip2, version 1.0.3)
20 December 2006 (bzip2, version 1.0.4)
+10 December 2007 (bzip2, version 1.0.5)
+ 6 Sept 2010 (bzip2, version 1.0.6)
diff --git a/archivers/bzip2/files/blocksort.c b/archivers/bzip2/files/blocksort.c
index 8535c93c8db..d0d662cd4e9 100644
--- a/archivers/bzip2/files/blocksort.c
+++ b/archivers/bzip2/files/blocksort.c
@@ -8,8 +8,8 @@
This file is part of bzip2/libbzip2, a program and library for
lossless, block-sorting data compression.
- bzip2/libbzip2 version 1.0.4 of 20 December 2006
- Copyright (C) 1996-2006 Julian Seward <jseward@bzip.org>
+ bzip2/libbzip2 version 1.0.6 of 6 September 2010
+ Copyright (C) 1996-2010 Julian Seward <jseward@bzip.org>
Please read the WARNING, DISCLAIMER and PATENTS sections in the
README file.
diff --git a/archivers/bzip2/files/bzdiff b/archivers/bzip2/files/bzdiff
new file mode 100644
index 00000000000..6fc38f92d27
--- /dev/null
+++ b/archivers/bzip2/files/bzdiff
@@ -0,0 +1,76 @@
+#!/bin/sh
+# sh is buggy on RS/6000 AIX 3.2. Replace above line with #!/bin/ksh
+
+# Bzcmp/diff wrapped for bzip2,
+# adapted from zdiff by Philippe Troin <phil@fifi.org> for Debian GNU/Linux.
+
+# Bzcmp and bzdiff are used to invoke the cmp or the diff pro-
+# gram on compressed files. All options specified are passed
+# directly to cmp or diff. If only 1 file is specified, then
+# the files compared are file1 and an uncompressed file1.gz.
+# If two files are specified, then they are uncompressed (if
+# necessary) and fed to cmp or diff. The exit status from cmp
+# or diff is preserved.
+
+PATH="/usr/bin:/bin:$PATH"; export PATH
+prog=`echo $0 | sed 's|.*/||'`
+case "$prog" in
+ *cmp) comp=${CMP-cmp} ;;
+ *) comp=${DIFF-diff} ;;
+esac
+
+OPTIONS=
+FILES=
+for ARG
+do
+ case "$ARG" in
+ -*) OPTIONS="$OPTIONS $ARG";;
+ *) if test -f "$ARG"; then
+ FILES="$FILES $ARG"
+ else
+ echo "${prog}: $ARG not found or not a regular file"
+ exit 1
+ fi ;;
+ esac
+done
+if test -z "$FILES"; then
+ echo "Usage: $prog [${comp}_options] file [file]"
+ exit 1
+fi
+tmp=`mktemp ${TMPDIR:-/tmp}/bzdiff.XXXXXXXXXX` || {
+ echo 'cannot create a temporary file' >&2
+ exit 1
+}
+set $FILES
+if test $# -eq 1; then
+ FILE=`echo "$1" | sed 's/.bz2$//'`
+ bzip2 -cd "$FILE.bz2" | $comp $OPTIONS - "$FILE"
+ STAT="$?"
+
+elif test $# -eq 2; then
+ case "$1" in
+ *.bz2)
+ case "$2" in
+ *.bz2)
+ F=`echo "$2" | sed 's|.*/||;s|.bz2$||'`
+ bzip2 -cdfq "$2" > $tmp
+ bzip2 -cdfq "$1" | $comp $OPTIONS - $tmp
+ STAT="$?"
+ /bin/rm -f $tmp;;
+
+ *) bzip2 -cdfq "$1" | $comp $OPTIONS - "$2"
+ STAT="$?";;
+ esac;;
+ *) case "$2" in
+ *.bz2)
+ bzip2 -cdfq "$2" | $comp $OPTIONS "$1" -
+ STAT="$?";;
+ *) $comp $OPTIONS "$1" "$2"
+ STAT="$?";;
+ esac;;
+ esac
+ exit "$STAT"
+else
+ echo "Usage: $prog [${comp}_options] file [file]"
+ exit 1
+fi
diff --git a/archivers/bzip2/files/bzdiff.1 b/archivers/bzip2/files/bzdiff.1
new file mode 100644
index 00000000000..adb7a8e724e
--- /dev/null
+++ b/archivers/bzip2/files/bzdiff.1
@@ -0,0 +1,47 @@
+\"Shamelessly copied from zmore.1 by Philippe Troin <phil@fifi.org>
+\"for Debian GNU/Linux
+.TH BZDIFF 1
+.SH NAME
+bzcmp, bzdiff \- compare bzip2 compressed files
+.SH SYNOPSIS
+.B bzcmp
+[ cmp_options ] file1
+[ file2 ]
+.br
+.B bzdiff
+[ diff_options ] file1
+[ file2 ]
+.SH DESCRIPTION
+.I Bzcmp
+and
+.I bzdiff
+are used to invoke the
+.I cmp
+or the
+.I diff
+program on bzip2 compressed files. All options specified are passed
+directly to
+.I cmp
+or
+.IR diff "."
+If only 1 file is specified, then the files compared are
+.I file1
+and an uncompressed
+.IR file1 ".bz2."
+If two files are specified, then they are uncompressed if necessary and fed to
+.I cmp
+or
+.IR diff "."
+The exit status from
+.I cmp
+or
+.I diff
+is preserved.
+.SH "SEE ALSO"
+cmp(1), diff(1), bzmore(1), bzless(1), bzgrep(1), bzip2(1)
+.SH BUGS
+Messages from the
+.I cmp
+or
+.I diff
+programs refer to temporary filenames instead of those specified.
diff --git a/archivers/bzip2/files/bzgrep b/archivers/bzip2/files/bzgrep
new file mode 100644
index 00000000000..9a04b8337d7
--- /dev/null
+++ b/archivers/bzip2/files/bzgrep
@@ -0,0 +1,75 @@
+#!/bin/sh
+
+# Bzgrep wrapped for bzip2,
+# adapted from zgrep by Philippe Troin <phil@fifi.org> for Debian GNU/Linux.
+## zgrep notice:
+## zgrep -- a wrapper around a grep program that decompresses files as needed
+## Adapted from a version sent by Charles Levert <charles@comm.polymtl.ca>
+
+PATH="/usr/bin:$PATH"; export PATH
+
+prog=`echo $0 | sed 's|.*/||'`
+case "$prog" in
+ *egrep) grep=${EGREP-egrep} ;;
+ *fgrep) grep=${FGREP-fgrep} ;;
+ *) grep=${GREP-grep} ;;
+esac
+pat=""
+while test $# -ne 0; do
+ case "$1" in
+ -e | -f) opt="$opt $1"; shift; pat="$1"
+ if test "$grep" = grep; then # grep is buggy with -e on SVR4
+ grep=egrep
+ fi;;
+ -A | -B) opt="$opt $1 $2"; shift;;
+ -*) opt="$opt $1";;
+ *) if test -z "$pat"; then
+ pat="$1"
+ else
+ break;
+ fi;;
+ esac
+ shift
+done
+
+if test -z "$pat"; then
+ echo "grep through bzip2 files"
+ echo "usage: $prog [grep_options] pattern [files]"
+ exit 1
+fi
+
+list=0
+silent=0
+op=`echo "$opt" | sed -e 's/ //g' -e 's/-//g'`
+case "$op" in
+ *l*) list=1
+esac
+case "$op" in
+ *h*) silent=1
+esac
+
+if test $# -eq 0; then
+ bzip2 -cdfq | $grep $opt "$pat"
+ exit $?
+fi
+
+res=0
+for i do
+ if test -f "$i"; then :; else if test -f "$i.bz2"; then i="$i.bz2"; fi; fi
+ if test $list -eq 1; then
+ bzip2 -cdfq "$i" | $grep $opt "$pat" 2>&1 > /dev/null && echo $i
+ r=$?
+ elif test $# -eq 1 -o $silent -eq 1; then
+ bzip2 -cdfq "$i" | $grep $opt "$pat"
+ r=$?
+ else
+ j=${i//\\/\\\\}
+ j=${j//|/\\|}
+ j=${j//&/\\&}
+ j=`printf "%s" "$j" | tr '\n' ' '`
+ bzip2 -cdfq "$i" | $grep $opt "$pat" | sed "s|^|${j}:|"
+ r=$?
+ fi
+ test "$r" -ne 0 && res="$r"
+done
+exit $res
diff --git a/archivers/bzip2/files/bzgrep.1 b/archivers/bzip2/files/bzgrep.1
new file mode 100644
index 00000000000..930af8c7fcb
--- /dev/null
+++ b/archivers/bzip2/files/bzgrep.1
@@ -0,0 +1,56 @@
+\"Shamelessly copied from zmore.1 by Philippe Troin <phil@fifi.org>
+\"for Debian GNU/Linux
+.TH BZGREP 1
+.SH NAME
+bzgrep, bzfgrep, bzegrep \- search possibly bzip2 compressed files for a regular expression
+.SH SYNOPSIS
+.B bzgrep
+[ grep_options ]
+.BI [\ -e\ ] " pattern"
+.IR filename ".\|.\|."
+.br
+.B bzegrep
+[ egrep_options ]
+.BI [\ -e\ ] " pattern"
+.IR filename ".\|.\|."
+.br
+.B bzfgrep
+[ fgrep_options ]
+.BI [\ -e\ ] " pattern"
+.IR filename ".\|.\|."
+.SH DESCRIPTION
+.IR Bzgrep
+is used to invoke the
+.I grep
+on bzip2-compressed files. All options specified are passed directly to
+.I grep.
+If no file is specified, then the standard input is decompressed
+if necessary and fed to grep.
+Otherwise the given files are uncompressed if necessary and fed to
+.I grep.
+.PP
+If
+.I bzgrep
+is invoked as
+.I bzegrep
+or
+.I bzfgrep
+then
+.I egrep
+or
+.I fgrep
+is used instead of
+.I grep.
+If the GREP environment variable is set,
+.I bzgrep
+uses it as the
+.I grep
+program to be invoked. For example:
+
+ for sh: GREP=fgrep bzgrep string files
+ for csh: (setenv GREP fgrep; bzgrep string files)
+.SH AUTHOR
+Charles Levert (charles@comm.polymtl.ca). Adapted to bzip2 by Philippe
+Troin <phil@fifi.org> for Debian GNU/Linux.
+.SH "SEE ALSO"
+grep(1), egrep(1), fgrep(1), bzdiff(1), bzmore(1), bzless(1), bzip2(1)
diff --git a/archivers/bzip2/files/bzip2.1 b/archivers/bzip2/files/bzip2.1
index a313f2d5bed..ce3a78e6b4f 100644
--- a/archivers/bzip2/files/bzip2.1
+++ b/archivers/bzip2/files/bzip2.1
@@ -1,7 +1,7 @@
.PU
.TH bzip2 1
.SH NAME
-bzip2, bunzip2 \- a block-sorting file compressor, v1.0.4
+bzip2, bunzip2 \- a block-sorting file compressor, v1.0.6
.br
bzcat \- decompresses files to stdout
.br
@@ -405,11 +405,11 @@ I/O error messages are not as helpful as they could be.
tries hard to detect I/O errors and exit cleanly, but the details of
what the problem is sometimes seem rather misleading.
-This manual page pertains to version 1.0.4 of
+This manual page pertains to version 1.0.6 of
.I bzip2.
Compressed data created by this version is entirely forwards and
backwards compatible with the previous public releases, versions
-0.1pl2, 0.9.0, 0.9.5, 1.0.0, 1.0.1, 1.0.2 and 1.0.3, but with the following
+0.1pl2, 0.9.0, 0.9.5, 1.0.0, 1.0.1, 1.0.2 and above, but with the following
exception: 0.9.0 and above can correctly decompress multiple
concatenated compressed files. 0.1pl2 cannot do this; it will stop
after decompressing just the first file in the stream.
diff --git a/archivers/bzip2/files/bzip2.c b/archivers/bzip2/files/bzip2.c
index 5fbae0ebe47..6de9d1d1488 100644
--- a/archivers/bzip2/files/bzip2.c
+++ b/archivers/bzip2/files/bzip2.c
@@ -7,8 +7,8 @@
This file is part of bzip2/libbzip2, a program and library for
lossless, block-sorting data compression.
- bzip2/libbzip2 version 1.0.4 of 20 December 2006
- Copyright (C) 1996-2006 Julian Seward <jseward@bzip.org>
+ bzip2/libbzip2 version 1.0.6 of 6 September 2010
+ Copyright (C) 1996-2010 Julian Seward <jseward@bzip.org>
Please read the WARNING, DISCLAIMER and PATENTS sections in the
README file.
@@ -1605,11 +1605,11 @@ void license ( void )
"bzip2, a block-sorting file compressor. "
"Version %s.\n"
" \n"
- " Copyright (C) 1996-2006 by Julian Seward.\n"
+ " Copyright (C) 1996-2010 by Julian Seward.\n"
" \n"
" This program is free software; you can redistribute it and/or modify\n"
" it under the terms set out in the LICENSE file, which is included\n"
- " in the bzip2-1.0.4 source distribution.\n"
+ " in the bzip2-1.0.6 source distribution.\n"
" \n"
" This program is distributed in the hope that it will be useful,\n"
" but WITHOUT ANY WARRANTY; without even the implied warranty of\n"
diff --git a/archivers/bzip2/files/bzip2recover.c b/archivers/bzip2/files/bzip2recover.c
index ffe60bc7201..f9de0496abf 100644
--- a/archivers/bzip2/files/bzip2recover.c
+++ b/archivers/bzip2/files/bzip2recover.c
@@ -7,8 +7,8 @@
This file is part of bzip2/libbzip2, a program and library for
lossless, block-sorting data compression.
- bzip2/libbzip2 version 1.0.4 of 20 December 2006
- Copyright (C) 1996-2006 Julian Seward <jseward@bzip.org>
+ bzip2/libbzip2 version 1.0.6 of 6 September 2010
+ Copyright (C) 1996-2010 Julian Seward <jseward@bzip.org>
Please read the WARNING, DISCLAIMER and PATENTS sections in the
README file.
@@ -313,7 +313,7 @@ Int32 main ( Int32 argc, Char** argv )
inFileName[0] = outFileName[0] = 0;
fprintf ( stderr,
- "bzip2recover 1.0.4: extracts blocks from damaged .bz2 files.\n" );
+ "bzip2recover 1.0.6: extracts blocks from damaged .bz2 files.\n" );
if (argc != 2) {
fprintf ( stderr, "%s: usage is `%s damaged_file_name'.\n",
diff --git a/archivers/bzip2/files/bzlib.c b/archivers/bzip2/files/bzlib.c
index 79c34a5400f..bd358a793b8 100644
--- a/archivers/bzip2/files/bzlib.c
+++ b/archivers/bzip2/files/bzlib.c
@@ -8,8 +8,8 @@
This file is part of bzip2/libbzip2, a program and library for
lossless, block-sorting data compression.
- bzip2/libbzip2 version 1.0.4 of 20 December 2006
- Copyright (C) 1996-2006 Julian Seward <jseward@bzip.org>
+ bzip2/libbzip2 version 1.0.6 of 6 September 2010
+ Copyright (C) 1996-2010 Julian Seward <jseward@bzip.org>
Please read the WARNING, DISCLAIMER and PATENTS sections in the
README file.
@@ -48,7 +48,7 @@ void BZ2_bz__AssertH__fail ( int errcode )
"component, you should also report this bug to the author(s)\n"
"of that program. Please make an effort to report this bug;\n"
"timely and accurate bug reports eventually lead to higher\n"
- "quality software. Thanks. Julian Seward, 15 February 2005.\n\n",
+ "quality software. Thanks. Julian Seward, 10 December 2007.\n\n",
errcode,
BZ2_bzlibVersion()
);
@@ -598,6 +598,7 @@ Bool unRLE_obuf_to_output_FAST ( DState* s )
UInt32 c_tPos = s->tPos;
char* cs_next_out = s->strm->next_out;
unsigned int cs_avail_out = s->strm->avail_out;
+ Int32 ro_blockSize100k = s->blockSize100k;
/* end restore */
UInt32 avail_out_INIT = cs_avail_out;
diff --git a/archivers/bzip2/files/bzlib.h b/archivers/bzip2/files/bzlib.h
index fdb0dbe7b02..8277123da8c 100644
--- a/archivers/bzip2/files/bzlib.h
+++ b/archivers/bzip2/files/bzlib.h
@@ -8,8 +8,8 @@
This file is part of bzip2/libbzip2, a program and library for
lossless, block-sorting data compression.
- bzip2/libbzip2 version 1.0.4 of 20 December 2006
- Copyright (C) 1996-2006 Julian Seward <jseward@bzip.org>
+ bzip2/libbzip2 version 1.0.6 of 6 September 2010
+ Copyright (C) 1996-2010 Julian Seward <jseward@bzip.org>
Please read the WARNING, DISCLAIMER and PATENTS sections in the
README file.
diff --git a/archivers/bzip2/files/bzlib_private.h b/archivers/bzip2/files/bzlib_private.h
index d0a05546efd..5d0217f4635 100644
--- a/archivers/bzip2/files/bzlib_private.h
+++ b/archivers/bzip2/files/bzlib_private.h
@@ -8,8 +8,8 @@
This file is part of bzip2/libbzip2, a program and library for
lossless, block-sorting data compression.
- bzip2/libbzip2 version 1.0.4 of 20 December 2006
- Copyright (C) 1996-2006 Julian Seward <jseward@bzip.org>
+ bzip2/libbzip2 version 1.0.6 of 6 September 2010
+ Copyright (C) 1996-2010 Julian Seward <jseward@bzip.org>
Please read the WARNING, DISCLAIMER and PATENTS sections in the
README file.
@@ -36,7 +36,7 @@
/*-- General stuff. --*/
-#define BZ_VERSION "1.0.4, 20-Dec-2006"
+#define BZ_VERSION "1.0.6, 6-Sept-2010"
typedef char Char;
typedef unsigned char Bool;
@@ -442,11 +442,15 @@ typedef
/*-- Macros for decompression. --*/
#define BZ_GET_FAST(cccc) \
+ /* c_tPos is unsigned, hence test < 0 is pointless. */ \
+ if (s->tPos >= (UInt32)100000 * (UInt32)s->blockSize100k) return True; \
s->tPos = s->tt[s->tPos]; \
cccc = (UChar)(s->tPos & 0xff); \
s->tPos >>= 8;
#define BZ_GET_FAST_C(cccc) \
+ /* c_tPos is unsigned, hence test < 0 is pointless. */ \
+ if (c_tPos >= (UInt32)100000 * (UInt32)ro_blockSize100k) return True; \
c_tPos = c_tt[c_tPos]; \
cccc = (UChar)(c_tPos & 0xff); \
c_tPos >>= 8;
@@ -469,8 +473,10 @@ typedef
(((UInt32)s->ll16[i]) | (GET_LL4(i) << 16))
#define BZ_GET_SMALL(cccc) \
- cccc = BZ2_indexIntoF ( s->tPos, s->cftab ); \
- s->tPos = GET_LL(s->tPos);
+ /* c_tPos is unsigned, hence test < 0 is pointless. */ \
+ if (s->tPos >= (UInt32)100000 * (UInt32)s->blockSize100k) return True; \
+ cccc = BZ2_indexIntoF ( s->tPos, s->cftab ); \
+ s->tPos = GET_LL(s->tPos);
/*-- externs for decompression. --*/
diff --git a/archivers/bzip2/files/compress.c b/archivers/bzip2/files/compress.c
index d98d5c0bd86..caf7696011b 100644
--- a/archivers/bzip2/files/compress.c
+++ b/archivers/bzip2/files/compress.c
@@ -8,8 +8,8 @@
This file is part of bzip2/libbzip2, a program and library for
lossless, block-sorting data compression.
- bzip2/libbzip2 version 1.0.4 of 20 December 2006
- Copyright (C) 1996-2006 Julian Seward <jseward@bzip.org>
+ bzip2/libbzip2 version 1.0.6 of 6 September 2010
+ Copyright (C) 1996-2010 Julian Seward <jseward@bzip.org>
Please read the WARNING, DISCLAIMER and PATENTS sections in the
README file.
diff --git a/archivers/bzip2/files/crctable.c b/archivers/bzip2/files/crctable.c
index bc7e2ae39d9..1fea7e946c5 100644
--- a/archivers/bzip2/files/crctable.c
+++ b/archivers/bzip2/files/crctable.c
@@ -8,8 +8,8 @@
This file is part of bzip2/libbzip2, a program and library for
lossless, block-sorting data compression.
- bzip2/libbzip2 version 1.0.4 of 20 December 2006
- Copyright (C) 1996-2006 Julian Seward <jseward@bzip.org>
+ bzip2/libbzip2 version 1.0.6 of 6 September 2010
+ Copyright (C) 1996-2010 Julian Seward <jseward@bzip.org>
Please read the WARNING, DISCLAIMER and PATENTS sections in the
README file.
diff --git a/archivers/bzip2/files/decompress.c b/archivers/bzip2/files/decompress.c
index 124cc8ddc7c..311f5668f9a 100644
--- a/archivers/bzip2/files/decompress.c
+++ b/archivers/bzip2/files/decompress.c
@@ -8,8 +8,8 @@
This file is part of bzip2/libbzip2, a program and library for
lossless, block-sorting data compression.
- bzip2/libbzip2 version 1.0.4 of 20 December 2006
- Copyright (C) 1996-2006 Julian Seward <jseward@bzip.org>
+ bzip2/libbzip2 version 1.0.6 of 6 September 2010
+ Copyright (C) 1996-2010 Julian Seward <jseward@bzip.org>
Please read the WARNING, DISCLAIMER and PATENTS sections in the
README file.
@@ -381,6 +381,13 @@ Int32 BZ2_decompress ( DState* s )
es = -1;
N = 1;
do {
+ /* Check that N doesn't get too big, so that es doesn't
+ go negative. The maximum value that can be
+ RUNA/RUNB encoded is equal to the block size (post
+ the initial RLE), viz, 900k, so bounding N at 2
+ million should guard against overflow without
+ rejecting any legitimate inputs. */
+ if (N >= 2*1024*1024) RETURN(BZ_DATA_ERROR);
if (nextSym == BZ_RUNA) es = es + (0+1) * N; else
if (nextSym == BZ_RUNB) es = es + (1+1) * N;
N = N * 2;
@@ -485,15 +492,28 @@ Int32 BZ2_decompress ( DState* s )
RETURN(BZ_DATA_ERROR);
/*-- Set up cftab to facilitate generation of T^(-1) --*/
+ /* Check: unzftab entries in range. */
+ for (i = 0; i <= 255; i++) {
+ if (s->unzftab[i] < 0 || s->unzftab[i] > nblock)
+ RETURN(BZ_DATA_ERROR);
+ }
+ /* Actually generate cftab. */
s->cftab[0] = 0;
for (i = 1; i <= 256; i++) s->cftab[i] = s->unzftab[i-1];
for (i = 1; i <= 256; i++) s->cftab[i] += s->cftab[i-1];
+ /* Check: cftab entries in range. */
for (i = 0; i <= 256; i++) {
if (s->cftab[i] < 0 || s->cftab[i] > nblock) {
/* s->cftab[i] can legitimately be == nblock */
RETURN(BZ_DATA_ERROR);
}
}
+ /* Check: cftab entries non-descending. */
+ for (i = 1; i <= 256; i++) {
+ if (s->cftab[i-1] > s->cftab[i]) {
+ RETURN(BZ_DATA_ERROR);
+ }
+ }
s->state_out_len = 0;
s->state_out_ch = 0;
diff --git a/archivers/bzip2/files/huffman.c b/archivers/bzip2/files/huffman.c
index be4dc024dca..2283fdbc5a1 100644
--- a/archivers/bzip2/files/huffman.c
+++ b/archivers/bzip2/files/huffman.c
@@ -8,8 +8,8 @@
This file is part of bzip2/libbzip2, a program and library for
lossless, block-sorting data compression.
- bzip2/libbzip2 version 1.0.4 of 20 December 2006
- Copyright (C) 1996-2006 Julian Seward <jseward@bzip.org>
+ bzip2/libbzip2 version 1.0.6 of 6 September 2010
+ Copyright (C) 1996-2010 Julian Seward <jseward@bzip.org>
Please read the WARNING, DISCLAIMER and PATENTS sections in the
README file.
diff --git a/archivers/bzip2/files/randtable.c b/archivers/bzip2/files/randtable.c
index d186335e0ee..6d624599061 100644
--- a/archivers/bzip2/files/randtable.c
+++ b/archivers/bzip2/files/randtable.c
@@ -8,8 +8,8 @@
This file is part of bzip2/libbzip2, a program and library for
lossless, block-sorting data compression.
- bzip2/libbzip2 version 1.0.4 of 20 December 2006
- Copyright (C) 1996-2006 Julian Seward <jseward@bzip.org>
+ bzip2/libbzip2 version 1.0.6 of 6 September 2010
+ Copyright (C) 1996-2010 Julian Seward <jseward@bzip.org>
Please read the WARNING, DISCLAIMER and PATENTS sections in the
README file.