busybox.git/archival/libarchive/decompress_gunzip.c, branch 1_32_stable Unnamed repository; edit this file 'description' to name the repository. decompress_gunzip: Fix DoS if gzip is corrupt 2021-03-31T13:00:27+00:00 Samuel Sapalski samuel.sapalski@nokia.com 2021-03-03T15:31:22+00:00 dbd3b883a891f076911d752f56f7a906d5650a17 On certain corrupt gzip files, huft_build will set the error bit on the result pointer. If afterwards abort_unzip is called huft_free might run into a segmentation fault or an invalid pointer to free(p). In order to mitigate this, we check in huft_free if the error bit is set and clear it before the linked list is freed. Signed-off-by: Samuel Sapalski <samuel.sapalski@nokia.com> Signed-off-by: Peter Kaestle <peter.kaestle@nokia.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> 
On certain corrupt gzip files, huft_build will set the error bit on
the result pointer. If afterwards abort_unzip is called huft_free
might run into a segmentation fault or an invalid pointer to
free(p).

In order to mitigate this, we check in huft_free if the error bit
is set and clear it before the linked list is freed.

Signed-off-by: Samuel Sapalski <samuel.sapalski@nokia.com>
Signed-off-by: Peter Kaestle <peter.kaestle@nokia.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
gunzip: fix incorrect decoding of "fixed" inflate blocks 2019-10-26T18:04:34+00:00 Denys Vlasenko vda.linux@googlemail.com 2019-10-26T18:04:34+00:00 caf5ee0dd9250a4ca913691bcdc247f8fe814e22 function old new delta huft_build 1008 1022 +14 inflate_block 1253 1256 +3 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 2/0 up/down: 17/0) Total: 17 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> 
function                                             old     new   delta
huft_build                                          1008    1022     +14
inflate_block                                       1253    1256      +3
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/0 up/down: 17/0)               Total: 17 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
gunzip: code shrink by using int-, not short-sized struct member 2019-10-20T17:07:06+00:00 Denys Vlasenko vda.linux@googlemail.com 2019-10-20T17:07:06+00:00 fb1103595f0562f98505882150fed384dea72f39 function old new delta inflate_block 1254 1253 -1 inflate_codes 629 621 -8 huft_build 1054 1008 -46 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 0/3 up/down: 0/-55) Total: -55 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> 
function                                             old     new   delta
inflate_block                                       1254    1253      -1
inflate_codes                                        629     621      -8
huft_build                                          1054    1008     -46
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 0/3 up/down: 0/-55)             Total: -55 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
gzip: code shrink 2019-10-19T16:53:19+00:00 Denys Vlasenko vda.linux@googlemail.com 2019-10-19T16:52:41+00:00 6572ef6e1e4822f785b7139ef166586c444dc01e huft_build() still has way too many params function old new delta lit - 94 +94 dist - 94 +94 huft_build 1058 1054 -4 inflate_block 1281 1254 -27 cpdext 30 - -30 cplext 31 - -31 cpdist 60 - -60 cplens 62 - -62 ------------------------------------------------------------------------------ (add/remove: 2/4 grow/shrink: 0/2 up/down: 188/-214) Total: -26 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> 
huft_build() still has way too many params

function                                             old     new   delta
lit                                                    -      94     +94
dist                                                   -      94     +94
huft_build                                          1058    1054      -4
inflate_block                                       1281    1254     -27
cpdext                                                30       -     -30
cplext                                                31       -     -31
cpdist                                                60       -     -60
cplens                                                62       -     -62
------------------------------------------------------------------------------
(add/remove: 2/4 grow/shrink: 0/2 up/down: 188/-214)          Total: -26 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
gzip: code shrink 2019-10-19T16:33:49+00:00 Denys Vlasenko vda.linux@googlemail.com 2019-10-19T16:33:49+00:00 c763392458304d68951d0b22e89e2422b9c2f8ef huft_build() has way too many params function old new delta inflate_block 1293 1281 -12 huft_build 1085 1058 -27 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 0/2 up/down: 0/-39) Total: -39 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> 
huft_build() has way too many params

function                                             old     new   delta
inflate_block                                       1293    1281     -12
huft_build                                          1085    1058     -27
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 0/2 up/down: 0/-39)             Total: -39 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
libbb: reduce the overhead of single parameter bb_error_msg() calls 2019-07-02T09:35:03+00:00 James Byrne james.byrne@origamienergy.com 2019-07-02T09:35:03+00:00 6937487be73cd4563b876413277a295a5fe2f32c Back in 2007, commit 0c97c9d43707 ("'simple' error message functions by Loic Grenie") introduced bb_simple_perror_msg() to allow for a lower overhead call to bb_perror_msg() when only a string was being printed with no parameters. This saves space for some CPU architectures because it avoids the overhead of a call to a variadic function. However there has never been a simple version of bb_error_msg(), and since 2007 many new calls to bb_perror_msg() have been added that only take a single parameter and so could have been using bb_simple_perror_message(). This changeset introduces 'simple' versions of bb_info_msg(), bb_error_msg(), bb_error_msg_and_die(), bb_herror_msg() and bb_herror_msg_and_die(), and replaces all calls that only take a single parameter, or use something like ("%s", arg), with calls to the corresponding 'simple' version. Since it is likely that single parameter calls to the variadic functions may be accidentally reintroduced in the future a new debugging config option WARN_SIMPLE_MSG has been introduced. This uses some macro magic which will cause any such calls to generate a warning, but this is turned off by default to avoid use of the unpleasant macros in normal circumstances. This is a large changeset due to the number of calls that have been replaced. The only files that contain changes other than simple substitution of function calls are libbb.h, libbb/herror_msg.c, libbb/verror_msg.c and libbb/xfuncs_printf.c. In miscutils/devfsd.c, networking/udhcp/common.h and util-linux/mdev.c additonal macros have been added for logging so that single parameter and multiple parameter logging variants exist. The amount of space saved varies considerably by architecture, and was found to be as follows (for 'defconfig' using GCC 7.4): Arm: -92 bytes MIPS: -52 bytes PPC: -1836 bytes x86_64: -938 bytes Note that for the MIPS architecture only an exception had to be made disabling the 'simple' calls for 'udhcp' (in networking/udhcp/common.h) because it made these files larger on MIPS. Signed-off-by: James Byrne <james.byrne@origamienergy.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> 
Back in 2007, commit 0c97c9d43707 ("'simple' error message functions by
Loic Grenie") introduced bb_simple_perror_msg() to allow for a lower
overhead call to bb_perror_msg() when only a string was being printed
with no parameters. This saves space for some CPU architectures because
it avoids the overhead of a call to a variadic function. However there
has never been a simple version of bb_error_msg(), and since 2007 many
new calls to bb_perror_msg() have been added that only take a single
parameter and so could have been using bb_simple_perror_message().

This changeset introduces 'simple' versions of bb_info_msg(),
bb_error_msg(), bb_error_msg_and_die(), bb_herror_msg() and
bb_herror_msg_and_die(), and replaces all calls that only take a
single parameter, or use something like ("%s", arg), with calls to the
corresponding 'simple' version.

Since it is likely that single parameter calls to the variadic functions
may be accidentally reintroduced in the future a new debugging config
option WARN_SIMPLE_MSG has been introduced. This uses some macro magic
which will cause any such calls to generate a warning, but this is
turned off by default to avoid use of the unpleasant macros in normal
circumstances.

This is a large changeset due to the number of calls that have been
replaced. The only files that contain changes other than simple
substitution of function calls are libbb.h, libbb/herror_msg.c,
libbb/verror_msg.c and libbb/xfuncs_printf.c. In miscutils/devfsd.c,
networking/udhcp/common.h and util-linux/mdev.c additonal macros have
been added for logging so that single parameter and multiple parameter
logging variants exist.

The amount of space saved varies considerably by architecture, and was
found to be as follows (for 'defconfig' using GCC 7.4):

Arm:     -92 bytes
MIPS:    -52 bytes
PPC:   -1836 bytes
x86_64: -938 bytes

Note that for the MIPS architecture only an exception had to be made
disabling the 'simple' calls for 'udhcp' (in networking/udhcp/common.h)
because it made these files larger on MIPS.

Signed-off-by: James Byrne <james.byrne@origamienergy.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
bzip2: fix two crashes on corrupted archives 2018-04-08T18:05:04+00:00 Denys Vlasenko vda.linux@googlemail.com 2018-04-08T18:02:01+00:00 38ccd6af8abbafff98d458a1c62909acfc09a514 As it turns out, longjmp'ing into freed stack is not healthy... function old new delta unpack_usage_messages - 97 +97 unpack_bz2_stream 369 409 +40 get_next_block 1667 1677 +10 get_bits 156 155 -1 start_bunzip 212 183 -29 bb_show_usage 181 120 -61 ------------------------------------------------------------------------------ (add/remove: 1/0 grow/shrink: 2/3 up/down: 147/-91) Total: 56 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> 
As it turns out, longjmp'ing into freed stack is not healthy...

function                                             old     new   delta
unpack_usage_messages                                  -      97     +97
unpack_bz2_stream                                    369     409     +40
get_next_block                                      1667    1677     +10
get_bits                                             156     155      -1
start_bunzip                                         212     183     -29
bb_show_usage                                        181     120     -61
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 2/3 up/down: 147/-91)            Total: 56 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
gunzip: fix from gzip-1.3.12 for gzip file with all zero length codes 2018-02-03T23:15:29+00:00 Denys Vlasenko vda.linux@googlemail.com 2018-02-03T23:15:29+00:00 2598915d43d7403e72d312ac426e585499e94173 Corresponding changelog from gzip-1.3.12 reads: """ 2006-12-20 Paul Eggert <eggert@cs.ucla.edu> * inflate.c (huft_build): Fix regression that caused gzip to refuse to uncompress null input (all zero length codes). Problem reported by Yiorgos Adamopoulos. This regression was caused by the security patch installed 2006-11-20, which in turn came from Debian, which in turn apparently came from Thomas Biege of SuSe. """ function old new delta huft_build 1176 1216 +40 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> 
Corresponding changelog from gzip-1.3.12 reads:

"""
2006-12-20  Paul Eggert  <eggert@cs.ucla.edu>
        * inflate.c (huft_build): Fix regression that caused gzip to
        refuse to uncompress null input (all zero length codes).  Problem
        reported by Yiorgos Adamopoulos.  This regression was caused by
        the security patch installed 2006-11-20, which in turn came from
        Debian, which in turn apparently came from Thomas Biege of SuSe.
"""

function                                             old     new   delta
huft_build                                          1176    1216     +40

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
libbb: commonalize a bit of little-endian CRC32 table generation code 2018-02-01T09:56:19+00:00 Denys Vlasenko vda.linux@googlemail.com 2018-02-01T09:56:19+00:00 ddacb03e875dd4c1a79421d030da9cdc4f081e6e function old new delta global_crc32_new_table_le - 11 +11 crc32_new_table_le - 9 +9 inflate_unzip_internal 560 556 -4 flash_eraseall_main 823 819 -4 unpack_xz_stream 2403 2394 -9 lzop_main 121 112 -9 gzip_main 187 178 -9 ------------------------------------------------------------------------------ (add/remove: 2/0 grow/shrink: 0/5 up/down: 20/-35) Total: -15 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> 
function                                             old     new   delta
global_crc32_new_table_le                              -      11     +11
crc32_new_table_le                                     -       9      +9
inflate_unzip_internal                               560     556      -4
flash_eraseall_main                                  823     819      -4
unpack_xz_stream                                    2403    2394      -9
lzop_main                                            121     112      -9
gzip_main                                            187     178      -9
------------------------------------------------------------------------------
(add/remove: 2/0 grow/shrink: 0/5 up/down: 20/-35)            Total: -15 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
whitespace and comment format fixes, no code changes 2017-10-05T12:40:24+00:00 Denys Vlasenko vda.linux@googlemail.com 2017-10-05T12:40:24+00:00 ebe6d9d8758d36e03cf39b6587597c67ab778436 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>