diff --git a/.gitignore b/.gitignore index 743215c..d527b6f 100644 --- a/.gitignore +++ b/.gitignore @@ -39,3 +39,10 @@ squashfs-4.1.tar.bz2 /squashfs-tools-de61d00ffd2689d122696d4fc39f584c72fb24cf.tar.gz /squashfs-tools-76624e1e6be8e16ca08273eaadb82d7b38f3d5a5.tar.gz /squashfs-tools-4.5.1.tar.gz +/squashfs-tools-7cf6cee6acfa61a423d63168ad198a3bfafacda8.tar.gz +/squashfs-tools-746a81c8ea15e0573cc6abca9dc52e265d43a049.tar.gz +/squashfs-tools-1eaad6d730604131f0da0c675e547cfe544ddcfa.tar.gz +/squashfs-tools-aaf011a868c786b06e74cbdaf860d45793939f35.tar.gz +/squashfs-tools-36abab0ad661247498834c2e7f5e1ec476f2081d.tar.gz +/squashfs-tools-squashfs-tools-4.6.tar.gz +/squashfs-tools-4.6.1.tar.gz diff --git a/0001-xattrs-fix-out-of-bounds-access-again.patch b/0001-xattrs-fix-out-of-bounds-access-again.patch new file mode 100644 index 0000000..471a632 --- /dev/null +++ b/0001-xattrs-fix-out-of-bounds-access-again.patch @@ -0,0 +1,33 @@ +From 5b2b9acd762e859822c99c5262d0bcbccff619de Mon Sep 17 00:00:00 2001 +From: Adam Williamson +Date: Wed, 15 Mar 2023 12:35:38 -0700 +Subject: [PATCH] xattrs: fix out of bounds access (again) + +This restores the fix from c5db34e , which was somehow lost in +83b2f3a . `j` is not available after the loop is done, we need +to use i. We use `i - 1` because, of course, list indexes start +at 0. + +Fixes https://github.com/plougher/squashfs-tools/issues/230 + +Signed-off-by: Adam Williamson +--- + squashfs-tools/xattr.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/squashfs-tools/xattr.c b/squashfs-tools/xattr.c +index d48d950..32343f5 100644 +--- a/squashfs-tools/xattr.c ++++ b/squashfs-tools/xattr.c +@@ -838,7 +838,7 @@ int read_xattrs(void *d, int type) + for(j = 1; j < i; j++) + xattr_list[j - 1].vnext = &xattr_list[j]; + +- xattr_list[j].vnext = NULL; ++ xattr_list[i - 1].vnext = NULL; + head = xattr_list; + + sort_xattr_list(&head, i); +-- +2.39.2 + diff --git a/sources b/sources index 811cc4a..6f632b5 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (squashfs-tools-4.5.1.tar.gz) = b3934ea1e26c7508110312711465644a6d9674b6b5332a7d011e191fa3c1d4b8be694214794a0f6005263d0f4e18bab96af2f7ed66a178f8e3bb3a781cd44896 +SHA512 (squashfs-tools-4.6.1.tar.gz) = 10e8a4b1e2327e062aef4f85860e76ebcd7a29e4c19e152ff7edec4a38316982b5bcfde4ab69da6bcb931258d264c2b6cb40cb5f635f9e6f6eba1ed5976267cb diff --git a/squashfs-tools.spec b/squashfs-tools.spec index bead389..4e93a7b 100644 --- a/squashfs-tools.spec +++ b/squashfs-tools.spec @@ -1,14 +1,18 @@ Name: squashfs-tools -Version: 4.5.1 +Version: 4.6.1 Summary: Utility for the creation of squashfs filesystems %global forgeurl https://github.com/plougher/%{name} -%global date 20220318 -%global tag 4.5.1 -%forgemeta -i -v +%global tag %{version} +%forgemeta URL: %{forgeurl} Source: %{forgesource} -Release: 3%{?dist} -License: GPLv2+ +# https://github.com/plougher/squashfs-tools/pull/231 +# https://github.com/plougher/squashfs-tools/issues/230 +# https://bugzilla.redhat.com/show_bug.cgi?id=2178510 +# Fix a crash caused by an out-of-bounds access that was inadvertently +# re-introduced in a memory leak fix +Release: 7%{dist} +License: GPL-2.0-or-later BuildRequires: make BuildRequires: gcc @@ -37,7 +41,7 @@ pushd squashfs-tools make INSTALL_PREFIX=%{buildroot}/usr INSTALL_DIR=%{buildroot}%{_sbindir} INSTALL_MANPAGES_DIR=%{buildroot}%{_mandir}/man1 install %files -%doc ACKNOWLEDGEMENTS README-4.5.1 CHANGES COPYING USAGE ACTIONS-README +%doc ACKNOWLEDGEMENTS README* CHANGES COPYING USAGE* ACTIONS-README %{_mandir}/man1/mksquashfs.1.gz %{_mandir}/man1/unsquashfs.1.gz @@ -50,13 +54,68 @@ make INSTALL_PREFIX=%{buildroot}/usr INSTALL_DIR=%{buildroot}%{_sbindir} INSTALL %{_sbindir}/sqfscat %changelog +* Fri Jul 25 2025 Fedora Release Engineering - 4.6.1-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild + +* Sun Jan 19 2025 Fedora Release Engineering - 4.6.1-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild + +* Sat Jul 20 2024 Fedora Release Engineering - 4.6.1-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Sat Jan 27 2024 Fedora Release Engineering - 4.6.1-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Mon Oct 16 2023 Pavel Reichl - 4.6.1-3 +- Convert License tag to SPDX format + +* Sat Jul 22 2023 Fedora Release Engineering - 4.6.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Wed Mar 29 2023 Bruno Wolff III - 4.6.1-1 +- Phillip is now doing two tags per release and we can +- use the one that works better with forgemeta +- There are a few fixes after the 4.6 release. I think only +- one applies to Fedora because of the build options we use. +- It was not something that affects image builds. + +* Fri Mar 17 2023 Bruno Wolff III - 4.6-2 +- Remove the dist prefix from the release + +* Fri Mar 17 2023 Bruno Wolff III - 4.6-1 +- 4.6 release +- PR #231 was merged +- See https://github.com/plougher/squashfs-tools/blob/master/CHANGES + +* Wed Mar 15 2023 Adam Williamson - 4.6-0.7.20230314git36abab0 +- Backport PR #231 to fix a crash (#2178510) + +* Tue Mar 14 2023 Bruno Wolff III - 4.6-0.6^20230314git36abab0 +- A few minor memory leaks were fixed + +* Sun Mar 12 2023 Bruno Wolff III - 4.6-0.5^20230312gitaaf011a +- Doc updates +- Probably the last version before the official release (tentatively tomorrow) + +* Mon Mar 06 2023 Bruno Wolff III - 4.6-0.4^20230306git1eaad6d +- Doc updates and unanchored search improvemebts + +* Tue Feb 28 2023 Bruno Wolff III - 4.6-0.3^20230228git746a81c +- Doc updates and minor bug fix + +* Thu Feb 23 2023 Bruno Wolff III - 4.6-0.2^20230323git7cf6cee +- Remove the -i and -v forgemeta flags to get rid of the extra noise + +* Thu Feb 23 2023 Bruno Wolff III - 4.6-0.1^20230323git7cf6cee +- Prerelease snapshot of 4.6 + * Sat Jan 21 2023 Fedora Release Engineering - Packaging variables read or set by %forgemeta - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Sat Jul 23 2022 Fedora Release Engineering - Packaging variables read or set by %forgemeta - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild -* Sat Mar 18 2022 Bruno Wolff III - 4.5-1 +* Sat Mar 19 2022 Bruno Wolff III - 4.5-1 - 4.5.1 release - Up to date man pages - Lots of little fixes