diff --git a/.gitignore b/.gitignore index d527b6f..7a50ccd 100644 --- a/.gitignore +++ b/.gitignore @@ -8,41 +8,3 @@ squashfs-4.1.tar.bz2 /squashfs4.3.tar.gz /unsquashfs.1 /mksquashfs.1 -/squashfs-tools-c570c6188811088b12ffdd9665487a2960c997a0.tar.gz -/4.4-git.1.tar.gz -/squashfs-tools-4.5.tar.gz -/4.5.tar.gz -/squashfs-tools-e0485802ec72996c20026da320650d8362f555bd.tar.gz -/squashfs-tools-5ae7238a0ae6fc420f55227d052ce9b1c66a9d0f.tar.gz -/squashfs-tools-d5a583e4edce3df9f0c3bca84bff4f1d5ad3d09c.tar.gz -/squashfs-tools-11c9591260599b7874841db6f69ae570708a4077.tar.gz -/squashfs-tools-8a9d02e0027c69e6f47d8c2ed995d8c755c9581b.tar.gz -/squashfs-tools-d61eb68d75b32977b6c5a8b2d2fe57cbef0d6b4a.tar.gz -/squashfs-tools-7f9203e31bae003d12c0fc81a4b32097d17b5618.tar.gz -/squashfs-tools-bd186a77fe670d635e65b021b3d05fc6e67f8d07.tar.gz -/squashfs-tools-9e46a75985f0b236797976e387e8bce717e7a2d5.tar.gz -/squashfs-tools-0425d3d2d87a7775864bc6d04a4c8c45b93fa9b2.tar.gz -/squashfs-tools-e7e96fe6ecd5c01aada20908188d9d0096ad0bd8.tar.gz -/squashfs-tools-a8f61e2a38992d4cd967303a61277123fcd66681.tar.gz -/squashfs-tools-de944c3e6fc8861d8a8844186983d1295415fdaf.tar.gz -/squashfs-tools-f491ad858bcacf32dab2b37b3b0b325aa0ea6668.tar.gz -/squashfs-tools-75951fb96de64e8062306359c87d987b527a42d0.tar.gz -/squashfs-tools-f3783bbec5b0f105c6571699d3fd38803a345b12.tar.gz -/squashfs-tools-bc0c097be93154997fe0576181e5c12d746a1420.tar.gz -/squashfs-tools-2dfbcdac38bc42af4b200a1a1e86d3154e079e04.tar.gz -/squashfs-tools-c883f3212cf5004c49121e0803f12d26d0db6a97.tar.gz -/squashfs-tools-263a14e4d1ec93fbd192289bc3aae0cac2485221.tar.gz -/squashfs-tools-2baf12e55af5a519e1285437343d3a606962a4b6.tar.gz -/squashfs-tools-580b4e122471c11dffb7dcf1e392a72c8dcb6512.tar.gz -/squashfs-tools-8b6ee895c763f0b8e2f394d83e93fc5a3e51942f.tar.gz -/squashfs-tools-2ac40ca6d23cad73fb5b5da0c915382eaa31378d.tar.gz -/squashfs-tools-de61d00ffd2689d122696d4fc39f584c72fb24cf.tar.gz -/squashfs-tools-76624e1e6be8e16ca08273eaadb82d7b38f3d5a5.tar.gz -/squashfs-tools-4.5.1.tar.gz -/squashfs-tools-7cf6cee6acfa61a423d63168ad198a3bfafacda8.tar.gz -/squashfs-tools-746a81c8ea15e0573cc6abca9dc52e265d43a049.tar.gz -/squashfs-tools-1eaad6d730604131f0da0c675e547cfe544ddcfa.tar.gz -/squashfs-tools-aaf011a868c786b06e74cbdaf860d45793939f35.tar.gz -/squashfs-tools-36abab0ad661247498834c2e7f5e1ec476f2081d.tar.gz -/squashfs-tools-squashfs-tools-4.6.tar.gz -/squashfs-tools-4.6.1.tar.gz diff --git a/0001-squashfs-tools-Add-zstd-support.patch b/0001-squashfs-tools-Add-zstd-support.patch new file mode 100644 index 0000000..d0ba23c --- /dev/null +++ b/0001-squashfs-tools-Add-zstd-support.patch @@ -0,0 +1,413 @@ +From 6113361316d5ce5bfdc118d188e5617a1fcd747c Mon Sep 17 00:00:00 2001 +From: Sean Purcell +Date: Mon, 14 Aug 2017 22:46:04 -0700 +Subject: [PATCH 1/4] squashfs-tools: Add zstd support + +This patch adds zstd support to squashfs-tools. It works with zstd +versions >= 1.0.0. It was originally written by Sean Purcell. + +Signed-off-by: Sean Purcell +Signed-off-by: Nick Terrell +--- + squashfs-tools/Makefile | 20 +++ + squashfs-tools/compressor.c | 8 ++ + squashfs-tools/squashfs_fs.h | 1 + + squashfs-tools/zstd_wrapper.c | 254 ++++++++++++++++++++++++++++++++++ + squashfs-tools/zstd_wrapper.h | 48 +++++++ + 5 files changed, 331 insertions(+) + create mode 100644 squashfs-tools/zstd_wrapper.c + create mode 100644 squashfs-tools/zstd_wrapper.h + +diff --git a/squashfs-tools/Makefile b/squashfs-tools/Makefile +index 52d2582..22fc559 100644 +--- a/squashfs-tools/Makefile ++++ b/squashfs-tools/Makefile +@@ -75,6 +75,18 @@ GZIP_SUPPORT = 1 + #LZMA_SUPPORT = 1 + #LZMA_DIR = ../../../../LZMA/lzma465 + ++ ++########### Building ZSTD support ############ ++# ++# The ZSTD library is supported ++# ZSTD homepage: http://zstd.net ++# ZSTD source repository: https://github.com/facebook/zstd ++# ++# To build using the ZSTD library - install the library and uncomment the ++# ZSTD_SUPPORT line below. ++# ++#ZSTD_SUPPORT = 1 ++ + ######## Specifying default compression ######## + # + # The next line specifies which compression algorithm is used by default +@@ -177,6 +189,14 @@ LIBS += -llz4 + COMPRESSORS += lz4 + endif + ++ifeq ($(ZSTD_SUPPORT),1) ++CFLAGS += -DZSTD_SUPPORT ++MKSQUASHFS_OBJS += zstd_wrapper.o ++UNSQUASHFS_OBJS += zstd_wrapper.o ++LIBS += -lzstd ++COMPRESSORS += zstd ++endif ++ + ifeq ($(XATTR_SUPPORT),1) + ifeq ($(XATTR_DEFAULT),1) + CFLAGS += -DXATTR_SUPPORT -DXATTR_DEFAULT +diff --git a/squashfs-tools/compressor.c b/squashfs-tools/compressor.c +index 525e316..02b5e90 100644 +--- a/squashfs-tools/compressor.c ++++ b/squashfs-tools/compressor.c +@@ -65,6 +65,13 @@ static struct compressor xz_comp_ops = { + extern struct compressor xz_comp_ops; + #endif + ++#ifndef ZSTD_SUPPORT ++static struct compressor zstd_comp_ops = { ++ ZSTD_COMPRESSION, "zstd" ++}; ++#else ++extern struct compressor zstd_comp_ops; ++#endif + + static struct compressor unknown_comp_ops = { + 0, "unknown" +@@ -77,6 +84,7 @@ struct compressor *compressor[] = { + &lzo_comp_ops, + &lz4_comp_ops, + &xz_comp_ops, ++ &zstd_comp_ops, + &unknown_comp_ops + }; + +diff --git a/squashfs-tools/squashfs_fs.h b/squashfs-tools/squashfs_fs.h +index 791fe12..afca918 100644 +--- a/squashfs-tools/squashfs_fs.h ++++ b/squashfs-tools/squashfs_fs.h +@@ -277,6 +277,7 @@ typedef long long squashfs_inode; + #define LZO_COMPRESSION 3 + #define XZ_COMPRESSION 4 + #define LZ4_COMPRESSION 5 ++#define ZSTD_COMPRESSION 6 + + struct squashfs_super_block { + unsigned int s_magic; +diff --git a/squashfs-tools/zstd_wrapper.c b/squashfs-tools/zstd_wrapper.c +new file mode 100644 +index 0000000..dcab75a +--- /dev/null ++++ b/squashfs-tools/zstd_wrapper.c +@@ -0,0 +1,254 @@ ++/* ++ * Copyright (c) 2017 ++ * Phillip Lougher ++ * ++ * This program is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU General Public License ++ * as published by the Free Software Foundation; either version 2, ++ * or (at your option) any later version. ++ * ++ * This program is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ * GNU General Public License for more details. ++ * ++ * zstd_wrapper.c ++ * ++ * Support for ZSTD compression http://zstd.net ++ */ ++ ++#include ++#include ++#include ++#include ++#include ++ ++#include "squashfs_fs.h" ++#include "zstd_wrapper.h" ++#include "compressor.h" ++ ++static int compression_level = ZSTD_DEFAULT_COMPRESSION_LEVEL; ++ ++/* ++ * This function is called by the options parsing code in mksquashfs.c ++ * to parse any -X compressor option. ++ * ++ * This function returns: ++ * >=0 (number of additional args parsed) on success ++ * -1 if the option was unrecognised, or ++ * -2 if the option was recognised, but otherwise bad in ++ * some way (e.g. invalid parameter) ++ * ++ * Note: this function sets internal compressor state, but does not ++ * pass back the results of the parsing other than success/failure. ++ * The zstd_dump_options() function is called later to get the options in ++ * a format suitable for writing to the filesystem. ++ */ ++static int zstd_options(char *argv[], int argc) ++{ ++ if (strcmp(argv[0], "-Xcompression-level") == 0) { ++ if (argc < 2) { ++ fprintf(stderr, "zstd: -Xcompression-level missing " ++ "compression level\n"); ++ fprintf(stderr, "zstd: -Xcompression-level it should " ++ "be 1 <= n <= %d\n", ZSTD_maxCLevel()); ++ goto failed; ++ } ++ ++ compression_level = atoi(argv[1]); ++ if (compression_level < 1 || ++ compression_level > ZSTD_maxCLevel()) { ++ fprintf(stderr, "zstd: -Xcompression-level invalid, it " ++ "should be 1 <= n <= %d\n", ZSTD_maxCLevel()); ++ goto failed; ++ } ++ ++ return 1; ++ } ++ ++ return -1; ++failed: ++ return -2; ++} ++ ++/* ++ * This function is called by mksquashfs to dump the parsed ++ * compressor options in a format suitable for writing to the ++ * compressor options field in the filesystem (stored immediately ++ * after the superblock). ++ * ++ * This function returns a pointer to the compression options structure ++ * to be stored (and the size), or NULL if there are no compression ++ * options. ++ */ ++static void *zstd_dump_options(int block_size, int *size) ++{ ++ static struct zstd_comp_opts comp_opts; ++ ++ /* don't return anything if the options are all default */ ++ if (compression_level == ZSTD_DEFAULT_COMPRESSION_LEVEL) ++ return NULL; ++ ++ comp_opts.compression_level = compression_level; ++ ++ SQUASHFS_INSWAP_COMP_OPTS(&comp_opts); ++ ++ *size = sizeof(comp_opts); ++ return &comp_opts; ++} ++ ++/* ++ * This function is a helper specifically for the append mode of ++ * mksquashfs. Its purpose is to set the internal compressor state ++ * to the stored compressor options in the passed compressor options ++ * structure. ++ * ++ * In effect this function sets up the compressor options ++ * to the same state they were when the filesystem was originally ++ * generated, this is to ensure on appending, the compressor uses ++ * the same compression options that were used to generate the ++ * original filesystem. ++ * ++ * Note, even if there are no compressor options, this function is still ++ * called with an empty compressor structure (size == 0), to explicitly ++ * set the default options, this is to ensure any user supplied ++ * -X options on the appending mksquashfs command line are over-ridden. ++ * ++ * This function returns 0 on sucessful extraction of options, and -1 on error. ++ */ ++static int zstd_extract_options(int block_size, void *buffer, int size) ++{ ++ struct zstd_comp_opts *comp_opts = buffer; ++ ++ if (size == 0) { ++ /* Set default values */ ++ compression_level = ZSTD_DEFAULT_COMPRESSION_LEVEL; ++ return 0; ++ } ++ ++ /* we expect a comp_opts structure of sufficient size to be present */ ++ if (size < sizeof(*comp_opts)) ++ goto failed; ++ ++ SQUASHFS_INSWAP_COMP_OPTS(comp_opts); ++ ++ if (comp_opts->compression_level < 1 || ++ comp_opts->compression_level > ZSTD_maxCLevel()) { ++ fprintf(stderr, "zstd: bad compression level in compression " ++ "options structure\n"); ++ goto failed; ++ } ++ ++ compression_level = comp_opts->compression_level; ++ ++ return 0; ++ ++failed: ++ fprintf(stderr, "zstd: error reading stored compressor options from " ++ "filesystem!\n"); ++ ++ return -1; ++} ++ ++static void zstd_display_options(void *buffer, int size) ++{ ++ struct zstd_comp_opts *comp_opts = buffer; ++ ++ /* we expect a comp_opts structure of sufficient size to be present */ ++ if (size < sizeof(*comp_opts)) ++ goto failed; ++ ++ SQUASHFS_INSWAP_COMP_OPTS(comp_opts); ++ ++ if (comp_opts->compression_level < 1 || ++ comp_opts->compression_level > ZSTD_maxCLevel()) { ++ fprintf(stderr, "zstd: bad compression level in compression " ++ "options structure\n"); ++ goto failed; ++ } ++ ++ printf("\tcompression-level %d\n", comp_opts->compression_level); ++ ++ return; ++ ++failed: ++ fprintf(stderr, "zstd: error reading stored compressor options from " ++ "filesystem!\n"); ++} ++ ++/* ++ * This function is called by mksquashfs to initialise the ++ * compressor, before compress() is called. ++ * ++ * This function returns 0 on success, and -1 on error. ++ */ ++static int zstd_init(void **strm, int block_size, int datablock) ++{ ++ ZSTD_CCtx *cctx = ZSTD_createCCtx(); ++ ++ if (!cctx) { ++ fprintf(stderr, "zstd: failed to allocate compression " ++ "context!\n"); ++ return -1; ++ } ++ ++ *strm = cctx; ++ return 0; ++} ++ ++static int zstd_compress(void *strm, void *dest, void *src, int size, ++ int block_size, int *error) ++{ ++ const size_t res = ZSTD_compressCCtx((ZSTD_CCtx*)strm, dest, block_size, ++ src, size, compression_level); ++ ++ if (ZSTD_isError(res)) { ++ /* FIXME: ++ * zstd does not expose stable error codes. The error enum may ++ * change between versions. Until upstream zstd stablizes the ++ * error codes, we have no way of knowing why the error occurs. ++ * zstd shouldn't fail to compress any input unless there isn't ++ * enough output space. We assume that is the cause and return ++ * the special error code for not enough output space. ++ */ ++ return 0; ++ } ++ ++ return (int)res; ++} ++ ++static int zstd_uncompress(void *dest, void *src, int size, int outsize, ++ int *error) ++{ ++ const size_t res = ZSTD_decompress(dest, outsize, src, size); ++ ++ if (ZSTD_isError(res)) { ++ fprintf(stderr, "\t%d %d\n", outsize, size); ++ ++ *error = (int)ZSTD_getErrorCode(res); ++ return -1; ++ } ++ ++ return (int)res; ++} ++ ++static void zstd_usage(void) ++{ ++ fprintf(stderr, "\t -Xcompression-level \n"); ++ fprintf(stderr, "\t\t should be 1 .. %d (default " ++ "%d)\n", ZSTD_maxCLevel(), ZSTD_DEFAULT_COMPRESSION_LEVEL); ++} ++ ++struct compressor zstd_comp_ops = { ++ .init = zstd_init, ++ .compress = zstd_compress, ++ .uncompress = zstd_uncompress, ++ .options = zstd_options, ++ .dump_options = zstd_dump_options, ++ .extract_options = zstd_extract_options, ++ .display_options = zstd_display_options, ++ .usage = zstd_usage, ++ .id = ZSTD_COMPRESSION, ++ .name = "zstd", ++ .supported = 1 ++}; +diff --git a/squashfs-tools/zstd_wrapper.h b/squashfs-tools/zstd_wrapper.h +new file mode 100644 +index 0000000..4fbef0a +--- /dev/null ++++ b/squashfs-tools/zstd_wrapper.h +@@ -0,0 +1,48 @@ ++#ifndef ZSTD_WRAPPER_H ++#define ZSTD_WRAPPER_H ++/* ++ * Squashfs ++ * ++ * Copyright (c) 2017 ++ * Phillip Lougher ++ * ++ * This program is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU General Public License ++ * as published by the Free Software Foundation; either version 2, ++ * or (at your option) any later version. ++ * ++ * This program is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ * GNU General Public License for more details. ++ * ++ * zstd_wrapper.h ++ * ++ */ ++ ++#ifndef linux ++#define __BYTE_ORDER BYTE_ORDER ++#define __BIG_ENDIAN BIG_ENDIAN ++#define __LITTLE_ENDIAN LITTLE_ENDIAN ++#else ++#include ++#endif ++ ++#if __BYTE_ORDER == __BIG_ENDIAN ++extern unsigned int inswap_le16(unsigned short); ++extern unsigned int inswap_le32(unsigned int); ++ ++#define SQUASHFS_INSWAP_COMP_OPTS(s) { \ ++ (s)->compression_level = inswap_le32((s)->compression_level); \ ++} ++#else ++#define SQUASHFS_INSWAP_COMP_OPTS(s) ++#endif ++ ++/* Default compression */ ++#define ZSTD_DEFAULT_COMPRESSION_LEVEL 15 ++ ++struct zstd_comp_opts { ++ int compression_level; ++}; ++#endif +-- +2.19.1 + diff --git a/0001-xattrs-fix-out-of-bounds-access-again.patch b/0001-xattrs-fix-out-of-bounds-access-again.patch deleted file mode 100644 index 471a632..0000000 --- a/0001-xattrs-fix-out-of-bounds-access-again.patch +++ /dev/null @@ -1,33 +0,0 @@ -From 5b2b9acd762e859822c99c5262d0bcbccff619de Mon Sep 17 00:00:00 2001 -From: Adam Williamson -Date: Wed, 15 Mar 2023 12:35:38 -0700 -Subject: [PATCH] xattrs: fix out of bounds access (again) - -This restores the fix from c5db34e , which was somehow lost in -83b2f3a . `j` is not available after the loop is done, we need -to use i. We use `i - 1` because, of course, list indexes start -at 0. - -Fixes https://github.com/plougher/squashfs-tools/issues/230 - -Signed-off-by: Adam Williamson ---- - squashfs-tools/xattr.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/squashfs-tools/xattr.c b/squashfs-tools/xattr.c -index d48d950..32343f5 100644 ---- a/squashfs-tools/xattr.c -+++ b/squashfs-tools/xattr.c -@@ -838,7 +838,7 @@ int read_xattrs(void *d, int type) - for(j = 1; j < i; j++) - xattr_list[j - 1].vnext = &xattr_list[j]; - -- xattr_list[j].vnext = NULL; -+ xattr_list[i - 1].vnext = NULL; - head = xattr_list; - - sort_xattr_list(&head, i); --- -2.39.2 - diff --git a/2gb.patch b/2gb.patch new file mode 100644 index 0000000..33e9108 --- /dev/null +++ b/2gb.patch @@ -0,0 +1,11 @@ +--- squashfs-tools/mksquashfs.c.orig 2014-09-13 11:08:27.352318167 -0500 ++++ squashfs-tools/mksquashfs.c 2014-09-13 11:09:36.701132044 -0500 +@@ -2055,7 +2055,7 @@ + + inline int is_fragment(struct inode_info *inode) + { +- int file_size = inode->buf.st_size; ++ off_t file_size = inode->buf.st_size; + + /* + * If this block is to be compressed differently to the diff --git a/PAE.patch b/PAE.patch new file mode 100644 index 0000000..d2f29fb --- /dev/null +++ b/PAE.patch @@ -0,0 +1,159 @@ +From 55f7ba830d40d438f0b0663a505e0c227fc68b6b Mon Sep 17 00:00:00 2001 +From: Phillip Lougher +Date: Tue, 10 Jun 2014 21:51:52 +0100 +Subject: mksquashfs: fix phys mem calculation for 32-bit processes on + PAE/64-bit kernels + +When adding the code to base default memory usage on physical memory +(by default use 25% of physical memory), I made an oversight. I assumed +the process would be able to address 25% of physical memory. + +However, for 32-bit processes running on a PAE kernel or 64-bit kernel, +25% of physical memory can easily exceed the addressible memory for a +32-bit process, e.g. if a machine has 24 GB of physical memory, the +code would asume the process could easily use 6 GB. + +A 32-bit process by definition can only address 4 GB (32-bit pointers). +But, due to the typical kernel/user-space split (1GB/3GB, or 2GB/2GB) +on PAE kernels, a 32-bit process may only be able to address 2 GB. + +So, if Mksquashfs is a 32-bit application running on a PAE/64-bit kernel, +the code assumes it can address much more memory than it really can, which +means it runs out of memory. + +The fix is to impose a maximum default limit on 32-bit kernels, or +otherwise to never use a value more than 25% of the address space. If +we assume the maximum address space is 2 GB, then the maximum becomes +512 MB. But, given most kernels used the 1GB/3GB split, that may be +unduely conservative, and 25% of 3 GB (756 MB) may be better. This +patch compromises on 640 MB, which is mid-way between the 512 MB and 756 MB +values. It is also the fixed default value previously used by Mksquashfs. + +This patch also alters the code which imposes a maximum size. Previously +it was believed limiting to the physical memory size was adequate. But +obviously this needs to be updated to take into account a 32-bit process +may only be able to address 2 GB. In the process I've also taken the +opportunity to limit all requests to no more than 75% of physical memory. + +Signed-off-by: Phillip Lougher + +diff --git a/squashfs-tools/mksquashfs.c b/squashfs-tools/mksquashfs.c +index 86f82bb..5370ecf 100644 +--- a/squashfs-tools/mksquashfs.c ++++ b/squashfs-tools/mksquashfs.c +@@ -304,7 +304,7 @@ void restorefs(); + struct dir_info *scan1_opendir(char *pathname, char *subpath, int depth); + void write_filesystem_tables(struct squashfs_super_block *sBlk, int nopad); + unsigned short get_checksum_mem(char *buff, int bytes); +-int get_physical_memory(); ++void check_usable_phys_mem(int total_mem); + + + void prep_exit() +@@ -4053,11 +4053,7 @@ void initialise_threads(int readq, int fragq, int bwriteq, int fwriteq, + BAD_ERROR("Queue sizes rediculously too large\n"); + total_mem += fwriteq; + +- if(total_mem > get_physical_memory()) { +- ERROR("Total queue sizes larger than physical memory.\n"); +- ERROR("Mksquashfs will exhaust physical memory and thrash.\n"); +- BAD_ERROR("Queues too large\n"); +- } ++ check_usable_phys_mem(total_mem); + + /* + * convert from queue size in Mbytes to queue size in +@@ -4879,6 +4875,72 @@ int get_physical_memory() + } + + ++void check_usable_phys_mem(int total_mem) ++{ ++ /* ++ * We want to allow users to use as much of their physical ++ * memory as they wish. However, for practical reasons there are ++ * limits which need to be imposed, to protect users from themselves ++ * and to prevent people from using Mksquashfs as a DOS attack by using ++ * all physical memory. Mksquashfs uses memory to cache data from disk ++ * to optimise performance. It is pointless to ask it to use more ++ * than 75% of physical memory, as this causes thrashing and it is thus ++ * self-defeating. ++ */ ++ int mem = get_physical_memory(); ++ ++ mem = (mem >> 1) + (mem >> 2); /* 75% */ ++ ++ if(total_mem > mem) { ++ ERROR("Total memory requested is more than 75%% of physical " ++ "memory.\n"); ++ ERROR("Mksquashfs uses memory to cache data from disk to " ++ "optimise performance.\n"); ++ ERROR("It is pointless to ask it to use more than this amount " ++ "of memory, as this\n"); ++ ERROR("causes thrashing and it is thus self-defeating.\n"); ++ BAD_ERROR("Requested memory size too large\n"); ++ } ++ ++ if(sizeof(void *) == 4 && total_mem > 2048) { ++ /* ++ * If we're running on a kernel with PAE or on a 64-bit kernel, ++ * then the 75% physical memory limit can still easily exceed ++ * the addressable memory by this process. ++ * ++ * Due to the typical kernel/user-space split (1GB/3GB, or ++ * 2GB/2GB), we have to conservatively assume the 32-bit ++ * processes can only address 2-3GB. So refuse if the user ++ * tries to allocate more than 2GB. ++ */ ++ ERROR("Total memory requested may exceed maximum " ++ "addressable memory by this process\n"); ++ BAD_ERROR("Requested memory size too large\n"); ++ } ++} ++ ++ ++int get_default_phys_mem() ++{ ++ int mem = get_physical_memory() / SQUASHFS_TAKE; ++ ++ if(sizeof(void *) == 4 && mem > 640) { ++ /* ++ * If we're running on a kernel with PAE or on a 64-bit kernel, ++ * the default memory usage can exceed the addressable ++ * memory by this process. ++ * Due to the typical kernel/user-space split (1GB/3GB, or ++ * 2GB/2GB), we have to conservatively assume the 32-bit ++ * processes can only address 2-3GB. So limit the default ++ * usage to 640M, which gives room for other data. ++ */ ++ mem = 640; ++ } ++ ++ return mem; ++} ++ ++ + void calculate_queue_sizes(int mem, int *readq, int *fragq, int *bwriteq, + int *fwriteq) + { +@@ -4890,7 +4952,7 @@ void calculate_queue_sizes(int mem, int *readq, int *fragq, int *bwriteq, + + + #define VERSION() \ +- printf("mksquashfs version 4.3 (2014/05/12)\n");\ ++ printf("mksquashfs version 4.3-git (2014/06/09)\n");\ + printf("copyright (C) 2014 Phillip Lougher "\ + "\n\n"); \ + printf("This program is free software; you can redistribute it and/or"\ +@@ -4918,7 +4980,7 @@ int main(int argc, char *argv[]) + int fragq; + int bwriteq; + int fwriteq; +- int total_mem = get_physical_memory() / SQUASHFS_TAKE; ++ int total_mem = get_default_phys_mem(); + int progress = TRUE; + int force_progress = FALSE; + struct file_buffer **fragment = NULL; +-- +cgit v0.10.1 + diff --git a/cve-2015-4645.patch b/cve-2015-4645.patch new file mode 100644 index 0000000..f69025f --- /dev/null +++ b/cve-2015-4645.patch @@ -0,0 +1,29 @@ +diff --git a/squashfs-tools/unsquash-4.c b/squashfs-tools/unsquash-4.c +index ecdaac796f09..2c0cf63daf67 100644 +--- a/squashfs-tools/unsquash-4.c ++++ b/squashfs-tools/unsquash-4.c +@@ -31,9 +31,9 @@ static unsigned int *id_table; + int read_fragment_table_4(long long *directory_table_end) + { + int res, i; +- int bytes = SQUASHFS_FRAGMENT_BYTES(sBlk.s.fragments); +- int indexes = SQUASHFS_FRAGMENT_INDEXES(sBlk.s.fragments); +- long long fragment_table_index[indexes]; ++ size_t bytes = SQUASHFS_FRAGMENT_BYTES(sBlk.s.fragments); ++ size_t indexes = SQUASHFS_FRAGMENT_INDEXES(sBlk.s.fragments); ++ long long *fragment_table_index; + + TRACE("read_fragment_table: %d fragments, reading %d fragment indexes " + "from 0x%llx\n", sBlk.s.fragments, indexes, +@@ -44,6 +44,11 @@ int read_fragment_table_4(long long *directory_table_end) + return TRUE; + } + ++ fragment_table_index = malloc(indexes*sizeof(long long)); ++ if(fragment_table_index == NULL) ++ EXIT_UNSQUASH("read_fragment_table: failed to allocate " ++ "fragment table index\n"); ++ + fragment_table = malloc(bytes); + if(fragment_table == NULL) + EXIT_UNSQUASH("read_fragment_table: failed to allocate " diff --git a/glibc.patch b/glibc.patch new file mode 100644 index 0000000..87c63b1 --- /dev/null +++ b/glibc.patch @@ -0,0 +1,20 @@ +--- squashfs-tools/mksquashfs.c.orig 2019-05-21 01:50:02.197183719 -0500 ++++ squashfs-tools/mksquashfs.c 2019-05-21 01:51:05.818179903 -0500 +@@ -50,6 +50,7 @@ + #include + #include + #include ++#include + + #ifndef linux + #define __BYTE_ORDER BYTE_ORDER +--- squashfs-tools/unsquashfs.c.orig 2019-05-21 01:57:45.984155904 -0500 ++++ squashfs-tools/unsquashfs.c 2019-05-21 01:58:39.837152674 -0500 +@@ -37,6 +37,7 @@ + #include + #include + #include ++#include + + struct cache *fragment_cache, *data_cache; + struct queue *to_reader, *to_inflate, *to_writer, *from_writer; diff --git a/local-cve-fix.patch b/local-cve-fix.patch new file mode 100644 index 0000000..6dce1b2 --- /dev/null +++ b/local-cve-fix.patch @@ -0,0 +1,11 @@ +--- squashfs-tools/unsquash-4.c.orig 2015-06-24 14:23:22.270710744 -0500 ++++ squashfs-tools/unsquash-4.c 2015-06-24 14:24:13.671243487 -0500 +@@ -35,7 +35,7 @@ + size_t indexes = SQUASHFS_FRAGMENT_INDEXES(sBlk.s.fragments); + long long *fragment_table_index; + +- TRACE("read_fragment_table: %d fragments, reading %d fragment indexes " ++ TRACE("read_fragment_table: %u fragments, reading %zu fragment indexes " + "from 0x%llx\n", sBlk.s.fragments, indexes, + sBlk.s.fragment_table_start); + diff --git a/mem-overflow.patch b/mem-overflow.patch new file mode 100644 index 0000000..1450fe9 --- /dev/null +++ b/mem-overflow.patch @@ -0,0 +1,33 @@ +From 604b607d8ac91eb8afc0b6e3d917d5c073096103 Mon Sep 17 00:00:00 2001 +From: Phillip Lougher +Date: Wed, 11 Jun 2014 04:51:37 +0100 +Subject: mksquashfs: ensure value does not overflow a signed int in -mem + option + +Signed-off-by: Phillip Lougher + +diff --git a/squashfs-tools/mksquashfs.c b/squashfs-tools/mksquashfs.c +index 5370ecf..9676dc8 100644 +--- a/squashfs-tools/mksquashfs.c ++++ b/squashfs-tools/mksquashfs.c +@@ -5193,7 +5193,16 @@ print_compressor_options: + argv[0]); + exit(1); + } +- /* convert from bytes to Mbytes */ ++ ++ /* ++ * convert from bytes to Mbytes, ensuring the value ++ * does not overflow a signed int ++ */ ++ if(number >= (1LL << 51)) { ++ ERROR("%s: -mem invalid mem size\n", argv[0]); ++ exit(1); ++ } ++ + total_mem = number / 1048576; + if(total_mem < (SQUASHFS_LOWMEM / SQUASHFS_TAKE)) { + ERROR("%s: -mem should be %d Mbytes or " +-- +cgit v0.10.1 + diff --git a/sources b/sources index 6f632b5..de325af 100644 --- a/sources +++ b/sources @@ -1 +1,3 @@ -SHA512 (squashfs-tools-4.6.1.tar.gz) = 10e8a4b1e2327e062aef4f85860e76ebcd7a29e4c19e152ff7edec4a38316982b5bcfde4ab69da6bcb931258d264c2b6cb40cb5f635f9e6f6eba1ed5976267cb +SHA512 (squashfs4.3.tar.gz) = 854ed7acc99920f24ecf11e0da807e5a2a162eeda55db971aba63a03f0da2c13b20ec0564a906c4b0e415bd8258b273a10208c7abc0704f2ceea773aa6148a79 +SHA512 (mksquashfs.1) = 2859790d906263b09502ba062b1c41cfc5f9fd7bdff743021c30b649ed1fe8ff047cdf49b79776fcebac9a750fea58f9348b2f14de8c532175aeaeef3b54b217 +SHA512 (unsquashfs.1) = 6e1be535d370fb39b2a0e47c98052727bab94ae4f306bb3eb8f7dd07fb84bf985e82ba66bb2030e08261473cffc34d1c1973b27e77cb7127d588e24297f2f0a3 diff --git a/squashfs-tools.spec b/squashfs-tools.spec index 4e93a7b..ddcf09b 100644 --- a/squashfs-tools.spec +++ b/squashfs-tools.spec @@ -1,262 +1,78 @@ -Name: squashfs-tools -Version: 4.6.1 Summary: Utility for the creation of squashfs filesystems -%global forgeurl https://github.com/plougher/%{name} -%global tag %{version} -%forgemeta -URL: %{forgeurl} -Source: %{forgesource} -# https://github.com/plougher/squashfs-tools/pull/231 -# https://github.com/plougher/squashfs-tools/issues/230 -# https://bugzilla.redhat.com/show_bug.cgi?id=2178510 -# Fix a crash caused by an out-of-bounds access that was inadvertently -# re-introduced in a memory leak fix -Release: 7%{dist} -License: GPL-2.0-or-later +Name: squashfs-tools +Version: 4.3 +Release: 21%{?dist} +License: GPLv2+ +URL: http://squashfs.sourceforge.net/ +Source0: http://downloads.sourceforge.net/squashfs/squashfs%{version}.tar.gz +# manpages from http://ftp.debian.org/debian/pool/main/s/squashfs-tools/squashfs-tools_4.2+20121212-1.debian.tar.xz +# The man pages have been modified for 4.3 for Fedora. +Source1: mksquashfs.1 +Source2: unsquashfs.1 +# From master branch (55f7ba830d40d438f0b0663a505e0c227fc68b6b). +# 32 bit process can use too much memory when using PAE or 64 bit kernels +Patch0: PAE.patch +# From master branch (604b607d8ac91eb8afc0b6e3d917d5c073096103). +# Prevent overflows when using the -mem option. +Patch1: mem-overflow.patch +# From squashfs-devel@lists.sourceforge.net by Guan Xin +# For https://bugzilla.redhat.com/show_bug.cgi?id=1141206 +Patch2: 2gb.patch +# From https://github.com/gcanalesb/sasquatch/commit/6777e08cc38bc780d27c69c1d8c272867b74524f +# Which is forked from Phillip's squashfs-tools, though it looks like +# the issue applies to us. +Patch3: cve-2015-4645.patch +# Update formats to match changes in cve-2015-4645.patch +Patch4: local-cve-fix.patch +# sys/sysmacros.h is no longer included by sys/types.h +Patch5: glibc.patch +# zstd compression support from https://github.com/plougher/squashfs-tools +Patch6: 0001-squashfs-tools-Add-zstd-support.patch -BuildRequires: make -BuildRequires: gcc +BuildRequires: gcc BuildRequires: zlib-devel BuildRequires: xz-devel BuildRequires: lzo-devel BuildRequires: libattr-devel BuildRequires: lz4-devel BuildRequires: libzstd-devel -BuildRequires: help2man %description Squashfs is a highly compressed read-only filesystem for Linux. This package contains the utilities for manipulating squashfs filesystems. %prep -%forgesetup +%setup -q -n squashfs%{version} +%patch0 -p1 +%patch1 -p1 +%patch2 -p0 +%patch3 -p1 +%patch4 -p0 +%patch5 -p0 +%patch6 -p1 %build %set_build_flags pushd squashfs-tools -CFLAGS="%optflags" XZ_SUPPORT=1 LZO_SUPPORT=1 LZMA_XZ_SUPPORT=1 LZ4_SUPPORT=1 ZSTD_SUPPORT=1 make %{?_smp_mflags} +CFLAGS="%{optflags}" XZ_SUPPORT=1 LZO_SUPPORT=1 LZMA_XZ_SUPPORT=1 LZ4_SUPPORT=1 ZSTD_SUPPORT=1 make %{?_smp_mflags} %install -pushd squashfs-tools -make INSTALL_PREFIX=%{buildroot}/usr INSTALL_DIR=%{buildroot}%{_sbindir} INSTALL_MANPAGES_DIR=%{buildroot}%{_mandir}/man1 install +mkdir -p %{buildroot}%{_sbindir} %{buildroot}%{_mandir}/man1 +install -m 755 squashfs-tools/mksquashfs %{buildroot}%{_sbindir}/mksquashfs +install -m 755 squashfs-tools/unsquashfs %{buildroot}%{_sbindir}/unsquashfs +install -m 644 %{SOURCE1} %{buildroot}%{_mandir}/man1/mksquashfs.1 +install -m 644 %{SOURCE2} %{buildroot}%{_mandir}/man1/unsquashfs.1 %files -%doc ACKNOWLEDGEMENTS README* CHANGES COPYING USAGE* ACTIONS-README +%doc README ACKNOWLEDGEMENTS DONATIONS PERFORMANCE.README README-4.3 CHANGES pseudo-file.example COPYING -%{_mandir}/man1/mksquashfs.1.gz -%{_mandir}/man1/unsquashfs.1.gz -%{_mandir}/man1/sqfstar.1.gz -%{_mandir}/man1/sqfscat.1.gz +%doc README +%{_mandir}/man1/* %{_sbindir}/mksquashfs %{_sbindir}/unsquashfs -%{_sbindir}/sqfstar -%{_sbindir}/sqfscat %changelog -* Fri Jul 25 2025 Fedora Release Engineering - 4.6.1-7 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild - -* Sun Jan 19 2025 Fedora Release Engineering - 4.6.1-6 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild - -* Sat Jul 20 2024 Fedora Release Engineering - 4.6.1-5 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild - -* Sat Jan 27 2024 Fedora Release Engineering - 4.6.1-4 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild - -* Mon Oct 16 2023 Pavel Reichl - 4.6.1-3 -- Convert License tag to SPDX format - -* Sat Jul 22 2023 Fedora Release Engineering - 4.6.1-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild - -* Wed Mar 29 2023 Bruno Wolff III - 4.6.1-1 -- Phillip is now doing two tags per release and we can -- use the one that works better with forgemeta -- There are a few fixes after the 4.6 release. I think only -- one applies to Fedora because of the build options we use. -- It was not something that affects image builds. - -* Fri Mar 17 2023 Bruno Wolff III - 4.6-2 -- Remove the dist prefix from the release - -* Fri Mar 17 2023 Bruno Wolff III - 4.6-1 -- 4.6 release -- PR #231 was merged -- See https://github.com/plougher/squashfs-tools/blob/master/CHANGES - -* Wed Mar 15 2023 Adam Williamson - 4.6-0.7.20230314git36abab0 -- Backport PR #231 to fix a crash (#2178510) - -* Tue Mar 14 2023 Bruno Wolff III - 4.6-0.6^20230314git36abab0 -- A few minor memory leaks were fixed - -* Sun Mar 12 2023 Bruno Wolff III - 4.6-0.5^20230312gitaaf011a -- Doc updates -- Probably the last version before the official release (tentatively tomorrow) - -* Mon Mar 06 2023 Bruno Wolff III - 4.6-0.4^20230306git1eaad6d -- Doc updates and unanchored search improvemebts - -* Tue Feb 28 2023 Bruno Wolff III - 4.6-0.3^20230228git746a81c -- Doc updates and minor bug fix - -* Thu Feb 23 2023 Bruno Wolff III - 4.6-0.2^20230323git7cf6cee -- Remove the -i and -v forgemeta flags to get rid of the extra noise - -* Thu Feb 23 2023 Bruno Wolff III - 4.6-0.1^20230323git7cf6cee -- Prerelease snapshot of 4.6 - -* Sat Jan 21 2023 Fedora Release Engineering - Packaging variables read or set by %forgemeta -- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild - -* Sat Jul 23 2022 Fedora Release Engineering - Packaging variables read or set by %forgemeta -- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild - -* Sat Mar 19 2022 Bruno Wolff III - 4.5-1 -- 4.5.1 release -- Up to date man pages -- Lots of little fixes - -* Fri Mar 11 2022 Bruno Wolff III - 4.5-27.20220311git76624e1 -- Continue testing upstream patches prior to 4.5.1 release. -- Minor fixes - -* Thu Mar 10 2022 Bruno Wolff III - 4.5-26.20220310gitde61d0a -- Continue testing upstream patches prior to 4.5.1 release. -- Minor fixes -- Doc updates - -* Tue Mar 08 2022 Bruno Wolff III - 4.5-25.20220308git2ac40ca -- Upstream fix for unsquashfs breakage from recent commit - -* Tue Mar 08 2022 Bruno Wolff III - 4.5-24.20220308git8b6ee89 -- Continue testing upstream patches prior to 4.5.1 release. -- Minor fixes -- Man page tweaks -- Tentative 4.5.1 change log - -* Mon Mar 07 2022 Bruno Wolff III - 4.5-23.20220307git580b4e1 -- Continue testing upstream patches prior to 4.5.1 release. -- Minor fixes - -* Fri Mar 04 2022 Bruno Wolff III - 4.5-22.20220304git2baf12e -- Continue testing upstream patches prior to 4.5.1 release. -- Minor fixes - -* Mon Feb 28 2022 Bruno Wolff III - 4.5-21.20220228git263a14e -- Continue testing upstream patches prior to 4.5.1 release. -- Man page improvement - -* Fri Feb 25 2022 Bruno Wolff III - 4.5-20.20220225gitc883f32 -- Continue testing upstream patches prior to 4.5.1 release. -- Man page improvement - -* Wed Feb 23 2022 Bruno Wolff III - 4.5-19.20220223git2dfbcda -- Continue testing upstream patches prior to 4.5.1 release. -- Man page improvement - -* Mon Feb 21 2022 Bruno Wolff III - 4.5-18.20220221gitbc0c097 -- Continue testing upstream patches prior to 4.5.1 release. -- Some minor fixes. - -* Fri Feb 18 2022 Bruno Wolff III - 4.5-17.20220218gitf3783bb -- Continue testing upstream patches prior to 4.5.1 release. -- Some minor fixes. - -* Thu Feb 17 2022 Bruno Wolff III - 4.5-16.20220217git75951fb -- Continue testing upstream patches prior to 4.5.1 release. -- Some minor fixes. - -* Tue Feb 15 2022 Bruno Wolff III - 4.5-15.20220215gitf491ad8 -- Continue testing upstream patches prior to 4.5.1 release. -- Some minor fixes. - -* Mon Feb 14 2022 Bruno Wolff III - 4.5-14.20220214gitde944c3 -- Continue testing upstream patches prior to 4.5.1 release. -- Some minor fixes. - -* Thu Feb 10 2022 Bruno Wolff III - 4.5-13.20220210gita8f61e2 -- Continue testing upstream patches prior to 4.5.1 release. -- Some code cleanups for stuff noted by gcc. - -* Thu Feb 10 2022 Bruno Wolff III - 4.5-12.20220210gite7e96fe -- Continue testing upstream patches prior to 4.5.1 release. -- Add man page for sqfscat. - -* Wed Feb 09 2022 Bruno Wolff III - 4.5-11.20220209git0425d3d -- Continue testing upstream patches prior to 4.5.1 release. -- Add man page for sqfstar. - -* Tue Feb 08 2022 Bruno Wolff III - 4.5-10.20220208git9e46a75 -- Continue testing upstream patches prior to 4.5.1 release. -- Upstream man page for unsquashfs replaces out of date one froom Debian. - -* Mon Feb 07 2022 Bruno Wolff III - 4.5-9.20220207gitbd186a7 -- Continue testing upstream patches -- The deprecated lzma support options are improved in the man page - -* Mon Feb 07 2022 Bruno Wolff III - 4.5-8.20220207git7f9203e -- Continue testing upstream patches -- Man pages are now built during the build process - -* Fri Feb 04 2022 Bruno Wolff III - 4.5-7.20220204git8a9d02e -- Continue testing upstream patches -- A makefile for mksquashfs is now included - -* Wed Feb 02 2022 Bruno Wolff III - 4.5-6.20220202git11c9591 -- Continue testing upstream patches -- This includes help text changes - -* Fri Jan 28 2022 Bruno Wolff III - 4.5-5.20220128gitd5a583e -- Test a few changes before upstream tags a new point release - -* Sat Jan 22 2022 Fedora Release Engineering - Packaging variables read or set by %forgemeta -- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild - -* Mon Dec 27 2021 Bruno Wolff III - 4.5-4.20211227git5ae7238 -- Get fixes for a few minor bugs - -* Mon Sep 13 2021 Bruno Wolff III - 4.5-3.20210913gite048580 -- Fix bug 2003701 (additional write outside destination directory exploit) - -* Mon Jul 26 2021 Bruno Wolff III - 4.5-2 -- Fix for sparse fragment bug 1985561 - -* Fri Jul 23 2021 Bruno Wolff III - 4.5-1 -- First crack at 4.5 release -- Man pages still need significant work - -* Wed Jan 27 2021 Fedora Release Engineering - 4.4-5.git1 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild - -* Sat Nov 14 2020 Bruno Wolff III - 4.4-4.git1 -- Gating tests failed and unable to rerun them - -* Wed Nov 11 2020 Bruno Wolff III - 4.4-3.git1 -- New upstream release with a minor fix - -* Wed Jul 29 2020 Fedora Release Engineering - 4.4-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild - -* Tue May 12 2020 Bruno Wolff III - 4.4-1.20200513gitc570c61 -- Go to 4.4 release + plus a few upstream post release patches - -* Sat Feb 08 2020 Bruno Wolff III - 4.3-25 -- Fix duplicate definition flagged by gcc10 - -* Fri Jan 31 2020 Fedora Release Engineering - 4.3-24 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild - -* Fri Jan 17 2020 Jeff Law - 4.3-23 -- Fix undefined symbol when building with LTO due to incorrect - use of inline function - -* Sat Jul 27 2019 Fedora Release Engineering - 4.3-22 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild - * Mon Jun 24 2019 Bruno Wolff III - 4.3-21 - Add zstd compression support (Sean Purcell via github.com/plougher/squashfs-tools)