app-arch/libarchive: update to 3.5.3

Update app-arch/libarchive to 3.5.3 that fixes CVE-2021-36976, as well as remaining issues w.r.t CVE-2021-31566.
2025-08-19 05:21:23 +02:00 · 2022-02-16 10:57:34 +01:00 · 2022-02-16 10:57:34 +01:00 · 91d9b4fb86
commit 91d9b4fb86
parent e71406c68b
5 changed files with 125 additions and 60 deletions
--- a/sdk_container/src/third_party/portage-stable/app-arch/libarchive/Manifest
+++ b/sdk_container/src/third_party/portage-stable/app-arch/libarchive/Manifest
@ -1 +1,2 @@
-DIST libarchive-3.5.2.tar.gz 7054934 BLAKE2B 1fc6ee0166573658dc5e0f170113c07ecdaa76b287cbf68bdee63ccd198dad615b3f2803a3fc1aed303cd1f7f32033e6d8e782ef6a8a991562cdc2a375894c9e SHA512 2003ec9b24086373451bd7317bdab86d81627f087c14a6f7df1a92e131a216749f9aa352504c3d04dc82b62078b59aeea5aad5543b7e6c1c21fcafa2955d3762
+DIST libarchive-3.5.3.tar.gz 7038767 BLAKE2B a9f8b44c42efadb29cba2597c201bf9064d69632db92dad07df3f1bc9667257d8578c2ae7fae65ffc53e075466e3d326e4fe77d18d3f06656a4a255324a81fba SHA512 889879e869f7391e3b85b5e3c2bbad3c1a5e50ec7b62c0be8f2817e2dfa8410e6eb409a3c4dce2675b9e7134bae3f129475e331bc3d15d637b91412c7eb026a2
+DIST libarchive-3.6.0.tar.gz 8570393 BLAKE2B 57a8e1681485a489dc9d3823cc8c9b0d68e7d84510a3eff0b6adc268825bb9aa6179d8a810b249c3f72e3674e1df6e5ba2ed0043196458bedc3c1d880c5d4a0b SHA512 700579c5dd15b61333cc4dbf01ebfbd26d6e8c20d5cbe6525683634418fec5c87a5a1e28a81cc59ad7c94218682e406aa3b55d81036bd9fa31d83d989c6d764c
--- a/sdk_container/src/third_party/portage-stable/app-arch/libarchive/files/libarchive-3.5.0-darwin-strnlen.patch
+++ b/sdk_container/src/third_party/portage-stable/app-arch/libarchive/files/libarchive-3.5.0-darwin-strnlen.patch
@ -1,27 +0,0 @@
-https://github.com/macports/macports-ports/blob/master/archivers/libarchive/files/patch-libarchive-3.5-strnlen.diff
-
-next release should have a fix for this
-
--- a/libarchive/archive_read_support_format_mtree.c
-+++ b/libarchive/archive_read_support_format_mtree.c
-@@ -65,6 +65,20 @@ __FBSDID("$FreeBSD: head/lib/libarchive/archive_read_support_format_mtree.c 2011
- #define O_CLOEXEC	0
- #endif
- 
-+#ifdef __APPLE__
-+#if  __ENVIRONMENT_MAC_OS_X_VERSION_MIN_REQUIRED__ < 1070
-+static size_t strnlen(const char *s, size_t maxlen) {
-+  size_t l = 0;
-+  while (l < maxlen && *s) {
-+    l++;
-+    s++;
-+  }
-+  return l;
-+}
-+#endif
-+#endif
-+
-+
- #define	MTREE_HAS_DEVICE	0x0001
- #define	MTREE_HAS_FFLAGS	0x0002
- #define	MTREE_HAS_GID		0x0004
--- a/sdk_container/src/third_party/portage-stable/app-arch/libarchive/libarchive-3.5.3.ebuild
+++ b/sdk_container/src/third_party/portage-stable/app-arch/libarchive/libarchive-3.5.3.ebuild
@ -1,8 +1,8 @@
-# Copyright 1999-2021 Gentoo Authors
+# Copyright 1999-2022 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2

-EAPI=7
-inherit libtool multilib-minimal toolchain-funcs
+EAPI=8
+inherit multilib-minimal toolchain-funcs

 DESCRIPTION="Multi-format archive and compression library"
 HOMEPAGE="https://www.libarchive.org/"
@ -11,9 +11,10 @@ SRC_URI="https://www.libarchive.org/downloads/${P}.tar.gz"
 LICENSE="BSD BSD-2 BSD-4 public-domain"
 SLOT="0/13"
 KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
-IUSE="acl blake2 +bzip2 +e2fsprogs expat +iconv kernel_linux lz4 +lzma lzo nettle static-libs xattr +zlib zstd"
+IUSE="acl blake2 +bzip2 +e2fsprogs expat +iconv lz4 +lzma lzo nettle static-libs xattr zstd"

 RDEPEND="
+	sys-libs/zlib[${MULTILIB_USEDEP}]
 	acl? ( virtual/acl[${MULTILIB_USEDEP}] )
 	blake2? ( app-crypt/libb2[${MULTILIB_USEDEP}] )
 	bzip2? ( app-arch/bzip2[${MULTILIB_USEDEP}] )
@ -28,7 +29,6 @@ RDEPEND="
 	lzma? ( >=app-arch/xz-utils-5.2.5-r1[${MULTILIB_USEDEP}] )
 	lzo? ( >=dev-libs/lzo-2[${MULTILIB_USEDEP}] )
 	nettle? ( dev-libs/nettle:0=[${MULTILIB_USEDEP}] )
-	zlib? ( sys-libs/zlib[${MULTILIB_USEDEP}] )
 	zstd? ( app-arch/zstd[${MULTILIB_USEDEP}] )"
 DEPEND="${RDEPEND}
 	kernel_linux? (
@ -36,15 +36,6 @@ DEPEND="${RDEPEND}
 		e2fsprogs? ( sys-fs/e2fsprogs )
 	)"

-PATCHES=(
-	"${FILESDIR}"/${PN}-3.5.0-darwin-strnlen.patch  # drop on next release
-)
-
-src_prepare() {
-	default
-	elibtoolize  # is required for Solaris sol2_ld linker fix
-}
-
 multilib_src_configure() {
 	export ac_cv_header_ext2fs_ext2_fs_h=$(usex e2fsprogs) #354923

@ -61,7 +52,7 @@ multilib_src_configure() {
 		$(use_with lzma)
 		$(use_with lzo lzo2)
 		$(use_with nettle)
-		$(use_with zlib)
+		--with-zlib
 		$(use_with zstd)

 		# Windows-specific
@ -112,16 +103,6 @@ multilib_src_test() {
 multilib_src_install() {
 	if multilib_is_native_abi ; then
 		emake DESTDIR="${D}" install
-
-		# Create symlinks for FreeBSD
-		if ! use prefix && [[ ${CHOST} == *-freebsd* ]]; then
-			# Exclude cat for the time being #589876
-			for bin in cpio tar; do
-				dosym bsd${bin} /usr/bin/${bin}
-				echo '.so bsd${bin}.1' > "${T}"/${bin}.1
-				doman "${T}"/${bin}.1
-			done
-		fi
 	else
 		local install_targets=(
 			install-includeHEADERS
--- a/sdk_container/src/third_party/portage-stable/app-arch/libarchive/libarchive-3.6.0.ebuild
+++ b/sdk_container/src/third_party/portage-stable/app-arch/libarchive/libarchive-3.6.0.ebuild
@ -0,0 +1,117 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+inherit multilib-minimal toolchain-funcs
+
+DESCRIPTION="Multi-format archive and compression library"
+HOMEPAGE="https://www.libarchive.org/"
+SRC_URI="https://www.libarchive.org/downloads/${P}.tar.gz"
+
+LICENSE="BSD BSD-2 BSD-4 public-domain"
+SLOT="0/13"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
+IUSE="acl blake2 +bzip2 +e2fsprogs expat +iconv lz4 +lzma lzo nettle static-libs xattr zstd"
+
+RDEPEND="
+	sys-libs/zlib[${MULTILIB_USEDEP}]
+	acl? ( virtual/acl[${MULTILIB_USEDEP}] )
+	blake2? ( app-crypt/libb2[${MULTILIB_USEDEP}] )
+	bzip2? ( app-arch/bzip2[${MULTILIB_USEDEP}] )
+	expat? ( dev-libs/expat[${MULTILIB_USEDEP}] )
+	!expat? ( dev-libs/libxml2[${MULTILIB_USEDEP}] )
+	iconv? ( virtual/libiconv[${MULTILIB_USEDEP}] )
+	kernel_linux? (
+		xattr? ( sys-apps/attr[${MULTILIB_USEDEP}] )
+	)
+	dev-libs/openssl:0=[${MULTILIB_USEDEP}]
+	lz4? ( >=app-arch/lz4-0_p131:0=[${MULTILIB_USEDEP}] )
+	lzma? ( >=app-arch/xz-utils-5.2.5-r1[${MULTILIB_USEDEP}] )
+	lzo? ( >=dev-libs/lzo-2[${MULTILIB_USEDEP}] )
+	nettle? ( dev-libs/nettle:0=[${MULTILIB_USEDEP}] )
+	zstd? ( app-arch/zstd[${MULTILIB_USEDEP}] )"
+DEPEND="${RDEPEND}
+	kernel_linux? (
+		virtual/os-headers
+		e2fsprogs? ( sys-fs/e2fsprogs )
+	)"
+
+multilib_src_configure() {
+	export ac_cv_header_ext2fs_ext2_fs_h=$(usex e2fsprogs) #354923
+
+	local myconf=(
+		$(use_enable acl)
+		$(use_enable static-libs static)
+		$(use_enable xattr)
+		$(use_with blake2 libb2)
+		$(use_with bzip2 bz2lib)
+		$(use_with expat)
+		$(use_with !expat xml2)
+		$(use_with iconv)
+		$(use_with lz4)
+		$(use_with lzma)
+		$(use_with lzo lzo2)
+		$(use_with nettle)
+		--with-zlib
+		$(use_with zstd)
+
+		# Windows-specific
+		--without-cng
+	)
+	if multilib_is_native_abi ; then
+		myconf+=(
+			--enable-bsdcat=$(tc-is-static-only && echo static || echo shared)
+			--enable-bsdcpio=$(tc-is-static-only && echo static || echo shared)
+			--enable-bsdtar=$(tc-is-static-only && echo static || echo shared)
+		)
+	else
+		myconf+=(
+			--disable-bsdcat
+			--disable-bsdcpio
+			--disable-bsdtar
+		)
+	fi
+
+	ECONF_SOURCE="${S}" econf "${myconf[@]}"
+}
+
+multilib_src_compile() {
+	if multilib_is_native_abi ; then
+		emake
+	else
+		emake libarchive.la
+	fi
+}
+
+src_test() {
+	mkdir -p "${T}"/bin || die
+	# tests fail when lbzip2[symlink] is used in place of ref bunzip2
+	ln -s "${BROOT}/bin/bunzip2" "${T}"/bin || die
+	local -x PATH=${T}/bin:${PATH}
+	multilib-minimal_src_test
+}
+
+multilib_src_test() {
+	# sandbox is breaking long symlink behavior
+	local -x SANDBOX_ON=0
+	local -x LD_PRELOAD=
+	# some locales trigger different output that breaks tests
+	local -x LC_ALL=C
+	emake check
+}
+
+multilib_src_install() {
+	if multilib_is_native_abi ; then
+		emake DESTDIR="${D}" install
+	else
+		local install_targets=(
+			install-includeHEADERS
+			install-libLTLIBRARIES
+			install-pkgconfigDATA
+		)
+		emake DESTDIR="${D}" "${install_targets[@]}"
+	fi
+
+	# Libs.private: should be used from libarchive.pc instead
+	find "${ED}" -type f -name "*.la" -delete || die
+}
--- a/sdk_container/src/third_party/portage-stable/app-arch/libarchive/metadata.xml
+++ b/sdk_container/src/third_party/portage-stable/app-arch/libarchive/metadata.xml
@ -24,13 +24,6 @@
 		<flag name="nettle">
 			Use <pkg>dev-libs/nettle</pkg> as crypto backend
 		</flag>
-		<flag name="zlib">
-			Allow accessing gzip-compressed archives through
-			<pkg>sys-libs/zlib</pkg>. This only affects libarchive's native
-			support: bsdtar will keep using gunzip as a filter if that's not
-			built-in. It's also needed for supporting extraction of ZIP
-			files.
-		</flag>
 	</use>
 	<upstream>
 		<remote-id type="cpe">cpe:/a:libarchive:libarchive</remote-id>