| Age | Commit message (Collapse) | Author |
|---|
|
Have -c override -N, like other gzip implementations. Before, our -N
(decompress to stored name) overrode -c (cat to stdout) and crashed
with a pledge violation, because the pledge for -c excludes wpath.
Guilherme Janczak reported the pledge violation in July 2022 and
provided a diff to prevent it, along with a regress test. I rewrote
the diff and expanded the regress.
ok kn@ millert@
|
|
the POSIX-standard st_*tim members.
ok millert@
|
|
amendments to his diff are noted on tech
|
|
Use open(2) + fstat(2) instead of stat(2) + open(2). The file open
code has been moved into its own functions so it can be shared
between docompress() and dodecompress().
|
|
so just remove them. Also mark functions private to main.c as
static. For SMALL, longopts can be NULL instead of an empty array.
OK kn@
|
|
This matches the behavior of GNU gzip and is most useful with "gunzip
-c" to pipe the uncompressed output. It will not decompress a file
with more than one member unless in cat mode, in which case only
the first file is displayed.
To decompress a .zip file without the -c option, "-S .zip" must be
specified. The file name stored in the .zip file is not used unless
the -N option is specified. This is consistent with GNU gzip).
Does not increase the size of gzip on the install media.
OK jmc@ for documentation.
|
|
If a compressed file is larger than its expanded version, compress(1) and
gzip(1) don't compress unless -f is given. As found by gkoehler, the check
is not quite correct for very small files or files with sufficiently random
data. Fix the check so that slight growth still triggers the check.
ok millert
|
|
If zlib is without our local change in lib/libz/zlib.h r1.7, then
s->z_stream.total_in and s->z_stream.total_out might overflow on
architectures where uLong has 32 bits. After overflow, the total
would be 4G below the correct total.
Calculate our own 64-bit totals. When decompressing, take
(uLong)s->z_stream.total_in as a total modulo ULONG_MAX + 1.
ok tb@
|
|
Report and different proposal by "prx", ok millert@
|
|
When using this flag, the input file is kept after
compression or decompression, this makes our gzip
more compatible with the other gzip
changes reworked by jca@, thanks
ok jca@ millert@
|
|
issues with -fno-common.
ok deraadt@
|
|
may modify the string buffer. ok millert@
|
|
value < 0. errno is only updated in this case. Change all (most?)
callers of syscalls to follow this better, and let's see if this strictness
helps us in the future.
|
|
Fixes a directory traversal bug when the stored name includes a
directory component. Both GNU gzip and our gzip store the basename
of the path when compressing but a malicious .gz file could contain
an arbitrary path. Problem found by elvis alien. OK deraadt@
|
|
|
|
From Brian Callahan, thanks!
OK tb@
|
|
|
|
but some of the write code remained. shuffle things around a bit to make
the exclusion more complete.
|
|
because of excessive code sharing. compression and decompression are not
entirely similar, they should share less.
ok joerg millert
|
|
for the read (inflate) case where there might be multiple streams.
For the write (deflate) case there can only be a single stream so
just use the per-stream total_in/total_out. Fixes "gzip -v" byte
counts. OK henning@.
|
|
it allows chown(2) call to change the user or group on a file.
- usr.bin/compress : aka gzip
- usr.bin/mg : open a file for writing
- usr.bin/sed : inplace editing
- usr.bin/sort : if outfile equals one of the input files
ok deraadt@ tb@
(and a reminder from Remi Locherer)
warning: in order to use it, you must have a recent kernel with the new
promise.
|
|
will think the resulting file was got larger during compression.
|
|
-l" output when used on package files. OK espie@ deraadt@
|
|
correctly - logically complete that now by removing MLINKS from base;
authors need only to ensure there is an entry in NAME for any function/
util being added. MLINKS will still work, and remain for perl to ease
upgrades;
ok nicm (curses) bcook (ssl)
ok schwarze, who provided a lot of feedback and assistance
ok tb natano jung
|
|
in cat mode (-c, zcat), or in test mode (-t), or if there are no
file arguments and there is no -o outfile. Due to fts(3) we require
rpath even for compress <in >out.
"seems sound" deraadt@
|
|
|
|
|
|
system behaviours such as forking, execve, sockets, etc.
in theory this extended by parsing the arguments first, and creating
the whitepathlist. the pathlist probably needs to be directory-oriented,
rather than exact path of files, because a gzip file may specify the
filename it wants (and that won't be available until it is opened, and
partially parsed). anyone want to give this a try?
gzip was an early goal for capsicum. who is running a capsicum gzip?
|
|
code. Found by trondd exercising coverage of tame in gzip.
ok guenther millert kettenis
|
|
ok krw millert
|
|
Not bugs in short-lived commands that call exit() -> _exit() immediately,
but for idempotency.
Originally found in ls(1) by Valgrind. Changes for other commands are
from deraadt@. Reviewed by me, tested in snapshots.
OK deraadt@
|
|
Prefer to set attributes by fd for regular files, and not follwing
symlinks for others.
ok brynet@ millert@
|
|
From Tim van der Molen
|
|
ok millert
|
|
possible. Annotate <sys/param.h> lines with their current reasons. Switch
to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change
MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where
sensible to avoid pulling in the pollution. These are the files confirmed
through binary verification.
ok guenther, millert, doug (helped with the verification protocol)
|
|
Replace malloc() and realloc() calls that may have integer overflow in the
multiplication of the arguments with reallocarray().
ok deraadt@
|
|
|
|
|
|
When you don't get what you asked for, you get angry.
When you add a tiny bit, it should be "more" or "less" still,
or you'll get angry.
So lets make zmore(1) call more(1) and zless(1) call less(1),
as it's supposed to be.
okay and input from ingo@, no objections from author AKA millert@
|
|
|
|
issue pointed out by jmc@, verified by me.
ok jmc@
|
|
|
|
come from GNU zip and they were never in compress(1) until we added
gzip(1) support to it. Also remove -g flag from gzip(1) as it is
non-standard and only makes sense in compress(1).
Joint work with jmc@ and sobrado@. OK jmc@, sobrado@
|
|
come from GNU zip and they were never in compress(1) until we added
gzip(1) support to it.
joint work with jmc@ and millert@; millert@ will do the rest.
ok jmc@, millert@
|
|
- kill an unneccessary Pp that created double vertical space
- mention that posix marks these apps xsi
- add uncompress -V to the list of extensions
- document that posix stipulates a limit of 14 for -b, even though it
permits 15 and 16
ok sobrado millert
|
|
|
|
|
|
|
|
normally instead of with a value of 2. Also avoids unlinking the
file "stdout" in the current directory in this case.
OK miod@ sthen@ henning@ beck@
|
|
references into a STANDARDS section;
|
