import libarchive-3.7.7-1.el10

.gitignore

@@ -1 +1 @@
-SOURCES/libarchive-3.7.2.tar.gz
+SOURCES/libarchive-3.7.7.tar.gz

.libarchive.metadata

@@ -1 +1 @@
-f3fab029fed3610aa863cac056e151ce7fba0323 SOURCES/libarchive-3.7.2.tar.gz
+918692098b11db61aff23684ab04f375e4a68f69 SOURCES/libarchive-3.7.7.tar.gz

SOURCES/0002-tests-fix-zstd-long-option-test-for-32-bit-architect.patch

@@ -1,32 +0,0 @@
-From 3bd918d92f8c34ba12de9c6604d96f9e262a59fc Mon Sep 17 00:00:00 2001
-From: Martin Matuska <martin@matuska.de>
-Date: Tue, 12 Sep 2023 08:54:47 +0200
-Subject: [PATCH] tests: fix zstd long option test for 32-bit architectures
-
-Fixes #1968
----
- libarchive/test/test_write_filter_zstd.c | 8 ++++++--
- 1 file changed, 6 insertions(+), 2 deletions(-)
-
-diff --git a/libarchive/test/test_write_filter_zstd.c b/libarchive/test/test_write_filter_zstd.c
-index 3cdbd812..c9731f1b 100644
---- a/libarchive/test/test_write_filter_zstd.c
-+++ b/libarchive/test/test_write_filter_zstd.c
-@@ -161,8 +161,12 @@ DEFINE_TEST(test_write_filter_zstd)
- 	    archive_write_set_filter_option(a, NULL, "max-frame-size", "1048576"));
- #endif
- #if ZSTD_VERSION_NUMBER >= MINVER_LONG
--	assertEqualIntA(a, ARCHIVE_OK,
--	    archive_write_set_filter_option(a, NULL, "long", "27"));
-+	if ((int)(sizeof(size_t) == 4))
-+		assertEqualIntA(a, ARCHIVE_OK,
-+		    archive_write_set_filter_option(a, NULL, "long", "26"));
-+	else
-+		assertEqualIntA(a, ARCHIVE_OK,
-+		    archive_write_set_filter_option(a, NULL, "long", "27"));
- 	assertEqualIntA(a, ARCHIVE_FAILED,
- 	    archive_write_set_filter_option(a, NULL, "long", "-1")); /* negative */
- #endif
--- 
-2.41.0
-

SOURCES/0003-fix-OOB-in-rar-e8-filter.patch

@@ -1,25 +0,0 @@
-From 2910a5736c3f238d2cde6cc757b01868d877ebcb Mon Sep 17 00:00:00 2001
-From: Wei-Cheng Pan <legnaleurc@gmail.com>
-Date: Sun, 21 Apr 2024 19:11:42 +0900
-Subject: [PATCH] fix: OOB in rar e8 filter
-
----
- libarchive/archive_read_support_format_rar.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/libarchive/archive_read_support_format_rar.c b/libarchive/archive_read_support_format_rar.c
-index 99a11d17..266d0ee9 100644
---- a/libarchive/archive_read_support_format_rar.c
-+++ b/libarchive/archive_read_support_format_rar.c
-@@ -3615,7 +3615,7 @@ execute_filter_e8(struct rar_filter *filter, struct rar_virtual_machine *vm, siz
-   uint32_t filesize = 0x1000000;
-   uint32_t i;
- 
--  if (length > PROGRAM_WORK_SIZE || length < 4)
-+  if (length > PROGRAM_WORK_SIZE || length <= 4)
-     return 0;
- 
-   for (i = 0; i <= length - 5; i++)
--- 
-2.45.1
-

SOURCES/0004-rar4-reader-protect-copy_from_lzss_window_to_unp-217.patch

@@ -1,119 +0,0 @@
-From eac15e252010c1189a5c0f461364dbe2cd2a68b1 Mon Sep 17 00:00:00 2001
-From: "Dustin L. Howett" <dustin@howett.net>
-Date: Thu, 9 May 2024 18:59:17 -0500
-Subject: [PATCH] rar4 reader: protect copy_from_lzss_window_to_unp() (#2172)
-
-copy_from_lzss_window_to_unp unnecessarily took an `int` parameter where
-both of its callers were holding a `size_t`.
-
-A lzss opcode chain could be constructed that resulted in a negative
-copy length, which when passed into memcpy would result in a very, very
-large positive number.
-
-Switching copy_from_lzss_window_to_unp to take a `size_t` allows it to
-properly bounds-check length.
-
-In addition, this patch also ensures that `length` is not itself larger
-than the destination buffer.
-
-Security: CVE-2024-20696
----
- libarchive/archive_read_support_format_rar.c | 28 +++++++++++++-------
- 1 file changed, 18 insertions(+), 10 deletions(-)
-
-diff --git a/libarchive/archive_read_support_format_rar.c b/libarchive/archive_read_support_format_rar.c
-index 4fc6626c..5776df4b 100644
---- a/libarchive/archive_read_support_format_rar.c
-+++ b/libarchive/archive_read_support_format_rar.c
-@@ -432,7 +432,7 @@ static int make_table_recurse(struct archive_read *, struct huffman_code *, int,
-                               struct huffman_table_entry *, int, int);
- static int expand(struct archive_read *, int64_t *);
- static int copy_from_lzss_window_to_unp(struct archive_read *, const void **,
--                                        int64_t, int);
-+                                        int64_t, size_t);
- static const void *rar_read_ahead(struct archive_read *, size_t, ssize_t *);
- static int parse_filter(struct archive_read *, const uint8_t *, uint16_t,
-                         uint8_t);
-@@ -2060,7 +2060,7 @@ read_data_compressed(struct archive_read *a, const void **buff, size_t *size,
-         bs = rar->unp_buffer_size - rar->unp_offset;
-       else
-         bs = (size_t)rar->bytes_uncopied;
--      ret = copy_from_lzss_window_to_unp(a, buff, rar->offset, (int)bs);
-+      ret = copy_from_lzss_window_to_unp(a, buff, rar->offset, bs);
-       if (ret != ARCHIVE_OK)
-         return (ret);
-       rar->offset += bs;
-@@ -2213,7 +2213,7 @@ read_data_compressed(struct archive_read *a, const void **buff, size_t *size,
-       bs = rar->unp_buffer_size - rar->unp_offset;
-     else
-       bs = (size_t)rar->bytes_uncopied;
--    ret = copy_from_lzss_window_to_unp(a, buff, rar->offset, (int)bs);
-+    ret = copy_from_lzss_window_to_unp(a, buff, rar->offset, bs);
-     if (ret != ARCHIVE_OK)
-       return (ret);
-     rar->offset += bs;
-@@ -3094,11 +3094,16 @@ copy_from_lzss_window(struct archive_read *a, void *buffer,
- 
- static int
- copy_from_lzss_window_to_unp(struct archive_read *a, const void **buffer,
--                             int64_t startpos, int length)
-+                             int64_t startpos, size_t length)
- {
-   int windowoffs, firstpart;
-   struct rar *rar = (struct rar *)(a->format->data);
- 
-+  if (length > rar->unp_buffer_size)
-+  {
-+    goto fatal;
-+  }
-+
-   if (!rar->unp_buffer)
-   {
-     if ((rar->unp_buffer = malloc(rar->unp_buffer_size)) == NULL)
-@@ -3110,17 +3115,17 @@ copy_from_lzss_window_to_unp(struct archive_read *a, const void **buffer,
-   }
- 
-   windowoffs = lzss_offset_for_position(&rar->lzss, startpos);
--  if(windowoffs + length <= lzss_size(&rar->lzss)) {
-+  if(windowoffs + length <= (size_t)lzss_size(&rar->lzss)) {
-     memcpy(&rar->unp_buffer[rar->unp_offset], &rar->lzss.window[windowoffs],
-            length);
--  } else if (length <= lzss_size(&rar->lzss)) {
-+  } else if (length <= (size_t)lzss_size(&rar->lzss)) {
-     firstpart = lzss_size(&rar->lzss) - windowoffs;
-     if (firstpart < 0) {
-       archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,
-                         "Bad RAR file data");
-       return (ARCHIVE_FATAL);
-     }
--    if (firstpart < length) {
-+    if ((size_t)firstpart < length) {
-       memcpy(&rar->unp_buffer[rar->unp_offset],
-              &rar->lzss.window[windowoffs], firstpart);
-       memcpy(&rar->unp_buffer[rar->unp_offset + firstpart],
-@@ -3130,9 +3135,7 @@ copy_from_lzss_window_to_unp(struct archive_read *a, const void **buffer,
-              &rar->lzss.window[windowoffs], length);
-     }
-   } else {
--      archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,
--                        "Bad RAR file data");
--      return (ARCHIVE_FATAL);
-+      goto fatal;
-   }
-   rar->unp_offset += length;
-   if (rar->unp_offset >= rar->unp_buffer_size)
-@@ -3140,6 +3143,11 @@ copy_from_lzss_window_to_unp(struct archive_read *a, const void **buffer,
-   else
-     *buffer = NULL;
-   return (ARCHIVE_OK);
-+
-+fatal:
-+  archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,
-+                    "Bad RAR file data");
-+  return (ARCHIVE_FATAL);
- }
- 
- static const void *
--- 
-2.45.1
-

SOURCES/0005-fix-OOB-in-rar-audio-filter-2149.patch

@@ -1,32 +0,0 @@
-From 3006bc5d02ad3ae3c4f9274f60c1f9d2d834734b Mon Sep 17 00:00:00 2001
-From: Wei-Cheng Pan <legnaleurc@gmail.com>
-Date: Mon, 29 Apr 2024 06:53:19 +0900
-Subject: [PATCH] fix: OOB in rar audio filter (#2149)
-
-This patch ensures that `src` won't move ahead of `dst`, so `src` will
-not OOB. Similar situation like in a1cb648.
----
- libarchive/archive_read_support_format_rar.c | 7 +++++++
- 1 file changed, 7 insertions(+)
-
-diff --git a/libarchive/archive_read_support_format_rar.c b/libarchive/archive_read_support_format_rar.c
-index 619ee81e..4fc6626c 100644
---- a/libarchive/archive_read_support_format_rar.c
-+++ b/libarchive/archive_read_support_format_rar.c
-@@ -3722,6 +3722,13 @@ execute_filter_audio(struct rar_filter *filter, struct rar_virtual_machine *vm)
-     memset(&state, 0, sizeof(state));
-     for (j = i; j < length; j += numchannels)
-     {
-+      /*
-+       * The src block should not overlap with the dst block.
-+       * If so it would be better to consider this archive is broken.
-+       */
-+      if (src >= dst)
-+        return 0;
-+
-       int8_t delta = (int8_t)*src++;
-       uint8_t predbyte, byte;
-       int prederror;
--- 
-2.46.2
-

SOURCES/0006-fix-OOB-in-rar-delta-filter-2148.patch

@@ -1,36 +0,0 @@
-From a1cb648d52f5b6d3f31184d9b6a7cbca628459b7 Mon Sep 17 00:00:00 2001
-From: Wei-Cheng Pan <legnaleurc@gmail.com>
-Date: Mon, 29 Apr 2024 06:50:22 +0900
-Subject: [PATCH] fix: OOB in rar delta filter (#2148)
-
-Ensure that `src` won't move ahead of `dst`, so `src` will not OOB.
-Since `dst` won't move in this function, and we are only increasing `src`
-position, this check should be enough. It should be safe to early return
-because this function does not allocate resources.
----
- libarchive/archive_read_support_format_rar.c | 8 ++++++++
- 1 file changed, 8 insertions(+)
-
-diff --git a/libarchive/archive_read_support_format_rar.c b/libarchive/archive_read_support_format_rar.c
-index 79669a8f..619ee81e 100644
---- a/libarchive/archive_read_support_format_rar.c
-+++ b/libarchive/archive_read_support_format_rar.c
-@@ -3612,7 +3612,15 @@ execute_filter_delta(struct rar_filter *filter, struct rar_virtual_machine *vm)
-   {
-     uint8_t lastbyte = 0;
-     for (idx = i; idx < length; idx += numchannels)
-+    {
-+      /*
-+       * The src block should not overlap with the dst block.
-+       * If so it would be better to consider this archive is broken.
-+       */
-+      if (src >= dst)
-+        return 0;
-       lastbyte = dst[idx] = lastbyte - *src++;
-+    }
-   }
- 
-   filter->filteredblockaddress = length;
--- 
-2.46.2
-

SPECS/libarchive.spec

@@ -1,8 +1,8 @@
 %bcond_without check
 
 Name:           libarchive
-Version:        3.7.2
-Release:        9%{?dist}
+Version:        3.7.7
+Release:        1%{?dist}
 Summary:        A library for handling streaming archive formats
 
 # Licenses:
@@ -44,25 +44,6 @@ BuildRequires: make
 # support explicitly.
 Patch0001: 0001-Drop-rmd160-from-OpenSSL.patch
 
-# Upstream patch: https://github.com/libarchive/libarchive/commit/3bd918d92f8c34ba12de9c6604d96f9e262a59fc
-# Fixes the broken 32-bit builds (i686 arch) due to "Allocation error : not enough memory"
-Patch0002: 0002-tests-fix-zstd-long-option-test-for-32-bit-architect.patch
-
-# Upstream patch: https://github.com/libarchive/libarchive/commit/eb7939b24a681a04648a59cdebd386b1e9dc9237
-# Fixes Heap based buffer overflow in rar e8 filter (CVE-2024-26256)
-Patch0003: 0003-fix-OOB-in-rar-e8-filter.patch
-
-# Upstream patch: https://github.com/libarchive/libarchive/commit/eac15e252010c1189a5c0f461364dbe2cd2a68b1
-# Fixes CVE-2024-20696
-Patch0004: 0004-rar4-reader-protect-copy_from_lzss_window_to_unp-217.patch
-
-# Upstream patches:
-# https://github.com/libarchive/libarchive/commit/3006bc5d02ad3ae3c4f9274f60c1f9d2d834734b
-# https://github.com/libarchive/libarchive/commit/a1cb648d52f5b6d3f31184d9b6a7cbca628459b7
-# Fixes CVE-2024-48957
-Patch0005: 0005-fix-OOB-in-rar-audio-filter-2149.patch
-Patch0006: 0006-fix-OOB-in-rar-delta-filter-2148.patch
-
 %description
 Libarchive is a programming library that can create and read several different
 streaming archive formats, including most popular tar variants, several cpio
@@ -260,6 +241,11 @@ run_testsuite
 
 
 %changelog
+* Mon Nov 18 2024 Lukas Javorsky <ljavorsk@redhat.com> - 3.7.7-1
+- Rebase to version 3.7.7
+- Fixing SAST issues, accepted by upstream
+- Resolves: RHEL-39391 RHEL-67895
+
 * Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 3.7.2-9
 - Bump release for October 2024 mass rebuild:
   Resolves: RHEL-64018