The NetBSD Project

CVS log for pkgsrc/archivers/libmspack/Makefile

[BACK] Up to [cvs.NetBSD.org] / pkgsrc / archivers / libmspack

Request diff between arbitrary revisions


Keyword substitution: kv
Default branch: MAIN


Revision 1.8: download - view: text, markup, annotated - select for diffs
Fri Jul 22 22:25:08 2022 UTC (2 years, 4 months ago) by wiz
Branches: MAIN
CVS tags: pkgsrc-2024Q3-base, pkgsrc-2024Q3, pkgsrc-2024Q2-base, pkgsrc-2024Q2, pkgsrc-2024Q1-base, pkgsrc-2024Q1, pkgsrc-2023Q4-base, pkgsrc-2023Q4, pkgsrc-2023Q3-base, pkgsrc-2023Q3, pkgsrc-2023Q2-base, pkgsrc-2023Q2, pkgsrc-2023Q1-base, pkgsrc-2023Q1, pkgsrc-2022Q4-base, pkgsrc-2022Q4, pkgsrc-2022Q3-base, pkgsrc-2022Q3, HEAD
Diff to: previous 1.7: preferred, colored
Changes since revision 1.7: +1 -2 lines
libmspack: doesn't really use pkg-config, remove from tools

Revision 1.7: download - view: text, markup, annotated - select for diffs
Mon Aug 5 13:39:24 2019 UTC (5 years, 3 months ago) by prlw1
Branches: MAIN
CVS tags: pkgsrc-2022Q2-base, pkgsrc-2022Q2, pkgsrc-2022Q1-base, pkgsrc-2022Q1, pkgsrc-2021Q4-base, pkgsrc-2021Q4, pkgsrc-2021Q3-base, pkgsrc-2021Q3, pkgsrc-2021Q2-base, pkgsrc-2021Q2, pkgsrc-2021Q1-base, pkgsrc-2021Q1, pkgsrc-2020Q4-base, pkgsrc-2020Q4, pkgsrc-2020Q3-base, pkgsrc-2020Q3, pkgsrc-2020Q2-base, pkgsrc-2020Q2, pkgsrc-2020Q1-base, pkgsrc-2020Q1, pkgsrc-2019Q4-base, pkgsrc-2019Q4, pkgsrc-2019Q3-base, pkgsrc-2019Q3
Diff to: previous 1.6: preferred, colored
Changes since revision 1.6: +2 -2 lines
Update libmspack to 0.10.1alpha

2019-02-18  Stuart Caie <kyzer@cabextract.org.uk>

       * chmd_read_headers(): a CHM file name beginning "::" but shorter
       than 33 bytes will lead to reading past the freshly-allocated name
       buffer - checks for specific control filenames didn't take length
       into account. Thanks to ADLab of Venustech for the report and
       proof of concept.

2019-02-18  Stuart Caie <kyzer@cabextract.org.uk>

       * chmd_read_headers(): CHM files can declare their chunks are any
       size up to 4GB, and libmspack will attempt to allocate that to
       read the file.

       This is not a security issue; libmspack doesn't promise how much
       memory it'll use to unpack files. You can set your own limits by
       returning NULL in a custom mspack_system.alloc() implementation.

       However, it would be good to validate chunk size further. With no
       offical specification, only empirical data is available. All files
       created by hhc.exe have a chunk size of 4096 bytes, and this is
       matched by all the files I've found in the wild, except for one
       which has a chunk size of 8192 bytes, which was created by someone
       developing a CHM file creator 15 years ago, and they appear to
       have abandoned it, so it seems 4096 is a de-facto standard.

       I've changed the "chunk size is not a power of two" warning to
       "chunk size is not 4096", and now only allow chunk sizes between
       22 and 8192 bytes. If you have CHM files with a larger chunk size,
       please send them to me and I'll increase this upper limit.

       Thanks to ADLab of Venustech for the report.

2019-02-18  Stuart Caie <kyzer@cabextract.org.uk>

       * oabd.c: replaced one-shot copying of uncompressed blocks (which
       requires allocating a buffer of the size declared in the header,
       which can be 4GB) with a fixed-size buffer. The buffer size is
       user-controllable with the new msoab_decompressor::set_param()
       method (check you have version 2 of the OAB decompressor), and
       also controls the input buffer used for OAB's LZX decompression.

       Reminder: compression formats can dictate how much memory is
       needed to decompress them. If memory usage is a security concern
       to you, write a custom mspack_system.alloc() that returns NULL
       if "too much" memory is requested. Do not rely on libmspack adding
       special heuristics to know not to request "too much".

       Thanks to ADLab of Venustech for the report.

Revision 1.6: download - view: text, markup, annotated - select for diffs
Sat Dec 1 06:01:12 2018 UTC (6 years ago) by wiz
Branches: MAIN
CVS tags: pkgsrc-2019Q2-base, pkgsrc-2019Q2, pkgsrc-2019Q1-base, pkgsrc-2019Q1, pkgsrc-2018Q4-base, pkgsrc-2018Q4
Diff to: previous 1.5: preferred, colored
Changes since revision 1.5: +3 -4 lines
libmspack: update to 0.9.1alpha.

* libmspack is now distributed with its test-suite, which now run
as part of "make check"

* libmspack's programs in src/ have been moved to examples/ and do
not auto-install

Revision 1.5: download - view: text, markup, annotated - select for diffs
Fri Oct 12 13:21:24 2018 UTC (6 years, 1 month ago) by sborrill
Branches: MAIN
Diff to: previous 1.4: preferred, colored
Changes since revision 1.4: +3 -1 lines
Build fix as parts of tests would fail due to waiting on stdin.

Thanks to joerg@

Revision 1.4: download - view: text, markup, annotated - select for diffs
Fri Aug 10 11:33:53 2018 UTC (6 years, 3 months ago) by wiz
Branches: MAIN
CVS tags: pkgsrc-2018Q3-base, pkgsrc-2018Q3
Diff to: previous 1.3: preferred, colored
Changes since revision 1.3: +2 -2 lines
libmspack: update to 0.7.1alpha.

There are no bugfixes or new features. This release obfuscates one of the test
files to make libmspack distribution possible.

Revision 1.3: download - view: text, markup, annotated - select for diffs
Thu Jul 26 08:37:40 2018 UTC (6 years, 4 months ago) by wiz
Branches: MAIN
Diff to: previous 1.2: preferred, colored
Changes since revision 1.2: +2 -2 lines
libmspack: update to 0.7alpha.

2018-04-26  Stuart Caie <kyzer@cabextract.org.uk>

	* read_chunk(): the test that chunk numbers are in bounds was off
	by one, so read_chunk() returned a pointer taken from outside
	allocated memory that usually crashes libmspack when accessed.
	Thanks to Hanno Böck for finding the issue and providing a sample.

	* chmd_read_headers(): reject files with blank filenames. Thanks
	again to Hanno Böck for finding the issue and providing a sample file.

2018-02-06  Stuart Caie <kyzer@cabextract.org.uk>

	* chmd.c: fixed an off-by-one error in the TOLOWER() macro, reported
	by Dmitry Glavatskikh. Thanks Dmitry!

2017-11-26  Stuart Caie <kyzer@cabextract.org.uk>

	* kwajd_read_headers(): fix up the logic of reading the filename and
	extension headers to avoid a one or two byte overwrite. Thanks to
	Jakub Wilk for finding the issue.

	* test/kwajd_test.c: add tests for KWAJ filename.ext handling

2017-10-16  Stuart Caie <kyzer@cabextract.org.uk>

	* test/cabd_test.c: update the short string tests to expect not only
	MSPACK_ERR_DATAFORMAT but also MSPACK_ERR_READ, because of the recent
	change to cabd_read_string(). Thanks to maitreyee43 for spotting this.

	* test/msdecompile_md5: update the setup instructions for this script,
	and also change the script so it works with current Wine. Again, thanks
	to maitreyee43 for trying to use it and finding it not working.

2017-08-13  Stuart Caie <kyzer@cabextract.org.uk>

	* src/chmextract.c: support MinGW one-arg mkdir(). Thanks to AntumDeluge
	for reporting this.

2017-08-13  Stuart Caie <kyzer@cabextract.org.uk>

	* read_spaninfo(): a CHM file can have no ResetTable and have a
	negative length in SpanInfo, which then feeds a negative output length
	to lzxd_init(), which then sets frame_size to a value of your choosing,
	the lower 32 bits of output length, larger than LZX_FRAME_SIZE. If the
	first LZX block is uncompressed, this writes data beyond the end of the
	window. This issue was raised by ClamAV as CVE-2017-6419.  Thanks to
	Sebastian Andrzej Siewior for finding this by chance!

	* lzxd_init(), lzxd_set_output_length(), mszipd_init(): due to the issue
	mentioned above, these functions now reject negative lengths

2017-08-05  Stuart Caie <kyzer@cabextract.org.uk>

	* cabd_read_string(): add missing error check on result of read().
	If an mspack_system implementation returns an error, it's interpreted
	as a huge positive integer, which leads to reading past the end of the
	stack-based buffer. Thanks to Sebastian Andrzej Siewior for explaining
	the problem. This issue was raised by ClamAV as CVE-2017-11423

2016-04-20  Stuart Caie <kyzer@cabextract.org.uk>

	* configure.ac: change my email address to kyzer@cabextract.org.uk

2015-05-10  Stuart Caie <kyzer@4u.net>

	* cabd_read_string(): correct rejection of empty strings. Thanks to
	Hanno Böck for finding the issue and providing a sample file.

2015-05-10  Stuart Caie <kyzer@4u.net>

	* Makefile.am: Add subdir-objects option as suggested by autoreconf.

	* configure.ac: Add AM_PROG_AR as suggested by autoreconf.

2015-01-29  Stuart Caie <kyzer@4u.net>

	* system.h: if C99 inttypes.h exists, use its PRI{d,u}{32,64} macros.
	Thanks to Johnathan Kollasch for the suggestion.

Revision 1.2: download - view: text, markup, annotated - select for diffs
Tue Aug 1 14:58:51 2017 UTC (7 years, 4 months ago) by wiz
Branches: MAIN
CVS tags: pkgsrc-2018Q2-base, pkgsrc-2018Q2, pkgsrc-2018Q1-base, pkgsrc-2018Q1, pkgsrc-2017Q4-base, pkgsrc-2017Q4, pkgsrc-2017Q3-base, pkgsrc-2017Q3
Diff to: previous 1.1: preferred, colored
Changes since revision 1.1: +3 -3 lines
Follow some http -> https redirects.

Revision 1.1: download - view: text, markup, annotated - select for diffs
Sun Oct 9 03:11:25 2016 UTC (8 years, 1 month ago) by ryoon
Branches: MAIN
CVS tags: pkgsrc-2017Q2-base, pkgsrc-2017Q2, pkgsrc-2017Q1-base, pkgsrc-2017Q1, pkgsrc-2016Q4-base, pkgsrc-2016Q4
Import libmspack-0.5alpha as archivers/libmspack from pkgsrc-wip/libmspack.

The purpose of libmspack is to provide compressors and decompressors,
archivers and dearchivers for Microsoft compression formats: CAB, CHM, WIM,
LIT, HLP, KWAJ and SZDD. It is also designed to be easily embeddable,
stable, robust and resource-efficient.

Diff request

This form allows you to request diffs between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.

Log view options

CVSweb <webmaster@jp.NetBSD.org>