libmspack 0.0.5 → 0.10.1.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/.github/workflows/rake.yml +37 -0
- data/.gitignore +2 -0
- data/.yardopts +1 -1
- data/README.md +1 -1
- data/Rakefile +11 -5
- data/ext/Rakefile +1 -1
- data/ext/libmspack/AUTHORS +1 -0
- data/ext/libmspack/ChangeLog +321 -4
- data/ext/libmspack/INSTALL +368 -0
- data/ext/libmspack/Makefile.am +86 -95
- data/ext/libmspack/Makefile.in +1729 -0
- data/ext/libmspack/README +30 -30
- data/ext/libmspack/acinclude.m4 +99 -0
- data/ext/libmspack/aclocal.m4 +1218 -0
- data/ext/libmspack/ar-lib +270 -0
- data/ext/libmspack/compile +347 -0
- data/ext/libmspack/config.guess +1480 -0
- data/ext/libmspack/config.h.in +129 -0
- data/ext/libmspack/config.sub +1801 -0
- data/ext/libmspack/configure +15487 -0
- data/ext/libmspack/configure.ac +11 -13
- data/ext/libmspack/depcomp +791 -0
- data/ext/libmspack/install-sh +508 -0
- data/ext/libmspack/libmscabd.la +41 -0
- data/ext/libmspack/libmschmd.la +41 -0
- data/ext/libmspack/libmspack.la +41 -0
- data/ext/libmspack/ltmain.sh +11156 -0
- data/ext/libmspack/m4/libtool.m4 +8387 -0
- data/ext/libmspack/m4/ltoptions.m4 +437 -0
- data/ext/libmspack/m4/ltsugar.m4 +124 -0
- data/ext/libmspack/m4/ltversion.m4 +23 -0
- data/ext/libmspack/m4/lt~obsolete.m4 +99 -0
- data/ext/libmspack/missing +215 -0
- data/ext/libmspack/mspack/cab.h +20 -7
- data/ext/libmspack/mspack/cabd.c +301 -236
- data/ext/libmspack/mspack/chmd.c +304 -319
- data/ext/libmspack/mspack/crc32.c +52 -52
- data/ext/libmspack/mspack/crc32.h +1 -1
- data/ext/libmspack/mspack/kwajd.c +178 -172
- data/ext/libmspack/mspack/lzss.h +4 -4
- data/ext/libmspack/mspack/lzssd.c +42 -42
- data/ext/libmspack/mspack/lzx.h +11 -11
- data/ext/libmspack/mspack/lzxd.c +370 -361
- data/ext/libmspack/mspack/mspack.h +109 -77
- data/ext/libmspack/mspack/mszip.h +6 -6
- data/ext/libmspack/mspack/mszipd.c +140 -139
- data/ext/libmspack/mspack/oab.h +1 -0
- data/ext/libmspack/mspack/oabd.c +71 -73
- data/ext/libmspack/mspack/qtm.h +4 -4
- data/ext/libmspack/mspack/qtmd.c +118 -117
- data/ext/libmspack/mspack/readbits.h +52 -52
- data/ext/libmspack/mspack/readhuff.h +61 -61
- data/ext/libmspack/mspack/system.c +15 -9
- data/ext/libmspack/mspack/system.h +38 -50
- data/ext/libmspack/mspack/szddd.c +35 -35
- data/ext/libmspack/test-driver +148 -0
- data/ext/x86_64-linux/libmspack.so +0 -0
- data/ext/x86_64-windows/mspack.dll +0 -0
- data/lib/libmspack/version.rb +2 -1
- data/lib/libmspack.rb +1 -1
- data/libmspack.gemspec +4 -4
- data/spec/libmspack_spec.rb +5 -4
- metadata +38 -105
- data/.travis.yml +0 -5
- data/ext/i386-windows/libmspack.dll +0 -0
- data/ext/libmspack/cleanup.sh +0 -9
- data/ext/libmspack/debian/changelog +0 -6
- data/ext/libmspack/debian/control +0 -14
- data/ext/libmspack/debian/rules +0 -101
- data/ext/libmspack/doc/Doxyfile.in +0 -22
- data/ext/libmspack/doc/Makefile.in +0 -14
- data/ext/libmspack/doc/szdd_kwaj_format.html +0 -331
- data/ext/libmspack/mspack/mspack.def +0 -28
- data/ext/libmspack/mspack/qtmc.c +0 -18
- data/ext/libmspack/rebuild.sh +0 -8
- data/ext/libmspack/test/cabd_c10 +0 -19
- data/ext/libmspack/test/cabd_compare +0 -34
- data/ext/libmspack/test/cabd_md5.c +0 -161
- data/ext/libmspack/test/cabd_memory.c +0 -179
- data/ext/libmspack/test/cabd_test.c +0 -386
- data/ext/libmspack/test/cabrip.c +0 -81
- data/ext/libmspack/test/chmd_compare +0 -38
- data/ext/libmspack/test/chmd_find.c +0 -95
- data/ext/libmspack/test/chmd_md5.c +0 -67
- data/ext/libmspack/test/chmd_order.c +0 -144
- data/ext/libmspack/test/chminfo.c +0 -284
- data/ext/libmspack/test/chmx.c +0 -216
- data/ext/libmspack/test/error.h +0 -22
- data/ext/libmspack/test/expand.c +0 -79
- data/ext/libmspack/test/md5.c +0 -457
- data/ext/libmspack/test/md5.h +0 -165
- data/ext/libmspack/test/md5_fh.h +0 -123
- data/ext/libmspack/test/msdecompile_md5 +0 -24
- data/ext/libmspack/test/msexpand_md5 +0 -39
- data/ext/libmspack/test/multifh.c +0 -435
- data/ext/libmspack/test/oabx.c +0 -41
- data/ext/libmspack/test/test_files/cabd/1.pl +0 -84
- data/ext/libmspack/test/test_files/cabd/2.pl +0 -75
- data/ext/libmspack/test/test_files/cabd/bad_folderindex.cab +0 -0
- data/ext/libmspack/test/test_files/cabd/bad_nofiles.cab +0 -0
- data/ext/libmspack/test/test_files/cabd/bad_nofolders.cab +0 -0
- data/ext/libmspack/test/test_files/cabd/bad_signature.cab +0 -0
- data/ext/libmspack/test/test_files/cabd/multi_basic_pt1.cab +0 -0
- data/ext/libmspack/test/test_files/cabd/multi_basic_pt2.cab +0 -0
- data/ext/libmspack/test/test_files/cabd/multi_basic_pt3.cab +0 -0
- data/ext/libmspack/test/test_files/cabd/multi_basic_pt4.cab +0 -0
- data/ext/libmspack/test/test_files/cabd/multi_basic_pt5.cab +0 -0
- data/ext/libmspack/test/test_files/cabd/normal_255c_filename.cab +0 -0
- data/ext/libmspack/test/test_files/cabd/normal_2files_1folder.cab +0 -0
- data/ext/libmspack/test/test_files/cabd/partial_nodata.cab +0 -0
- data/ext/libmspack/test/test_files/cabd/partial_nofiles.cab +0 -0
- data/ext/libmspack/test/test_files/cabd/partial_nofolder.cab +0 -0
- data/ext/libmspack/test/test_files/cabd/partial_shortextheader.cab +0 -0
- data/ext/libmspack/test/test_files/cabd/partial_shortfile1.cab +0 -0
- data/ext/libmspack/test/test_files/cabd/partial_shortfile2.cab +0 -0
- data/ext/libmspack/test/test_files/cabd/partial_shortfolder.cab +0 -0
- data/ext/libmspack/test/test_files/cabd/partial_shortheader.cab +0 -0
- data/ext/libmspack/test/test_files/cabd/partial_str_nofname.cab +0 -0
- data/ext/libmspack/test/test_files/cabd/partial_str_noninfo.cab +0 -0
- data/ext/libmspack/test/test_files/cabd/partial_str_nonname.cab +0 -0
- data/ext/libmspack/test/test_files/cabd/partial_str_nopinfo.cab +0 -0
- data/ext/libmspack/test/test_files/cabd/partial_str_nopname.cab +0 -0
- data/ext/libmspack/test/test_files/cabd/partial_str_shortfname.cab +0 -0
- data/ext/libmspack/test/test_files/cabd/partial_str_shortninfo.cab +0 -0
- data/ext/libmspack/test/test_files/cabd/partial_str_shortnname.cab +0 -0
- data/ext/libmspack/test/test_files/cabd/partial_str_shortpinfo.cab +0 -0
- data/ext/libmspack/test/test_files/cabd/partial_str_shortpname.cab +0 -0
- data/ext/libmspack/test/test_files/cabd/reserve_---.cab +0 -0
- data/ext/libmspack/test/test_files/cabd/reserve_--D.cab +0 -0
- data/ext/libmspack/test/test_files/cabd/reserve_-F-.cab +0 -0
- data/ext/libmspack/test/test_files/cabd/reserve_-FD.cab +0 -0
- data/ext/libmspack/test/test_files/cabd/reserve_H--.cab +0 -0
- data/ext/libmspack/test/test_files/cabd/reserve_H-D.cab +0 -0
- data/ext/libmspack/test/test_files/cabd/reserve_HF-.cab +0 -0
- data/ext/libmspack/test/test_files/cabd/reserve_HFD.cab +0 -0
- data/ext/libmspack/test/test_files/cabd/search_basic.cab +0 -0
- data/ext/libmspack/test/test_files/cabd/search_tricky1.cab +0 -0
- data/ext/libmspack/winbuild.sh +0 -26
- data/ext/libmspack.h +0 -259
- data/ext/x86_64-windows/libmspack.dll +0 -0
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 4f7e699b916ed25c7cf27af04f178bdb8c84c97653da53630ab74198cb6a5b25
|
4
|
+
data.tar.gz: 896ec19d91ba13283097e97dfbec351072ffabe59ffda376574da3d41771317c
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: c5b5a056b334424b50b842b353fec045147f7aecc9ac30140f309b64e875b72bdcba990e3f65659f7d8c1f0f0becdc7ecb2769752d1532c111fd8d2a4eb9c7c8
|
7
|
+
data.tar.gz: 28bd80c859cc9aeb19656b7ee1411724446d45286b7ca74752ea893fd7bf42e20f6522280da79c7f453c063448d3c1b49a92af4baa333382fe766172d67a69c8
|
@@ -0,0 +1,37 @@
|
|
1
|
+
name: rake
|
2
|
+
|
3
|
+
on:
|
4
|
+
push:
|
5
|
+
branches: [ master ]
|
6
|
+
tags: [ v* ]
|
7
|
+
pull_request:
|
8
|
+
|
9
|
+
jobs:
|
10
|
+
rake:
|
11
|
+
name: Test on Ruby ${{ matrix.ruby }} ${{ matrix.os }}
|
12
|
+
runs-on: ${{ matrix.os }}
|
13
|
+
continue-on-error: ${{ matrix.experimental }}
|
14
|
+
strategy:
|
15
|
+
fail-fast: false
|
16
|
+
matrix:
|
17
|
+
ruby: [ '3.1', '3.0', '2.7', '2.6', '2.5' ]
|
18
|
+
os: [ ubuntu-latest, macos-latest ] #, windows-latest
|
19
|
+
experimental: [ false ]
|
20
|
+
steps:
|
21
|
+
- uses: actions/checkout@v2
|
22
|
+
with:
|
23
|
+
submodules: true
|
24
|
+
|
25
|
+
- uses: ruby/setup-ruby@v1
|
26
|
+
with:
|
27
|
+
ruby-version: ${{ matrix.ruby }}
|
28
|
+
bundler-cache: true
|
29
|
+
|
30
|
+
- name: Download libmspack source
|
31
|
+
run: bundle exec rake libmspack
|
32
|
+
|
33
|
+
- name: Compile libmspack
|
34
|
+
run: bundle exec rake compile
|
35
|
+
|
36
|
+
- name: Run specs
|
37
|
+
run: bundle exec rake
|
data/.gitignore
CHANGED
data/.yardopts
CHANGED
@@ -1 +1 @@
|
|
1
|
-
--markup markdown
|
1
|
+
--markup markdown
|
data/README.md
CHANGED
data/Rakefile
CHANGED
@@ -14,11 +14,17 @@ end
|
|
14
14
|
|
15
15
|
desc 'Download libmspack source code'
|
16
16
|
task :libmspack do
|
17
|
-
require '
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
17
|
+
require 'open-uri'
|
18
|
+
version = '0.10.1alpha'
|
19
|
+
source = "https://www.cabextract.org.uk/libmspack/libmspack-#{version}.tar.gz"
|
20
|
+
target = './ext/'
|
21
|
+
archivedir = 'libmspack-' + version
|
22
|
+
URI(source).open do |tempfile|
|
23
|
+
system('tar', '-C', target, '-xf', tempfile.path)
|
24
|
+
end
|
25
|
+
FileUtils.rm_rf(target + 'libmspack')
|
26
|
+
FileUtils.mv(target + archivedir, target + 'libmspack')
|
27
|
+
FileUtils.rm_rf(target + archivedir)
|
22
28
|
end
|
23
29
|
|
24
30
|
desc 'Compile libmspack source code'
|
data/ext/Rakefile
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
require 'ffi-compiler/compile_task'
|
2
2
|
|
3
|
-
FFI::Compiler::CompileTask.new('
|
3
|
+
FFI::Compiler::CompileTask.new('mspack') do |compiler|
|
4
4
|
compiler.source_dirs = ['./libmspack/mspack/']
|
5
5
|
compiler.add_include_path(compiler.source_dirs.last)
|
6
6
|
compiler.add_define('_FILE_OFFSET_BITS', 64) # off_t must be 64-bit
|
data/ext/libmspack/AUTHORS
CHANGED
data/ext/libmspack/ChangeLog
CHANGED
@@ -1,3 +1,320 @@
|
|
1
|
+
2019-02-18 Stuart Caie <kyzer@cabextract.org.uk>
|
2
|
+
|
3
|
+
* chmd_read_headers(): a CHM file name beginning "::" but shorter
|
4
|
+
than 33 bytes will lead to reading past the freshly-allocated name
|
5
|
+
buffer - checks for specific control filenames didn't take length
|
6
|
+
into account. Thanks to ADLab of Venustech for the report and
|
7
|
+
proof of concept.
|
8
|
+
|
9
|
+
2019-02-18 Stuart Caie <kyzer@cabextract.org.uk>
|
10
|
+
|
11
|
+
* chmd_read_headers(): CHM files can declare their chunks are any
|
12
|
+
size up to 4GB, and libmspack will attempt to allocate that to
|
13
|
+
read the file.
|
14
|
+
|
15
|
+
This is not a security issue; libmspack doesn't promise how much
|
16
|
+
memory it'll use to unpack files. You can set your own limits by
|
17
|
+
returning NULL in a custom mspack_system.alloc() implementation.
|
18
|
+
|
19
|
+
However, it would be good to validate chunk size further. With no
|
20
|
+
offical specification, only empirical data is available. All files
|
21
|
+
created by hhc.exe have a chunk size of 4096 bytes, and this is
|
22
|
+
matched by all the files I've found in the wild, except for one
|
23
|
+
which has a chunk size of 8192 bytes, which was created by someone
|
24
|
+
developing a CHM file creator 15 years ago, and they appear to
|
25
|
+
have abandoned it, so it seems 4096 is a de-facto standard.
|
26
|
+
|
27
|
+
I've changed the "chunk size is not a power of two" warning to
|
28
|
+
"chunk size is not 4096", and now only allow chunk sizes between
|
29
|
+
22 and 8192 bytes. If you have CHM files with a larger chunk size,
|
30
|
+
please send them to me and I'll increase this upper limit.
|
31
|
+
|
32
|
+
Thanks to ADLab of Venustech for the report.
|
33
|
+
|
34
|
+
2019-02-18 Stuart Caie <kyzer@cabextract.org.uk>
|
35
|
+
|
36
|
+
* oabd.c: replaced one-shot copying of uncompressed blocks (which
|
37
|
+
requires allocating a buffer of the size declared in the header,
|
38
|
+
which can be 4GB) with a fixed-size buffer. The buffer size is
|
39
|
+
user-controllable with the new msoab_decompressor::set_param()
|
40
|
+
method (check you have version 2 of the OAB decompressor), and
|
41
|
+
also controls the input buffer used for OAB's LZX decompression.
|
42
|
+
|
43
|
+
Reminder: compression formats can dictate how much memory is
|
44
|
+
needed to decompress them. If memory usage is a security concern
|
45
|
+
to you, write a custom mspack_system.alloc() that returns NULL
|
46
|
+
if "too much" memory is requested. Do not rely on libmspack adding
|
47
|
+
special heuristics to know not to request "too much".
|
48
|
+
|
49
|
+
Thanks to ADLab of Venustech for the report.
|
50
|
+
|
51
|
+
2018-11-03 Stuart Caie <kyzer@cabextract.org.uk>
|
52
|
+
|
53
|
+
* configure.ac, doc/Makefile.in, doc/Doxyfile.in: remove these
|
54
|
+
template files and replace with static files. You can still build
|
55
|
+
the documentation with make -C doc
|
56
|
+
|
57
|
+
2018-11-03 Stuart Caie <kyzer@cabextract.org.uk>
|
58
|
+
|
59
|
+
* Makefile.am, src: move the "useful" programs in src/ to examples/
|
60
|
+
and don't auto-install them. Even though they're useful, they are
|
61
|
+
intended as examples and aren't productised (no commmand-line
|
62
|
+
options, no man pages, etc.) -- if you disagree, feel free to
|
63
|
+
send in a patch
|
64
|
+
|
65
|
+
2018-11-01 Stuart Caie <kyzer@cabextract.org.uk>
|
66
|
+
|
67
|
+
* cabd_extract(): would not do decompression for random-access
|
68
|
+
offsets if the folder type was LZX. This is a fairly major bug,
|
69
|
+
and affects any decompression where you skip directly to a file,
|
70
|
+
or decompress data out-of-order. Thanks to austin987 for alerting
|
71
|
+
me to this.
|
72
|
+
|
73
|
+
This bug was introduced by the recent 'salvage mode' patch. Even
|
74
|
+
though I'd reviewed all the differences in clamav's copy of
|
75
|
+
libmspack and said "wtf" to this particular change, I didn't
|
76
|
+
notice it was still in the resulting patch I merged. Mea culpa :)
|
77
|
+
|
78
|
+
* test/cabd_test.c: now has a regression test to cover this
|
79
|
+
|
80
|
+
2018-10-31 Stuart Caie <kyzer@cabextract.org.uk>
|
81
|
+
|
82
|
+
* Makefile.am, test/*_test.c: use the automake test-suite system
|
83
|
+
with the test-suite programs (cabd_test, chmd_test, kwajd_test).
|
84
|
+
This also fixes a longstanding bugbear that these programs don't
|
85
|
+
access their test files using an absolute path. Now this is passed
|
86
|
+
to them and you can run them from any directory. Thanks to Richard
|
87
|
+
Jones for requesting this.
|
88
|
+
|
89
|
+
2018-10-31 Stuart Caie <kyzer@cabextract.org.uk>
|
90
|
+
|
91
|
+
* configure.ac: require at least automake 1.11, use AM_SILENT_RULES
|
92
|
+
unconditionally
|
93
|
+
|
94
|
+
2018-10-30 Stuart Caie <kyzer@cabextract.org.uk>
|
95
|
+
|
96
|
+
* configure.ac: remove obsolescent C library tests. AC_HEADER_STDC is
|
97
|
+
removed, and so are most checks for standard C headers. libmspack now
|
98
|
+
makes these assumptions:
|
99
|
+
- <ctype.h> <limits.h> <stdlib.h> <string.h> exist
|
100
|
+
- <ctype.h> defines tolower()
|
101
|
+
- <string.h> defines memset(), memcmp(), strlen()
|
102
|
+
- if towlower() exists, it's defined in <wctype.h>
|
103
|
+
|
104
|
+
2018-10-22 Stuart Caie <kyzer@cabextract.org.uk>
|
105
|
+
|
106
|
+
* cabd.c: remove the only use of assert()
|
107
|
+
|
108
|
+
2018-10-20 Stuart Caie <kyzer@cabextract.org.uk>
|
109
|
+
|
110
|
+
* src/chmextract.c: add anti "../" and leading slash protection to
|
111
|
+
chmextract. I'm not pleased about this. All the sample code provided
|
112
|
+
with libmspack is meant to be simple examples of library use, not
|
113
|
+
"productised" binaries. Making the "useful" code samples install
|
114
|
+
as binaries was a mistake. They were never intended to protect you
|
115
|
+
from unpacking archive files with relative/absolute paths, and I
|
116
|
+
would prefer that they never will be.
|
117
|
+
|
118
|
+
2018-10-17 Stuart Caie <kyzer@cabextract.org.uk>
|
119
|
+
|
120
|
+
* cab.h: Make the CAB block input buffer one byte larger, to allow
|
121
|
+
a maximum-allowed-size input block and the special extra byte added
|
122
|
+
after the block by cabd_sys_read_block to help Quantum alignment.
|
123
|
+
Thanks to Henri Salo for reporting this.
|
124
|
+
|
125
|
+
2018-10-17 Stuart Caie <kyzer@cabextract.org.uk>
|
126
|
+
|
127
|
+
* chmd_read_headers(): again reject files with blank filenames, this
|
128
|
+
time because their 1st or 2nd byte is null, not because their length
|
129
|
+
is zero. Thanks again to Hanno Böck for finding the issue.
|
130
|
+
|
131
|
+
2018-10-16 Stuart Caie <kyzer@cabextract.org.uk>
|
132
|
+
|
133
|
+
* Makefile.am: using automake _DEPENDENCIES for chmd_test appears to
|
134
|
+
override the default dependencies (e.g. sources), so libchmd.la was no
|
135
|
+
longer considered a dependency of chmd_test. This breaks parallel
|
136
|
+
builds like "make -j4". Added libchmd.la explicitly to dependencies.
|
137
|
+
Thanks to Thomas Deutschmann for reporting this.
|
138
|
+
|
139
|
+
2018-10-16 Stuart Caie <kyzer@cabextract.org.uk>
|
140
|
+
|
141
|
+
* cabd.c: add new parameter, MSCABD_PARAM_SALVAGE, which makes CAB file
|
142
|
+
reading and extraction more lenient, to allow damaged or mangled CABs
|
143
|
+
to be extracted. When enabled:
|
144
|
+
- cabd->open() won't reject cabinets with files that have invalid
|
145
|
+
folder indices or filenames. These files will simply be skipped
|
146
|
+
- cabd->extract() won't reject files with invalid lengths, but will
|
147
|
+
limit them to the maximum possible
|
148
|
+
- block output sizes over 32768 bytes won't be rejected
|
149
|
+
- invalid data block checksums won't be rejected
|
150
|
+
|
151
|
+
It's still possible for corrupted files to fail extraction, but more
|
152
|
+
data can be extracted before they do.
|
153
|
+
|
154
|
+
This new parameter doesn't affect the existing MSCABD_PARAM_FIXMSZIP
|
155
|
+
parameter, which ignores MSZIP decompression failures. You can enable
|
156
|
+
both at once.
|
157
|
+
|
158
|
+
Thanks to Micah Snyder from ClamAV for working with me to get this
|
159
|
+
feature into libmspack. This also helps ClamAV move towards using a
|
160
|
+
vanilla copy of libmspack without needing their own patchset.
|
161
|
+
|
162
|
+
2018-08-13 Stuart Caie <kyzer@cabextract.org.uk>
|
163
|
+
|
164
|
+
* mspack.h: clarify that mspack_system.free() should allow NULL. If your
|
165
|
+
mspack_system implementation doesn't, it would already have crashed, as
|
166
|
+
there are several places where libmspack calls sys->free(NULL). This
|
167
|
+
change makes it official, and amends a few "if (x) sys->free(x)" cases
|
168
|
+
to the simpler "sys->free(x)" to make it clearer.
|
169
|
+
|
170
|
+
2018-08-09 Stuart Caie <kyzer@cabextract.org.uk>
|
171
|
+
|
172
|
+
* Makefile.am: the test file cve-2015-4467-reset-interval-zero.chm is
|
173
|
+
detected by ClamAV as BC.Legacy.Exploit.CVE_2012_1458-1 "infected".
|
174
|
+
My hosting deletes anything that ClamAV calls "infected", so has been
|
175
|
+
continually deleting the official libmspack 0.7alpha release.
|
176
|
+
|
177
|
+
CVE-2012-1458 is the same issue as CVE-2015-4467: both libmspack, and
|
178
|
+
ClamAV using libmspack, could get a division-by-zero crash when the LZX
|
179
|
+
reset interval was zero. This was fixed years ago, but ClamAV still has
|
180
|
+
it as a signature, which today prevents me from releasing libmspack.
|
181
|
+
|
182
|
+
BC.Legacy.Exploit.CVE_2012_1458-1 is a bytecode signature, so I can't
|
183
|
+
see the exact trigger conditions, but I can see that it looks for the
|
184
|
+
"LZXC" signature of the LZX control file, so I've changed this to
|
185
|
+
"lzxc" and added a step in the Makefile to change it back to LZXC, so
|
186
|
+
I can release libmspack whether or not ClamAV keeps the signature.
|
187
|
+
|
188
|
+
2018-04-26 Stuart Caie <kyzer@cabextract.org.uk>
|
189
|
+
|
190
|
+
* read_chunk(): the test that chunk numbers are in bounds was off
|
191
|
+
by one, so read_chunk() returned a pointer taken from outside
|
192
|
+
allocated memory that usually crashes libmspack when accessed.
|
193
|
+
Thanks to Hanno Böck for finding the issue and providing a sample.
|
194
|
+
|
195
|
+
* chmd_read_headers(): reject files with blank filenames. Thanks
|
196
|
+
again to Hanno Böck for finding the issue and providing a sample file.
|
197
|
+
|
198
|
+
2018-02-06 Stuart Caie <kyzer@cabextract.org.uk>
|
199
|
+
|
200
|
+
* chmd.c: fixed an off-by-one error in the TOLOWER() macro, reported
|
201
|
+
by Dmitry Glavatskikh. Thanks Dmitry!
|
202
|
+
|
203
|
+
2017-11-26 Stuart Caie <kyzer@cabextract.org.uk>
|
204
|
+
|
205
|
+
* kwajd_read_headers(): fix up the logic of reading the filename and
|
206
|
+
extension headers to avoid a one or two byte overwrite. Thanks to
|
207
|
+
Jakub Wilk for finding the issue.
|
208
|
+
|
209
|
+
* test/kwajd_test.c: add tests for KWAJ filename.ext handling
|
210
|
+
|
211
|
+
2017-10-16 Stuart Caie <kyzer@cabextract.org.uk>
|
212
|
+
|
213
|
+
* test/cabd_test.c: update the short string tests to expect not only
|
214
|
+
MSPACK_ERR_DATAFORMAT but also MSPACK_ERR_READ, because of the recent
|
215
|
+
change to cabd_read_string(). Thanks to maitreyee43 for spotting this.
|
216
|
+
|
217
|
+
* test/msdecompile_md5: update the setup instructions for this script,
|
218
|
+
and also change the script so it works with current Wine. Again, thanks
|
219
|
+
to maitreyee43 for trying to use it and finding it not working.
|
220
|
+
|
221
|
+
2017-08-13 Stuart Caie <kyzer@cabextract.org.uk>
|
222
|
+
|
223
|
+
* src/chmextract.c: support MinGW one-arg mkdir(). Thanks to AntumDeluge
|
224
|
+
for reporting this.
|
225
|
+
|
226
|
+
2017-08-13 Stuart Caie <kyzer@cabextract.org.uk>
|
227
|
+
|
228
|
+
* read_spaninfo(): a CHM file can have no ResetTable and have a
|
229
|
+
negative length in SpanInfo, which then feeds a negative output length
|
230
|
+
to lzxd_init(), which then sets frame_size to a value of your choosing,
|
231
|
+
the lower 32 bits of output length, larger than LZX_FRAME_SIZE. If the
|
232
|
+
first LZX block is uncompressed, this writes data beyond the end of the
|
233
|
+
window. This issue was raised by ClamAV as CVE-2017-6419. Thanks to
|
234
|
+
Sebastian Andrzej Siewior for finding this by chance!
|
235
|
+
|
236
|
+
* lzxd_init(), lzxd_set_output_length(), mszipd_init(): due to the issue
|
237
|
+
mentioned above, these functions now reject negative lengths
|
238
|
+
|
239
|
+
2017-08-05 Stuart Caie <kyzer@cabextract.org.uk>
|
240
|
+
|
241
|
+
* cabd_read_string(): add missing error check on result of read().
|
242
|
+
If an mspack_system implementation returns an error, it's interpreted
|
243
|
+
as a huge positive integer, which leads to reading past the end of the
|
244
|
+
stack-based buffer. Thanks to Sebastian Andrzej Siewior for explaining
|
245
|
+
the problem. This issue was raised by ClamAV as CVE-2017-11423
|
246
|
+
|
247
|
+
2016-04-20 Stuart Caie <kyzer@cabextract.org.uk>
|
248
|
+
|
249
|
+
* configure.ac: change my email address to kyzer@cabextract.org.uk
|
250
|
+
|
251
|
+
2015-05-10 Stuart Caie <kyzer@4u.net>
|
252
|
+
|
253
|
+
* cabd_read_string(): correct rejection of empty strings. Thanks to
|
254
|
+
Hanno Böck for finding the issue and providing a sample file.
|
255
|
+
|
256
|
+
2015-05-10 Stuart Caie <kyzer@4u.net>
|
257
|
+
|
258
|
+
* Makefile.am: Add subdir-objects option as suggested by autoreconf.
|
259
|
+
|
260
|
+
* configure.ac: Add AM_PROG_AR as suggested by autoreconf.
|
261
|
+
|
262
|
+
2015-01-29 Stuart Caie <kyzer@4u.net>
|
263
|
+
|
264
|
+
* system.h: if C99 inttypes.h exists, use its PRI{d,u}{32,64} macros.
|
265
|
+
Thanks to Johnathan Kollasch for the suggestion.
|
266
|
+
|
267
|
+
2015-01-18 Stuart Caie <kyzer@4u.net>
|
268
|
+
|
269
|
+
* lzxd_decompress(): the byte-alignment code for reading uncompressed
|
270
|
+
block headers presumed it could wind i_ptr back 2 bytes, but this
|
271
|
+
hasn't been true since READ_BYTES was allowed to read bytes straddling
|
272
|
+
two blocks, leaving just 1 byte in the read buffer. Thanks to Jakub
|
273
|
+
Wilk for finding the issue and providing a sample file.
|
274
|
+
|
275
|
+
* inflate(): off-by-one error. Distance codes are 0-29, not 0-30.
|
276
|
+
Thanks to Jakub Wilk again.
|
277
|
+
|
278
|
+
* chmd_read_headers(), search_chunk(): another fix for checking pointer
|
279
|
+
is within a chunk, thanks again to Jakub Wilk.
|
280
|
+
|
281
|
+
2015-01-17 Stuart Caie <kyzer@4u.net>
|
282
|
+
|
283
|
+
* GET_UTF8_CHAR(): Remove 5/6-byte encoding support and check decoded
|
284
|
+
chars are no more than U+10FFFF.
|
285
|
+
|
286
|
+
* chmd_init_decomp(): A reset interval of 0 is invalid. Thanks to
|
287
|
+
Jakub Wilk for finding the issue and providing a sample and patch.
|
288
|
+
|
289
|
+
2015-01-15 Stuart Caie <kyzer@4u.net>
|
290
|
+
|
291
|
+
* chmd_read_headers(): add a bounds check to prevent over-reading data,
|
292
|
+
which caused a segfault on 32-bit architectures. Thanks to Jakub Wilk.
|
293
|
+
|
294
|
+
* search_chunk(): change the order of pointer arithmetic operations to
|
295
|
+
avoid overflow during bounds checks, which lead to segfaults on 32-bit
|
296
|
+
architectures. Again, thanks to Jakub Wilk for finding this issue,
|
297
|
+
providing sample files and a patch.
|
298
|
+
|
299
|
+
2015-01-08 Stuart Caie <kyzer@4u.net>
|
300
|
+
|
301
|
+
* cabd_extract(): No longer uses broken state data if extracting from
|
302
|
+
folder 1, 2, 1 and setting up folder 2 fails. This prevents a jump to
|
303
|
+
null and thus segfault. Thanks to Jakub Wilk again.
|
304
|
+
|
305
|
+
* cabd_read_string: reject empty strings. They are not found in any
|
306
|
+
valid CAB files. Thanks to Hanno Böck for sending me an example.
|
307
|
+
|
308
|
+
2015-01-05 Stuart Caie <kyzer@4u.net>
|
309
|
+
|
310
|
+
* cabd_can_merge_folders(): disallow folder merging if the combined
|
311
|
+
folder would have more than 65535 data blocks.
|
312
|
+
|
313
|
+
* cabd_decompress(): disallow files if their offset, length or
|
314
|
+
offset+length is more than 65535*32768, the maximum size of any
|
315
|
+
folder. Thanks to Jakub Wilk for identifying the problem and providing
|
316
|
+
a sample file.
|
317
|
+
|
1
318
|
2014-04-20 Stuart Caie <kyzer@4u.net>
|
2
319
|
|
3
320
|
* readhuff.h: fixed the table overflow check, which allowed one more
|
@@ -41,9 +358,9 @@
|
|
41
358
|
|
42
359
|
2011-11-23 Stuart Caie <kyzer@4u.net>
|
43
360
|
|
44
|
-
* chmd_fast_find(): add a simple check against infinite
|
361
|
+
* chmd_fast_find(): add a simple check against infinite PMGL
|
45
362
|
loops. Thanks to Sergei Trofimovich for finding sample files.
|
46
|
-
Multi-step
|
363
|
+
Multi-step PMGL/PMGI infinite loops remain possible.
|
47
364
|
|
48
365
|
2011-06-17 Stuart Caie <kyzer@4u.net>
|
49
366
|
|
@@ -162,7 +479,7 @@
|
|
162
479
|
2011-04-26: Stuart Caie <kyzer@4u.net>
|
163
480
|
|
164
481
|
* test/chminfo.c: more sanity checks for corrupted CHM files where
|
165
|
-
entries go past the end of a
|
482
|
+
entries go past the end of a PMGL/PMGI chunk, thanks to
|
166
483
|
Sergei Trofimovich for sending me examples and analysis.
|
167
484
|
|
168
485
|
2011-04-25: Stuart Caie <kyzer@4u.net>
|
@@ -408,7 +725,7 @@
|
|
408
725
|
2005-03-22: Stuart Caie <kyzer@4u.net>
|
409
726
|
|
410
727
|
* system.h: now undefs "read", as the latest glibc defines read()
|
411
|
-
as a macro which messes everything up. Thanks to Ville
|
728
|
+
as a macro which messes everything up. Thanks to Ville Skyttä for
|
412
729
|
the update.
|
413
730
|
|
414
731
|
2005-03-14: Stuart Caie <kyzer@4u.net>
|