fix KTar for archives created by git archive (kde#258737)

* Fri Mar 09 2011 Kevin Kofler <Kevin@tigcc.ticalc.org> 4.6.5-11 - fix KTar for archives created by git archive (kde#258737)
2012-03-09 03:33:49 +01:00 · 2012-03-09 03:33:49 +01:00 · 657412153a
parent 34b28d8f23
commit 657412153a
2 changed files with 83 additions and 3 deletions
--- a/kdelibs-4.6.5-ktar-kde#258737.patch
+++ b/kdelibs-4.6.5-ktar-kde#258737.patch
@ -0,0 +1,66 @@
+diff -ur kdelibs-4.6.5/kdecore/io/ktar.cpp kdelibs-4.6.5-ktar-kde#258737/kdecore/io/ktar.cpp
+--- kdelibs-4.6.5/kdecore/io/ktar.cpp	2011-04-01 15:56:18.000000000 +0200
+++ kdelibs-4.6.5-ktar-kde#258737/kdecore/io/ktar.cpp	2012-03-09 03:21:22.000000000 +0100
+@@ -179,7 +179,9 @@
+ qint64 KTar::KTarPrivate::readRawHeader( char *buffer ) {
+   // Read header
+   qint64 n = q->device()->read( buffer, 0x200 );
+-  if ( n == 0x200 && buffer[0] != 0 ) {
+  // we need to test if there is a prefix value because the file name can be null
+  // and the prefix can have a value and in this case we don't reset n.
+  if ( n == 0x200 && (buffer[0] != 0 || buffer[0x159] != 0) ) {
+     // Make sure this is actually a tar header
+     if (strncmp(buffer + 257, "ustar", 5)) {
+       // The magic isn't there (broken/old tars), but maybe a correct checksum?
+@@ -234,7 +236,7 @@
+   }/*wend*/
+   // jump over the rest
+   const int skip = 0x200 - (n % 0x200);
+-  if (skip < 0x200) {
+  if (skip <= 0x200) {
+     if (dev->read(buffer,skip) != skip)
+         return false;
+   }
+@@ -362,6 +364,7 @@
+         if (n == 0x200)
+         {
+             bool isdir = false;
+            bool isGlobalHeader = false;
+ 
+             if ( name.endsWith( QLatin1Char( '/' ) ) )
+             {
+@@ -369,6 +372,11 @@
+                 name.truncate( name.length() - 1 );
+             }
+ 
+            QByteArray prefix = QByteArray(buffer + 0x159, 155);
+            if (prefix[0] != '\0') {
+                name = (QString::fromLatin1(prefix.constData()) + QLatin1Char('/') +  name);
+            }
+
+             int pos = name.lastIndexOf( QLatin1Char('/') );
+             QString nm = ( pos == -1 ) ? name : name.mid( pos + 1 );
+ 
+@@ -393,7 +401,11 @@
+             char typeflag = buffer[ 0x9c ];
+             // '0' for files, '1' hard link, '2' symlink, '5' for directory
+             // (and 'L' for longlink fileNames, 'K' for longlink symlink targets)
+-            // and 'D' for GNU tar extension DUMPDIR
+            // 'D' for GNU tar extension DUMPDIR, 'x' for Extended header referring
+            // to the next file in the archive and 'g' for Global extended header
+            if ( typeflag == 'g' )
+                isGlobalHeader = true;
+
+             if ( typeflag == '5' )
+                 isdir = true;
+ 
+@@ -450,6 +462,9 @@
+                     kWarning(7041) << "skipping" << skip << "failed";
+             }
+ 
+            if (isGlobalHeader)
+                continue;
+
+             if ( pos == -1 )
+             {
+                 if (nm == QLatin1String(".")) { // special case
--- a/kdelibs.spec
+++ b/kdelibs.spec
@ -20,7 +20,7 @@

 Summary: KDE Libraries
 Version: 4.6.5
-Release: 10%{?dist}
+Release: 11%{?dist}

 Name: kdelibs
 Epoch: 6
@ -123,9 +123,17 @@ Patch104: kdelibs-4.6.5-kconfig_sync-2.patch
 Patch105: kdelibs-4.6.5-kconfig_sync-3.patch

 ## 4.7 upstream
-# https://projects.kde.org/projects/kde/kdelibs/repository/revisions/865e5fa4108bb3f470b9424ec34dc573d97e2473
+# http://commits.kde.org/kdelibs/865e5fa4108bb3f470b9424ec34dc573d97e2473
 Patch150: kdelibs-fix_fd_leak_in_klockfile.patch

+## 4.8 upstream
+# fix KTar for archives created by git archive (kde#258737). Cumulative from:
+# http://commits.kde.org/kdelibs/380587aa431789bec06ae5653234cbb952315fc4
+# http://commits.kde.org/kdelibs/262cf5920c9c0d9619d384bcf0298615c2060b44
+# http://commits.kde.org/kdelibs/762136bc525d84215bfbcbedc995431e8b66b181
+# http://commits.kde.org/kdelibs/6e0d694b302b57883ed79a3b47c9d60bea20dc8e
+Patch160: kdelibs-4.6.5-ktar-kde#258737.patch
+

 ## security fix
 # Not Upstreamed? why not ? -- Rex
@ -136,7 +144,7 @@ Patch202: kdelibs-4.6.5-CVE-2011-3365-kssl.patch
 # CVE-2010-0046, The Cascading Style Sheets (CSS) implementation in khtml/WebKit
 # allows remote attackers to execute arbitrary code or cause a denial of service
 # (memory corruption and application crash) via crafted format arguments.
-Patch203: kdelibs-4.6.5-CVE-2010-0046.patch 
+Patch203: kdelibs-4.6.5-CVE-2010-0046.patch

 ## Fedora specific patches
 # make forcefully hal-free build
@ -323,6 +331,9 @@ sed -i -e "s|@@VERSION_RELEASE@@|%{version}-%{release}|" kio/kio/kprotocolmanage
 # 4.7 backported patches
 %patch150 -p1 -b .fix_leak_in_klockfile

+# 4.8 backported patches
+%patch160 -p1 -b .ktar-kde#258737
+
 # security fix
 %patch200 -p1 -b .CVE-2009-2702
 %patch201 -p1 -b .CVE-2011-3365-kio
@ -578,6 +589,9 @@ rm -rf %{buildroot}


 %changelog
+* Fri Mar 09 2011 Kevin Kofler <Kevin@tigcc.ticalc.org> 4.6.5-11
+- fix KTar for archives created by git archive (kde#258737)
+
 * Fri Nov 18 2011 Rex Dieter <rdieter@fedoraproject.org> 4.6.5-10
 - CVE-2010-0046, security issue in khtml