archivers/libarchive: Update to 2.3.0

  - Update to version 2.3.0
  - Including RCE vulnerability fix
  - Version includes previously added patches

Security:	CVE-2016-1541
Approved by:	feld (mentor, ports-secteam)
MFH:		2016Q2

7 files changed, 9 insertions, 284 deletions

diff --git a/archivers/libarchive/Makefile b/archivers/libarchive/Makefile
index 437a9e109f48..0d520b6ac3da 100644
--- a/archivers/libarchive/Makefile
+++ b/archivers/libarchive/Makefile
@@ -1,8 +1,7 @@
 # $FreeBSD$
 
 PORTNAME=	libarchive
-PORTVERSION=	3.1.2
-PORTREVISION=	6
+PORTVERSION=	3.2.0
 PORTEPOCH=	1
 CATEGORIES=	archivers
 MASTER_SITES=	http://libarchive.org/downloads/
@@ -25,15 +24,17 @@ USE_LDCONFIG=	yes
 
 CONFIGURE_ARGS=	--without-xml2
 
-PLIST_FILES=	bin/bsdcpio \
+PLIST_FILES=	bin/bsdcat \
+		bin/bsdcpio \
 		bin/bsdtar \
 		include/archive.h \
 		include/archive_entry.h \
 		lib/libarchive.a \
 		lib/libarchive.so \
 		lib/libarchive.so.13 \
-		lib/libarchive.so.13.1.2 \
+		lib/libarchive.so.13.2.0 \
 		libdata/pkgconfig/libarchive.pc \
+		man/man1/bsdcat.1.gz \
 		man/man1/bsdcpio.1.gz \
 		man/man1/bsdtar.1.gz \
 		man/man3/archive_entry.3.gz \
@@ -44,6 +45,7 @@ PLIST_FILES=	bin/bsdcpio \
 		man/man3/archive_entry_stat.3.gz \
 		man/man3/archive_entry_time.3.gz \
 		man/man3/archive_read.3.gz \
+		man/man3/archive_read_add_passphrase.3.gz \
 		man/man3/archive_read_data.3.gz \
 		man/man3/archive_read_disk.3.gz \
 		man/man3/archive_read_extract.3.gz \
@@ -67,6 +69,7 @@ PLIST_FILES=	bin/bsdcpio \
 		man/man3/archive_write_new.3.gz \
 		man/man3/archive_write_open.3.gz \
 		man/man3/archive_write_set_options.3.gz \
+		man/man3/archive_write_set_passphrase.3.gz \
 		man/man3/libarchive.3.gz \
 		man/man3/libarchive_changes.3.gz \
 		man/man3/libarchive_internals.3.gz \
diff --git a/archivers/libarchive/distinfo b/archivers/libarchive/distinfo
index dad2e344a873..756f338ad515 100644
--- a/archivers/libarchive/distinfo
+++ b/archivers/libarchive/distinfo
@@ -1,2 +1,2 @@
-SHA256 (libarchive-3.1.2.tar.gz) = eb87eacd8fe49e8d90c8fdc189813023ccc319c5e752b01fb6ad0cc7b2c53d5e
-SIZE (libarchive-3.1.2.tar.gz) = 4527540
+SHA256 (libarchive-3.2.0.tar.gz) = 7bce45fd71ff01dc20d19edd78322d4965583d81b8bed8e26cacb65d6f5baa87
+SIZE (libarchive-3.2.0.tar.gz) = 5448095
diff --git a/archivers/libarchive/files/patch-CVE-2013-0211 b/archivers/libarchive/files/patch-CVE-2013-0211
deleted file mode 100644
index 234e37407372..000000000000
--- a/archivers/libarchive/files/patch-CVE-2013-0211
+++ /dev/null
@@ -1,26 +0,0 @@
-commit 22531545514043e04633e1c015c7540b9de9dbe4
-Author: Tim Kientzle <kientzle@acm.org>
-Date:   Fri Mar 22 23:48:41 2013 -0700
-
-    Limit write requests to at most INT_MAX.
-    This prevents a certain common programming error (passing -1 to write)
-    from leading to other problems deeper in the library.
-
-diff --git a/libarchive/archive_write.c b/libarchive/archive_write.c
-index eede5e0..be85621 100644
---- libarchive/archive_write.c
-+++ libarchive/archive_write.c
-@@ -673,8 +673,13 @@ static ssize_t
- _archive_write_data(struct archive *_a, const void *buff, size_t s)
- {
- 	struct archive_write *a = (struct archive_write *)_a;
-+	const size_t max_write = INT_MAX;
-+
- 	archive_check_magic(&a->archive, ARCHIVE_WRITE_MAGIC,
- 	    ARCHIVE_STATE_DATA, "archive_write_data");
-+	/* In particular, this catches attempts to pass negative values. */
-+	if (s > max_write)
-+		s = max_write;
- 	archive_clear_error(&a->archive);
- 	return ((a->format_write_data)(a, buff, s));
- }
diff --git a/archivers/libarchive/files/patch-CVE-2015-2304 b/archivers/libarchive/files/patch-CVE-2015-2304
deleted file mode 100644
index f1d9056f35f4..000000000000
--- a/archivers/libarchive/files/patch-CVE-2015-2304
+++ /dev/null
@@ -1,136 +0,0 @@
-commit 59357157706d47c365b2227739e17daba3607526
-Author: Alessandro Ghedini <alessandro@ghedini.me>
-Date:   Sun Mar 1 12:07:45 2015 +0100
-
-    Add ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS option
-    
-    This fixes a directory traversal in the cpio tool.
-
-diff --git a/cpio/bsdcpio.1 b/cpio/bsdcpio.1
-index f966aa0..e52546e 100644
---- cpio/bsdcpio.1
-+++ cpio/bsdcpio.1
-@@ -156,7 +156,8 @@ See above for description.
- .It Fl Fl insecure
- (i and p mode only)
- Disable security checks during extraction or copying.
--This allows extraction via symbolic links and path names containing
-+This allows extraction via symbolic links, absolute paths,
-+and path names containing
- .Sq ..
- in the name.
- .It Fl J , Fl Fl xz
-diff --git a/cpio/cpio.c b/cpio/cpio.c
-index 0acde11..b267e9b 100644
---- cpio/cpio.c
-+++ cpio/cpio.c
-@@ -171,6 +171,7 @@ main(int argc, char *argv[])
- 	cpio->extract_flags |= ARCHIVE_EXTRACT_NO_OVERWRITE_NEWER;
- 	cpio->extract_flags |= ARCHIVE_EXTRACT_SECURE_SYMLINKS;
- 	cpio->extract_flags |= ARCHIVE_EXTRACT_SECURE_NODOTDOT;
-+	cpio->extract_flags |= ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS;
- 	cpio->extract_flags |= ARCHIVE_EXTRACT_PERM;
- 	cpio->extract_flags |= ARCHIVE_EXTRACT_FFLAGS;
- 	cpio->extract_flags |= ARCHIVE_EXTRACT_ACL;
-@@ -256,6 +257,7 @@ main(int argc, char *argv[])
- 		case OPTION_INSECURE:
- 			cpio->extract_flags &= ~ARCHIVE_EXTRACT_SECURE_SYMLINKS;
- 			cpio->extract_flags &= ~ARCHIVE_EXTRACT_SECURE_NODOTDOT;
-+			cpio->extract_flags &= ~ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS;
- 			break;
- 		case 'L': /* GNU cpio */
- 			cpio->option_follow_links = 1;
-diff --git a/libarchive/archive.h b/libarchive/archive.h
-index 1f0fc38..ef635ac 100644
---- libarchive/archive.h
-+++ libarchive/archive.h
-@@ -649,6 +649,8 @@ __LA_DECL int archive_read_set_passphrase_callback(struct archive *,
- /* Default: Do not use HFS+ compression if it was not compressed. */
- /* This has no effect except on Mac OS v10.6 or later. */
- #define	ARCHIVE_EXTRACT_HFS_COMPRESSION_FORCED	(0x8000)
-+/* Default: Do not reject entries with absolute paths */
-+#define ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS (0x10000)
- 
- __LA_DECL int archive_read_extract(struct archive *, struct archive_entry *,
- 		     int flags);
-diff --git a/libarchive/archive_write_disk.3 b/libarchive/archive_write_disk.3
-index fa925cc..a2e7afa 100644
---- libarchive/archive_write_disk.3
-+++ libarchive/archive_write_disk.3
-@@ -177,6 +177,9 @@ The default is to not refuse such paths.
- Note that paths ending in
- .Pa ..
- always cause an error, regardless of this flag.
-+.It Cm ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS
-+Refuse to extract an absolute path.
-+The default is to not refuse such paths.
- .It Cm ARCHIVE_EXTRACT_SPARSE
- Scan data for blocks of NUL bytes and try to recreate them with holes.
- This results in sparse files, independent of whether the archive format
-diff --git a/libarchive/archive_write_disk_posix.c b/libarchive/archive_write_disk_posix.c
-index ab3bdac..c1290eb 100644
---- libarchive/archive_write_disk_posix.c
-+++ libarchive/archive_write_disk_posix.c
-@@ -2509,8 +2509,9 @@ cleanup_pathname_win(struct archive_write_disk *a)
- /*
-  * Canonicalize the pathname.  In particular, this strips duplicate
-  * '/' characters, '.' elements, and trailing '/'.  It also raises an
-- * error for an empty path, a trailing '..' or (if _SECURE_NODOTDOT is
-- * set) any '..' in the path.
-+ * error for an empty path, a trailing '..', (if _SECURE_NODOTDOT is
-+ * set) any '..' in the path or (if ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS
-+ * is set) if the path is absolute.
-  */
- static int
- cleanup_pathname(struct archive_write_disk *a)
-@@ -2529,8 +2530,15 @@ cleanup_pathname(struct archive_write_disk *a)
- 	cleanup_pathname_win(a);
- #endif
- 	/* Skip leading '/'. */
--	if (*src == '/')
-+	if (*src == '/') {
-+		if (a->flags & ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS) {
-+			archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
-+			                  "Path is absolute");
-+			return (ARCHIVE_FAILED);
-+		}
-+
- 		separator = *src++;
-+	}
- 
- 	/* Scan the pathname one element at a time. */
- 	for (;;) {
-diff --git a/libarchive/test/test_write_disk_secure.c b/libarchive/test/test_write_disk_secure.c
-index 31c5bfd..2c94206 100644
---- libarchive/test/test_write_disk_secure.c
-+++ libarchive/test/test_write_disk_secure.c
-@@ -178,6 +178,29 @@ DEFINE_TEST(test_write_disk_secure)
- 	assert(S_ISDIR(st.st_mode));
- 	archive_entry_free(ae);
- 
-+	/*
-+	 * Without security checks, we should be able to
-+	 * extract an absolute path.
-+	 */
-+	assert((ae = archive_entry_new()) != NULL);
-+	archive_entry_copy_pathname(ae, "/tmp/libarchive_test-test_write_disk_secure-absolute_path.tmp");
-+	archive_entry_set_mode(ae, S_IFREG | 0777);
-+	assert(0 == archive_write_header(a, ae));
-+	assert(0 == archive_write_finish_entry(a));
-+	assertFileExists("/tmp/libarchive_test-test_write_disk_secure-absolute_path.tmp");
-+	assert(0 == unlink("/tmp/libarchive_test-test_write_disk_secure-absolute_path.tmp"));
-+
-+	/* But with security checks enabled, this should fail. */
-+	assert(archive_entry_clear(ae) != NULL);
-+	archive_entry_copy_pathname(ae, "/tmp/libarchive_test-test_write_disk_secure-absolute_path.tmp");
-+	archive_entry_set_mode(ae, S_IFREG | 0777);
-+	archive_write_disk_set_options(a, ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS);
-+	failure("Extracting an absolute path should fail here.");
-+	assertEqualInt(ARCHIVE_FAILED, archive_write_header(a, ae));
-+	archive_entry_free(ae);
-+	assert(0 == archive_write_finish_entry(a));
-+	assertFileNotExists("/tmp/libarchive_test-test_write_disk_secure-absolute_path.tmp");
-+
- 	assertEqualInt(ARCHIVE_OK, archive_write_free(a));
- 
- 	/* Test the entries on disk. */
diff --git a/archivers/libarchive/files/patch-cpio1-3865cf2 b/archivers/libarchive/files/patch-cpio1-3865cf2
deleted file mode 100644
index 43d8ddf6bfcf..000000000000
--- a/archivers/libarchive/files/patch-cpio1-3865cf2
+++ /dev/null
@@ -1,53 +0,0 @@
-commit 3865cf2bcb0eebc1baef28a7841b1cadae6e0f7c
-Author: Tim Kientzle <kientzle@acm.org>
-Date:   Fri Jan 30 23:54:19 2015 -0800
-
-    Issue 394: Segfault when reading malformed old-style cpio archives
-    
-    Root cause here was an implicit cast that resulted in
-    reading very large file sizes as negative numbers.
-
-diff --git a/libarchive/archive_read_support_format_cpio.c b/libarchive/archive_read_support_format_cpio.c
-index 0b69689..e7b3d0c 100644
---- libarchive/archive_read_support_format_cpio.c
-+++ libarchive/archive_read_support_format_cpio.c
-@@ -198,7 +198,7 @@ static int	archive_read_format_cpio_read_data(struct archive_read *,
- static int	archive_read_format_cpio_read_header(struct archive_read *,
- 		    struct archive_entry *);
- static int	archive_read_format_cpio_skip(struct archive_read *);
--static int	be4(const unsigned char *);
-+static int64_t	be4(const unsigned char *);
- static int	find_odc_header(struct archive_read *);
- static int	find_newc_header(struct archive_read *);
- static int	header_bin_be(struct archive_read *, struct cpio *,
-@@ -213,7 +213,7 @@ static int	header_afiol(struct archive_read *, struct cpio *,
- 		    struct archive_entry *, size_t *, size_t *);
- static int	is_octal(const char *, size_t);
- static int	is_hex(const char *, size_t);
--static int	le4(const unsigned char *);
-+static int64_t	le4(const unsigned char *);
- static int	record_hardlink(struct archive_read *a,
- 		    struct cpio *cpio, struct archive_entry *entry);
- 
-@@ -946,17 +946,17 @@ archive_read_format_cpio_cleanup(struct archive_read *a)
- 	return (ARCHIVE_OK);
- }
- 
--static int
-+static int64_t
- le4(const unsigned char *p)
- {
--	return ((p[0]<<16) + (p[1]<<24) + (p[2]<<0) + (p[3]<<8));
-+	return ((p[0] << 16) + (((int64_t)p[1]) << 24) + (p[2] << 0) + (p[3] << 8));
- }
- 
- 
--static int
-+static int64_t
- be4(const unsigned char *p)
- {
--	return ((p[0]<<24) + (p[1]<<16) + (p[2]<<8) + (p[3]));
-+	return ((((int64_t)p[0]) << 24) + (p[1] << 16) + (p[2] << 8) + (p[3]));
- }
- 
- /*
diff --git a/archivers/libarchive/files/patch-cpio2-e6c9668 b/archivers/libarchive/files/patch-cpio2-e6c9668
deleted file mode 100644
index 263ced3b6689..000000000000
--- a/archivers/libarchive/files/patch-cpio2-e6c9668
+++ /dev/null
@@ -1,23 +0,0 @@
-commit e6c9668f3202215ddb71617b41c19b6f05acf008
-Author: Tim Kientzle <kientzle@acm.org>
-Date:   Fri Jan 30 23:57:03 2015 -0800
-
-    Add a check to archive_read_filter_consume to reject any
-    attempts to move the file pointer by a negative amount.
-    
-    Note:  Either this or commit 3865cf2 provides a fix for
-    Issue 394.
-
-diff --git a/libarchive/archive_read.c b/libarchive/archive_read.c
-index 8f71a8b..d649e9a 100644
---- libarchive/archive_read.c
-+++ libarchive/archive_read.c
-@@ -1471,6 +1471,8 @@ __archive_read_filter_consume(struct archive_read_filter * filter,
- {
- 	int64_t skipped;
- 
-+	if (request < 0)
-+		return ARCHIVE_FATAL;
- 	if (request == 0)
- 		return 0;
- 
diff --git a/archivers/libarchive/files/patch-cpio3-24f5de6 b/archivers/libarchive/files/patch-cpio3-24f5de6
deleted file mode 100644
index 97737cfe89b1..000000000000
--- a/archivers/libarchive/files/patch-cpio3-24f5de6
+++ /dev/null
@@ -1,40 +0,0 @@
-commit 24f5de6560f31a67bfdf5ddec367e70ecfa9e440
-Author: Tim Kientzle <kientzle@acm.org>
-Date:   Fri Feb 6 22:07:16 2015 -0800
-
-    Set a proper error message if we hit end-of-file when
-    trying to read a cpio header.
-    
-    Suggested by Issue #395, although the actual problem there
-    seems to have been the same as Issue #394.
-
-diff --git a/libarchive/archive_read_support_format_cpio.c b/libarchive/archive_read_support_format_cpio.c
-index e7b3d0c..c2ca85b 100644
---- libarchive/archive_read_support_format_cpio.c
-+++ libarchive/archive_read_support_format_cpio.c
-@@ -866,8 +866,11 @@ header_bin_le(struct archive_read *a, struct cpio *cpio,
- 
- 	/* Read fixed-size portion of header. */
- 	h = __archive_read_ahead(a, bin_header_size, NULL);
--	if (h == NULL)
-+	if (h == NULL) {
-+	    archive_set_error(&a->archive, 0,
-+		"End of file trying to read next cpio header");
- 	    return (ARCHIVE_FATAL);
-+	}
- 
- 	/* Parse out binary fields. */
- 	header = (const unsigned char *)h;
-@@ -902,8 +905,11 @@ header_bin_be(struct archive_read *a, struct cpio *cpio,
- 
- 	/* Read fixed-size portion of header. */
- 	h = __archive_read_ahead(a, bin_header_size, NULL);
--	if (h == NULL)
-+	if (h == NULL) {
-+	    archive_set_error(&a->archive, 0,
-+		"End of file trying to read next cpio header");
- 	    return (ARCHIVE_FATAL);
-+	}
- 
- 	/* Parse out binary fields. */
- 	header = (const unsigned char *)h;