Bug#983071: unblock: xz-utils/5.2.5-1.1
On 2021-03-04 12:32:48 [+0100], Paul Gevers wrote:
> Hi Sebastian
Hi,
> Can you please send a debdiff where you undo the renaming (where
> applicable), such that we get a better understanding of the real changes?
Sure. Please find attached.
> What I *think* we're going to do is accept the package in unstable, but
> have it age a bit in unstable before unblocking (which is going to
> happen automatically due to the hard freeze).
Oki.
> Paul
Sebastian
diff -Nru xz-utils-5.2.5/debian/changelog xz-utils-5.2.5/debian/changelog
--- xz-utils-5.2.5/debian/changelog 2020-12-28 11:25:06.000000000 +0100
+++ xz-utils-5.2.5/debian/changelog 2021-03-02 21:50:25.000000000 +0100
@@ -1,3 +1,11 @@
+xz-utils (5.2.5-1.1) experimental; urgency=medium
+
+ * Non-maintainer upload.
+ * Update the patches for #844770 and #975981 to what upstream applied.
+ * Add a SIGPIPE fix to xzgrep (similar to xzcmp in #844770).
+
+ -- Sebastian Andrzej Siewior <sebastian@breakpoint.cc> Tue, 02 Mar 2021 21:50:25 +0100
+
xz-utils (5.2.5-1.0) unstable; urgency=medium
* Non-maintainer upload.
diff -Nru xz-utils-5.2.5/debian/patches/0001-Scripts-Fix-exit-status-of-xzdiff-xzcmp.patch xz-utils-5.2.5/debian/patches/0001-Scripts-Fix-exit-status-of-xzdiff-xzcmp.patch
--- xz-utils-5.2.5/debian/patches/0001-Scripts-Fix-exit-status-of-xzdiff-xzcmp.patch 1970-01-01 01:00:00.000000000 +0100
+++ xz-utils-5.2.5/debian/patches/0001-Scripts-Fix-exit-status-of-xzdiff-xzcmp.patch 2021-03-02 21:50:25.000000000 +0100
@@ -0,0 +1,118 @@
+From: Lasse Collin <lasse.collin@tukaani.org>
+Date: Mon, 11 Jan 2021 22:01:51 +0200
+Subject: Scripts: Fix exit status of xzdiff/xzcmp.
+MIME-Version: 1.0
+Content-Type: text/plain; charset="utf-8"
+Content-Transfer-Encoding: 8bit
+
+This is a minor fix since this affects only the situation when
+the files differ and the exit status is something else than 0.
+In such case there could be SIGPIPE from a decompression tool
+and that would result in exit status of 2 from xzdiff/xzcmp
+while the correct behavior would be to return 1 or whatever
+else diff or cmp may have returned.
+
+This commit omits the -q option from xz/gzip/bzip2/lzop arguments.
+I'm not sure why the -q was used in the first place, perhaps it
+hides warnings in some situation that I cannot see at the moment.
+Hopefully the removal won't introduce a new bug.
+
+With gzip the -q option was harmful because it made gzip return 2
+instead of >= 128 with SIGPIPE. Ignoring exit status 2 (warning
+from gzip) isn't practical because bzip2 uses exit status 2 to
+indicate corrupt input file. It's better if SIGPIPE results in
+exit status >= 128.
+
+With bzip2 the removal of -q seems to be good because with -q
+it prints nothing if input is corrupt. The other tools aren't
+silent in this situation even with -q. On the other hand, if
+zstd support is added, it will need -q since otherwise it's
+noisy in normal situations.
+
+Thanks to Étienne Mollier and Sebastian Andrzej Siewior.
+---
+ src/scripts/xzdiff.in | 35 +++++++++++++++++++++--------------
+ 1 file changed, 21 insertions(+), 14 deletions(-)
+
+diff --git a/src/scripts/xzdiff.in b/src/scripts/xzdiff.in
+index eb7825c..98ac0e5 100644
+--- a/src/scripts/xzdiff.in
++++ b/src/scripts/xzdiff.in
+@@ -116,23 +116,18 @@ elif test $# -eq 2; then
+ if test "$1$2" = --; then
+ xz_status=$(
+ exec 4>&1
+- ($xz1 -cdfq - 4>&-; echo $? >&4) 3>&- |
++ ($xz1 -cdf - 4>&-; echo $? >&4) 3>&- |
+ eval "$cmp" - - >&3
+ )
+ elif # Reject Solaris 8's buggy /bin/bash 2.03.
+ echo X | (echo X | eval "$cmp" /dev/fd/5 - >/dev/null 2>&1) 5<&0; then
++ # NOTE: xz_status will contain two numbers.
+ xz_status=$(
+ exec 4>&1
+- ($xz1 -cdfq -- "$1" 4>&-; echo $? >&4) 3>&- |
+- ( ($xz2 -cdfq -- "$2" 4>&-; echo $? >&4) 3>&- 5<&- </dev/null |
++ ($xz1 -cdf -- "$1" 4>&-; echo $? >&4) 3>&- |
++ ( ($xz2 -cdf -- "$2" 4>&-; echo $? >&4) 3>&- 5<&- </dev/null |
+ eval "$cmp" /dev/fd/5 - >&3) 5<&0
+ )
+- cmp_status=$?
+- case $xz_status in
+- *[1-9]*) xz_status=1;;
+- *) xz_status=0;;
+- esac
+- (exit $cmp_status)
+ else
+ F=`expr "/$2" : '.*/\(.*\)[-.][ablmotxz2]*$'` || F=$prog
+ tmp=
+@@ -161,10 +156,10 @@ elif test $# -eq 2; then
+ mkdir -- "${TMPDIR-/tmp}/$prog.$$" || exit 2
+ tmp="${TMPDIR-/tmp}/$prog.$$"
+ fi
+- $xz2 -cdfq -- "$2" > "$tmp/$F" || exit 2
++ $xz2 -cdf -- "$2" > "$tmp/$F" || exit 2
+ xz_status=$(
+ exec 4>&1
+- ($xz1 -cdfq -- "$1" 4>&-; echo $? >&4) 3>&- |
++ ($xz1 -cdf -- "$1" 4>&-; echo $? >&4) 3>&- |
+ eval "$cmp" - '"$tmp/$F"' >&3
+ )
+ cmp_status=$?
+@@ -175,7 +170,7 @@ elif test $# -eq 2; then
+ *)
+ xz_status=$(
+ exec 4>&1
+- ($xz1 -cdfq -- "$1" 4>&-; echo $? >&4) 3>&- |
++ ($xz1 -cdf -- "$1" 4>&-; echo $? >&4) 3>&- |
+ eval "$cmp" - '"$2"' >&3
+ );;
+ esac;;
+@@ -184,7 +179,7 @@ elif test $# -eq 2; then
+ *[-.][zZ] | *_z | *[-.][gx]z | *[-.]bz2 | *[-.]lzma | *.t[abglx]z | *.tbz2 | *[-.]lzo | *.tzo | -)
+ xz_status=$(
+ exec 4>&1
+- ($xz2 -cdfq -- "$2" 4>&-; echo $? >&4) 3>&- |
++ ($xz2 -cdf -- "$2" 4>&-; echo $? >&4) 3>&- |
+ eval "$cmp" '"$1"' - >&3
+ );;
+ *)
+@@ -197,5 +192,17 @@ else
+ fi
+
+ cmp_status=$?
+-test "$xz_status" -eq 0 || exit 2
++for num in $xz_status ; do
++ # 0 from decompressor means successful decompression. SIGPIPE from
++ # decompressor is possible when diff or cmp exits before the whole file
++ # has been decompressed. In that case we want to retain the exit status
++ # from diff or cmp. Note that using "trap '' PIPE" is not possible
++ # because gzip changes its behavior (including exit status) if SIGPIPE
++ # is ignored.
++ test "$num" -eq 0 && continue
++ test "$num" -ge 128 \
++ && test "$(kill -l "$num" 2> /dev/null)" = "PIPE" \
++ && continue
++ exit 2
++done
+ exit $cmp_status
diff -Nru xz-utils-5.2.5/debian/patches/0001-xzdiff-Trap-SIGPIPE.patch xz-utils-5.2.5/debian/patches/0001-xzdiff-Trap-SIGPIPE.patch
--- xz-utils-5.2.5/debian/patches/0001-xzdiff-Trap-SIGPIPE.patch 2020-12-28 11:20:29.000000000 +0100
+++ xz-utils-5.2.5/debian/patches/0001-xzdiff-Trap-SIGPIPE.patch 1970-01-01 01:00:00.000000000 +0100
@@ -1,33 +0,0 @@
-From: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
-Date: Thu, 24 Dec 2020 20:56:15 +0100
-Subject: xzdiff: Trap SIGPIPE
-MIME-Version: 1.0
-Content-Type: text/plain; charset="utf-8"
-Content-Transfer-Encoding: 8bit
-
-The `cmp' command will return early if a difference is found while the
-shell script is still invoking the decompressor which writes into the
-closed FD. This results in SIGPIPE / exit code 141.
-By ignoring SIGPIPE the real return code from `cmp' is observed which is
-`1' and xzdiff exits with `1'. Without ignoring SIGPIPE the exitcode 141
-is observed and xzdiff returns with `2'.
-
-Reported to Debian BTS as #844770. Change suggested by Étienne Mollierö.
-
-BTS: https://bugs.debian.org/844770
-
-Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
----
- src/scripts/xzdiff.in | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/src/scripts/xzdiff.in b/src/scripts/xzdiff.in
-index eb7825c..d343a88 100644
---- a/src/scripts/xzdiff.in
-+++ b/src/scripts/xzdiff.in
-@@ -1,4 +1,5 @@
- #!@POSIX_SHELL@
-+trap '' PIPE
-
- # Copyright (C) 1998, 2002, 2006, 2007 Free Software Foundation
- # Copyright (C) 1993 Jean-loup Gailly
diff -Nru xz-utils-5.2.5/debian/patches/0008-xz-Ignore-hard-link-count-if-not-deleting.patch xz-utils-5.2.5/debian/patches/0008-xz-Ignore-hard-link-count-if-not-deleting.patch
--- xz-utils-5.2.5/debian/patches/0008-xz-Ignore-hard-link-count-if-not-deleting.patch 2020-12-28 11:20:29.000000000 +0100
+++ xz-utils-5.2.5/debian/patches/0008-xz-Ignore-hard-link-count-if-not-deleting.patch 1970-01-01 01:00:00.000000000 +0100
@@ -1,42 +0,0 @@
-From: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
-Date: Sun, 27 Dec 2020 15:27:31 +0100
-Subject: xz: Ignore hard link count if not deleting.
-
-xz refuses to decompress a file which has more than one hard link. It
-can be reproduced by (as per Vincent):
-|$ echo foo > file1
-|$ xz file1
-|$ ln file1.xz file2.xz
-|$ xz -dk file1.xz
-|xz: file1.xz: Input file has more than one hard link, skipping
-
-This behaviour is consistent with `gzip' and `bzip2' but it is not
-documented. The `--force' option would ignore this restriction.
-
-I traced it back in `gzip' to the 90s but the change was not documented
-as why it was needed. It was moved, altered but not documented. At some
-point the error was restricted to <= 2 which might be related to disk
-quota.
-
-Ignore hard link count on input.
-
-Debian BTS: https://bugs.debian.org/975981
-Reported-by: Vincent Lefevre <vincent@vinc17.net>
-Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
----
- src/xz/file_io.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/xz/file_io.c b/src/xz/file_io.c
-index 0ba8db8..7703e08 100644
---- a/src/xz/file_io.c
-+++ b/src/xz/file_io.c
-@@ -698,7 +698,7 @@ io_open_src_real(file_pair *pair)
- goto error;
- }
-
-- if (pair->src_st.st_nlink > 1) {
-+ if (pair->src_st.st_nlink > 1 && !opt_keep_original) {
- message_warning(_("%s: Input file has more "
- "than one hard link, "
- "skipping"), pair->src_name);
diff -Nru xz-utils-5.2.5/debian/patches/0008-xz-Make-keep-accept-symlinks-hardlinks-and-setuid-se.patch xz-utils-5.2.5/debian/patches/0008-xz-Make-keep-accept-symlinks-hardlinks-and-setuid-se.patch
--- xz-utils-5.2.5/debian/patches/0008-xz-Make-keep-accept-symlinks-hardlinks-and-setuid-se.patch 1970-01-01 01:00:00.000000000 +0100
+++ xz-utils-5.2.5/debian/patches/0008-xz-Make-keep-accept-symlinks-hardlinks-and-setuid-se.patch 2021-03-02 21:50:25.000000000 +0100
@@ -0,0 +1,79 @@
+From: Lasse Collin <lasse.collin@tukaani.org>
+Date: Mon, 11 Jan 2021 23:41:16 +0200
+Subject: xz: Make --keep accept symlinks, hardlinks,
+ and setuid/setgid/sticky.
+
+Previously this required using --force but that has other
+effects too which might be undesirable. Changing the behavior
+of --keep has a small risk of breaking existing scripts but
+since this is a fairly special corner case I expect the
+likehood of breakage to be low enough.
+
+I think the new behavior is more logical. The only reason for
+the old behavior was to be consistent with gzip and bzip2.
+
+Thanks to Vincent Lefevre and Sebastian Andrzej Siewior.
+---
+ src/xz/file_io.c | 9 +++++----
+ src/xz/xz.1 | 14 ++++++++++++++
+ 2 files changed, 19 insertions(+), 4 deletions(-)
+
+diff --git a/src/xz/file_io.c b/src/xz/file_io.c
+index 0ba8db8..51554f4 100644
+--- a/src/xz/file_io.c
++++ b/src/xz/file_io.c
+@@ -536,8 +536,9 @@ io_open_src_real(file_pair *pair)
+ }
+
+ // Symlinks are not followed unless writing to stdout or --force
+- // was used.
+- const bool follow_symlinks = opt_stdout || opt_force;
++ // or --keep was used.
++ const bool follow_symlinks
++ = opt_stdout || opt_force || opt_keep_original;
+
+ // We accept only regular files if we are writing the output
+ // to disk too. bzip2 allows overriding this with --force but
+@@ -674,7 +675,7 @@ io_open_src_real(file_pair *pair)
+ }
+
+ #ifndef TUKLIB_DOSLIKE
+- if (reg_files_only && !opt_force) {
++ if (reg_files_only && !opt_force && !opt_keep_original) {
+ if (pair->src_st.st_mode & (S_ISUID | S_ISGID)) {
+ // gzip rejects setuid and setgid files even
+ // when --force was used. bzip2 doesn't check
+@@ -683,7 +684,7 @@ io_open_src_real(file_pair *pair)
+ // and setgid bits there.
+ //
+ // We accept setuid and setgid files if
+- // --force was used. We drop these bits
++ // --force or --keep was used. We drop these bits
+ // explicitly in io_copy_attr().
+ message_warning(_("%s: File has setuid or "
+ "setgid bit set, skipping"),
+diff --git a/src/xz/xz.1 b/src/xz/xz.1
+index 4c14425..497940a 100644
+--- a/src/xz/xz.1
++++ b/src/xz/xz.1
+@@ -392,6 +392,20 @@ should be used.
+ .TP
+ .BR \-k ", " \-\-keep
+ Don't delete the input files.
++.IP ""
++Since
++.B xz
++5.4.0,
++this option also makes
++.B xz
++compress or decompress even if the input is
++a symbolic link to a regular file,
++has more than one hard link,
++or has the setuid, setgid, or sticky bit set.
++The setuid, setgid, and sticky bits are not copied
++to the target file.
++In earlier versions this was only done with
++.BR \-\-force .
+ .TP
+ .BR \-f ", " \-\-force
+ This option has several effects:
diff -Nru xz-utils-5.2.5/debian/patches/0009-Scripts-Fix-exit-status-of-xzgrep.patch xz-utils-5.2.5/debian/patches/0009-Scripts-Fix-exit-status-of-xzgrep.patch
--- xz-utils-5.2.5/debian/patches/0009-Scripts-Fix-exit-status-of-xzgrep.patch 1970-01-01 01:00:00.000000000 +0100
+++ xz-utils-5.2.5/debian/patches/0009-Scripts-Fix-exit-status-of-xzgrep.patch 2021-03-02 21:50:25.000000000 +0100
@@ -0,0 +1,63 @@
+From: Lasse Collin <lasse.collin@tukaani.org>
+Date: Mon, 11 Jan 2021 23:28:52 +0200
+Subject: Scripts: Fix exit status of xzgrep.
+
+Omit the -q option from xz, gzip, and bzip2. With xz this shouldn't
+matter. With gzip it's important because -q makes gzip replace SIGPIPE
+with exit status 2. With bzip2 it's important because with -q bzip2
+is completely silent if input is corrupt while other decompressors
+still give an error message.
+
+Avoiding exit status 2 from gzip is important because bzip2 uses
+exit status 2 to indicate corrupt input. Before this commit xzgrep
+didn't recognize corrupt .bz2 files because xzgrep was treating
+exit status 2 as SIGPIPE for gzip compatibility.
+
+zstd still needs -q because otherwise it is noisy in normal
+operation.
+
+The code to detect real SIGPIPE didn't check if the exit status
+was due to a signal (>= 128) and so could ignore some other exit
+status too.
+---
+ src/scripts/xzgrep.in | 20 +++++++++++++-------
+ 1 file changed, 13 insertions(+), 7 deletions(-)
+
+diff --git a/src/scripts/xzgrep.in b/src/scripts/xzgrep.in
+index 28a777b..baec826 100644
+--- a/src/scripts/xzgrep.in
++++ b/src/scripts/xzgrep.in
+@@ -156,11 +156,11 @@ res=1
+
+ for i; do
+ case $i in
+- *[-.][zZ] | *_z | *[-.]gz | *.t[ag]z) uncompress="gzip -cdfq";;
+- *[-.]bz2 | *[-.]tbz | *.tbz2) uncompress="bzip2 -cdfq";;
+- *[-.]lzo | *[-.]tzo) uncompress="lzop -cdfq";;
+- *[-.]zst | *[-.]tzst) uncompress="zstd -cdfq";;
+- *) uncompress="$xz -cdfq";;
++ *[-.][zZ] | *_z | *[-.]gz | *.t[ag]z) uncompress="gzip -cdf";;
++ *[-.]bz2 | *[-.]tbz | *.tbz2) uncompress="bzip2 -cdf";;
++ *[-.]lzo | *[-.]tzo) uncompress="lzop -cdf";;
++ *[-.]zst | *[-.]tzst) uncompress="zstd -cdfq";; # zstd needs -q.
++ *) uncompress="$xz -cdf";;
+ esac
+ # Fail if xz or grep (or sed) fails.
+ xz_status=$(
+@@ -205,8 +205,14 @@ for i; do
+ # fail occurred previously, nothing worse can happen
+ test $res -gt 1 && continue
+
+- test "$xz_status" -eq 0 || test "$xz_status" -eq 2 \
+- || test "$(kill -l "$xz_status" 2> /dev/null)" = "PIPE" || r=2
++ if test "$xz_status" -eq 0; then
++ :
++ elif test "$xz_status" -ge 128 \
++ && test "$(kill -l "$xz_status" 2> /dev/null)" = "PIPE"; then
++ :
++ else
++ r=2
++ fi
+
+ # still no match
+ test $r -eq 1 && continue
diff -Nru xz-utils-5.2.5/debian/patches/series xz-utils-5.2.5/debian/patches/series
--- xz-utils-5.2.5/debian/patches/series 2020-12-28 11:20:29.000000000 +0100
+++ xz-utils-5.2.5/debian/patches/series 2021-03-02 21:50:25.000000000 +0100
@@ -1,8 +1,9 @@
-0001-xzdiff-Trap-SIGPIPE.patch
+0001-Scripts-Fix-exit-status-of-xzdiff-xzcmp.patch
0002-Scripts-Add-zstd-support-to-xzgrep.patch
0003-src-xz-xz.1-Correct-misused-two-fonts-macros.patch
0004-xz-Avoid-the-abbreviation-e.g.-on-the-man-page.patch
0005-xz-Protect-the-ellipsis-.-on-the-man-page-with.patch
0006-xz-Use-non-breaking-spaces-when-intentionally-using-.patch
0007-xz-Avoid-unneeded-f-escapes-on-the-man-page.patch
-0008-xz-Ignore-hard-link-count-if-not-deleting.patch
+0008-xz-Make-keep-accept-symlinks-hardlinks-and-setuid-se.patch
+0009-Scripts-Fix-exit-status-of-xzgrep.patch
Reply to: