dpkg-deb: work around bogus error message when working with XZ compressed packages
function old new delta
unpack_xz_stream 2309 2317 +8
bb_full_fd_action 464 472 +8
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
diff --git a/archival/libarchive/decompress_unxz.c b/archival/libarchive/decompress_unxz.c
index f033413..3dd9bbf 100644
--- a/archival/libarchive/decompress_unxz.c
+++ b/archival/libarchive/decompress_unxz.c
@@ -96,6 +96,24 @@
*/
do {
if (membuf[iobuf.in_pos] != 0) {
+ /* There is more data, but is it XZ data?
+ * Example: dpkg-deb -f busybox_1.30.1-4_amd64.deb
+ * reads control.tar.xz "control" file
+ * inside the ar archive, but tar.xz
+ * extraction code reaches end of xz data,
+ * reached this code and reads the beginning
+ * of data.tar.xz's ar header, which isn't xz data,
+ * and prints "corrupted data".
+ * The correct solution is to not read
+ * past nested archive (to simulate EOF).
+ * This is a workaround:
+ */
+ if (membuf[iobuf.in_pos] != 0xfd) {
+ /* It's definitely not a xz signature
+ * (which is 0xfd,"7zXZ",0x00).
+ */
+ goto end;
+ }
xz_dec_reset(state);
goto do_run;
}
@@ -128,7 +146,7 @@
break;
}
}
-
+ end:
xz_dec_end(state);
free(membuf);