aboutsummaryrefslogtreecommitdiff
path: root/src (follow)
AgeCommit message (Collapse)AuthorFilesLines
2023-03-07liblzma: Reword a few lines in filter.hJia Tan1-5/+5
2023-03-07liblzma: Improve documentation in filter.h.Jia Tan1-83/+143
All functions now explicitly specify parameter and return values. The notes and code annotations were moved before the parameter and return value descriptions for consistency. Also, the description above lzma_filter_encoder_is_supported() about not being able to list available filters was removed since lzma_str_list_filters() will do this.
2023-03-07liblzma: Avoid null pointer + 0 (undefined behavior in C).Lasse Collin10-23/+77
In the C99 and C17 standards, section 6.5.6 paragraph 8 means that adding 0 to a null pointer is undefined behavior. As of writing, "clang -fsanitize=undefined" (Clang 15) diagnoses this. However, I'm not aware of any compiler that would take advantage of this when optimizing (Clang 15 included). It's good to avoid this anyway since compilers might some day infer that pointer arithmetic implies that the pointer is not NULL. That is, the following foo() would then unconditionally return 0, even for foo(NULL, 0): void bar(char *a, char *b); int foo(char *a, size_t n) { bar(a, a + n); return a == NULL; } In contrast to C, C++ explicitly allows null pointer + 0. So if the above is compiled as C++ then there is no undefined behavior in the foo(NULL, 0) call. To me it seems that changing the C standard would be the sane thing to do (just add one sentence) as it would ensure that a huge amount of old code won't break in the future. Based on web searches it seems that a large number of codebases (where null pointer + 0 occurs) are being fixed instead to be future-proof in case compilers will some day optimize based on it (like making the above foo(NULL, 0) return 0) which in the worst case will cause security bugs. Some projects don't plan to change it. For example, gnulib and thus many GNU tools currently require that null pointer + 0 is defined: https://lists.gnu.org/archive/html/bug-gnulib/2021-11/msg00000.html https://www.gnu.org/software/gnulib/manual/html_node/Other-portability-assumptions.html In XZ Utils null pointer + 0 issue should be fixed after this commit. This adds a few if-statements and thus branches to avoid null pointer + 0. These check for size > 0 instead of ptr != NULL because this way bugs where size > 0 && ptr == NULL will likely get caught quickly. None of them are in hot spots so it shouldn't matter for performance. A little less readable version would be replacing ptr + offset with offset != 0 ? ptr + offset : ptr or creating a macro for it: #define my_ptr_add(ptr, offset) \ ((offset) != 0 ? ((ptr) + (offset)) : (ptr)) Checking for offset != 0 instead of ptr != NULL allows GCC >= 8.1, Clang >= 7, and Clang-based ICX to optimize it to the very same code as ptr + offset. That is, it won't create a branch. So for hot code this could be a good solution to avoid null pointer + 0. Unfortunately other compilers like ICC 2021 or MSVC 19.33 (VS2022) will create a branch from my_ptr_add(). Thanks to Marcin Kowalczyk for reporting the problem: https://github.com/tukaani-project/xz/issues/36
2023-03-07liblzma: Adjust container.h for consistency with filter.h.Jia Tan1-11/+9
2023-03-07liblzma: Fix small typos and reword a few things in filter.h.Jia Tan1-7/+6
2023-03-07liblzma: Convert list of flags in lzma_mt to bulleted list.Jia Tan1-3/+6
2023-03-07liblzma: Fix typo in documentation in container.hJia Tan1-1/+1
lzma_microlzma_decoder -> lzma_microlzma_encoder
2023-03-07liblzma: Improve documentation for container.hJia Tan1-53/+93
Standardizing each function to always specify parameters and return values. Also moved the parameters and return values to the end of each function description.
2023-03-07liblzma: Very minor API doc tweaks.Lasse Collin4-14/+14
Use "member" to refer to struct members as that's the term used by the C standard. Use lzma_options_delta.dist and such in docs so that in Doxygen's HTML output they will link to the doc of the struct member. Clean up a few trailing white spaces too.
2023-03-07liblzma: Adjust spacing in doc headers in bcj.h.Jia Tan1-7/+7
2023-03-07liblzma: Adjust documentation in bcj.h for consistent style.Jia Tan1-21/+22
2023-03-07liblzma: Rename field => member in documentation.Jia Tan7-95/+95
Also adjusted preset value => preset level.
2023-03-07liblzma: Silence a warning from MSVC.Lasse Collin1-1/+1
It gives C4146 here since unary minus with unsigned integer is still unsigned (which is the intention here). Doing it with substraction makes it clearer and avoids the warning. Thanks to Nathan Moinvaziri for reporting this.
2023-03-07liblzma: Improve documentation for stream_flags.hJia Tan1-30/+46
Standardizing each function to always specify parameters and return values. Also moved the parameters and return values to the end of each function description. A few small things were reworded and long sentences broken up.
2023-02-15liblzma: Improve documentation in lzma12.h.Jia Tan1-9/+23
All functions now explicitly specify parameter and return values.
2023-02-15liblzma: Improve documentation in check.h.Jia Tan1-13/+28
All functions now explicitly specify parameter and return values. Also moved the note about SHA-256 functions not being exported to the top of the file.
2023-02-15liblzma: Improve documentation in index.hJia Tan1-51/+126
All functions now explicitly specify parameter and return values.
2023-02-15liblzma: Reword a comment in index.h.Jia Tan1-2/+2
2023-02-15liblzma: Omit lzma_index_iter's internal field from Doxygen docs.Jia Tan1-1/+8
Add \private above this field and its sub-fields since it is not meant to be modified by users.
2023-02-15liblzma: Fix documentation for LZMA_MEMLIMIT_ERROR.Jia Tan1-1/+1
LZMA_MEMLIMIT_ERROR was missing the "<" character needed to put documentation after a member.
2023-02-15liblzma: Improve documentation for base.h.Jia Tan1-5/+25
Standardizing each function to always specify params and return values. Also fixed a small grammar mistake.
2023-02-15liblzma: Minor improvements to vli.h.Jia Tan1-7/+8
Added [out] annotations to parameters that are pointers and can have their value changed. Also added a clarification to lzma_vli_is_valid.
2023-02-15liblzma: Add comments for macros in delta.h.Jia Tan1-0/+8
Document LZMA_DELTA_DIST_MIN and LZMA_DELTA_DIST_MAX for completeness and to avoid Doxygen warnings.
2023-02-15liblzma: Improve documentation in index_hash.h.Jia Tan1-9/+27
All functions now explicitly specify parameter and return values. Also reworded the description of lzma_index_hash_init() for readability.
2023-02-03liblzma: Fix bug in lzma_str_from_filters() not checking filters[] length.Jia Tan1-0/+7
The bug is only a problem in applications that do not properly terminate the filters[] array with LZMA_VLI_UNKNOWN or have more than LZMA_FILTERS_MAX filters. This bug does not affect xz.
2023-02-03liblzma: Fix typos in comments in string_conversion.c.Jia Tan1-2/+2
2023-02-03liblzma: Clarify block encoder and decoder documentation.Jia Tan1-4/+11
Added a few sentences to the description for lzma_block_encoder() and lzma_block_decoder() to highlight that the Block Header must be coded before calling these functions.
2023-02-03Update lzma_block documentation for lzma_block_uncomp_encode().Jia Tan1-0/+3
2023-02-03liblzma: Minor edits to lzma_block header_size documentation.Jia Tan1-1/+2
2023-02-03liblzma: Enumerate functions that read version in lzma_block.Jia Tan1-2/+11
2023-02-03liblzma: Clarify comment in block.h.Jia Tan1-1/+2
2023-02-03liblzma: Improve documentation for block.h.Jia Tan1-21/+75
Standardizing each function to always specify params and return values. Output pointer parameters are also marked with doxygen style [out] to make it clear. Any note sections were also moved above the parameter and return sections for consistency.
2023-02-03liblzma: Clarify a comment about LZMA_STR_NO_VALIDATION.Jia Tan1-2/+3
The flag description for LZMA_STR_NO_VALIDATION was previously confusing about the treatment for filters than cannot be used with .xz format (lzma1) without using LZMA_STR_ALL_FILTERS. Now, it is clear that LZMA_STR_NO_VALIDATION is not a super set of LZMA_STR_ALL_FILTERS.
2023-02-03liblzma: Fix documentation in filter.h for lzma_str_to_filters()Jia Tan1-1/+1
The previous documentation for lzma_str_to_filters() was technically correct, but misleading. lzma_str_to_filters() returns NULL on success, which is in practice always defined to 0. This is the same value as LZMA_OK, but lzma_str_to_filters() does not return lzma_ret so we should be more clear.
2023-02-03xz: Refactor duplicated check for custom suffix when using --format=rawJia Tan3-18/+24
2023-02-03liblzma: Set documentation on all reserved fields to private.Jia Tan7-0/+173
This prevents the reserved fields from being part of the generated Doxygen documentation.
2023-02-03liblzma: Highlight liblzma API headers should not be included directly.Jia Tan14-28/+42
This improves the generated Doxygen HTML files to better highlight how to properly use the liblzma API header files.
2023-02-03tuklib_physmem: Silence warning from -Wcast-function-type on MinGW-w64.Jia Tan1-0/+18
tuklib_physmem depends on GetProcAddress() for both MSVC and MinGW-w64 to retrieve a function address. The proper way to do this is to cast the return value to the type of function pointer retrieved. Unfortunately, this causes a cast-function-type warning, so the best solution is to simply ignore the warning.
2023-02-03xz: Add missing comment for coder_set_compression_settings()Jia Tan1-1/+2
2023-02-03xz: Do not set compression settings with raw format in list mode.Jia Tan1-1/+2
Calling coder_set_compression_settings() in list mode with verbose mode on caused the filter chain and memory requirements to print. This was unnecessary since the command results in an error and not consistent with other formats like lzma and alone.
2023-02-03xz: Use ssize_t for the to-be-ignored return value from write(fd, ptr, 1).Lasse Collin1-1/+1
It makes no difference here as the return value fits into an int too and it then gets ignored but this looks better.
2023-02-03xz: Silence warnings from -Wsign-conversion in a 32-bit build.Lasse Collin2-3/+3
2023-02-03liblzma: Silence another warning from -Wsign-conversion in a 32-bit build.Lasse Collin1-3/+4
It doesn't warn on a 64-bit system because truncating a ptrdiff_t (signed long) to uint32_t is diagnosed under -Wconversion by GCC and -Wshorten-64-to-32 by Clang.
2023-02-03liblzma: Silence a warning from -Wsign-conversion in a 32-bit build.Lasse Collin1-2/+2
2023-02-03liblzma: Silence warnings from clang -Wconditional-uninitialized.Lasse Collin2-4/+6
This is similar to 2ce4f36f179a81d0c6e182a409f363df759d1ad0. The actual initialization of the variables is done inside mythread_sync() macro. Clang doesn't seem to see that the initialization code inside the macro is always executed.
2023-02-03Fix warnings from clang -Wdocumentation.Lasse Collin3-8/+4
2023-01-11Bump version and soname for 5.4.1.larhzu/v5.4.1Lasse Collin2-2/+2
2023-01-11sysdefs.h: Don't include strings.h anymore.Lasse Collin1-6/+0
On some platforms src/xz/suffix.c may need <strings.h> for strcasecmp() but suffix.c includes the header when it needs it. Unless there is an old system that otherwise supports enough C99 to build XZ Utils but doesn't have C89/C90-compatible <string.h>, there should be no need to include <strings.h> in sysdefs.h.
2023-01-11xz: Include <strings.h> in suffix.c if needed for strcasecmp().Lasse Collin1-0/+3
SUSv2 and POSIX.1‐2017 declare only a few functions in <strings.h>. Of these, strcasecmp() is used on some platforms in suffix.c. Nothing else in the project needs <strings.h> (at least if building on a modern system). sysdefs.h currently includes <strings.h> if HAVE_STRINGS_H is defined and suffix.c relied on this. Note that dos/config.h doesn't #define HAVE_STRINGS_H even though DJGPP does have strings.h. It isn't needed with DJGPP as strcasecmp() is also in <string.h> in DJGPP.
2023-01-11xz: Fix warning -Wformat-nonliteral on clang in message.c.Jia Tan1-0/+9
clang and gcc differ in how they handle -Wformat-nonliteral. gcc will allow a non-literal format string as long as the function takes its format arguments as a va_list.
2023-01-11liblzma: CLMUL CRC64: Work around a bug in MSVC, second attempt.Lasse Collin1-0/+18
This affects only 32-bit x86 builds. x86-64 is OK as is. I still cannot easily test this myself. The reporter has tested this and it passes the tests included in the CMake build and performance is good: raw CRC64 is 2-3 times faster than the C version of the slice-by-four method. (Note that liblzma doesn't include a MSVC-compatible version of the 32-bit x86 assembly code for the slice-by-four method.) Thanks to Iouri Kharon for figuring out a fix, testing, and benchmarking.
2023-01-10Revert "liblzma: CLMUL CRC64: Workaround a bug in MSVC (VS2015-2022)."Lasse Collin1-6/+0
This reverts commit 36edc65ab4cf10a131f239acbd423b4510ba52d5. It was reported that it wasn't a good enough fix and MSVC still produced (different kind of) bad code when building for 32-bit x86 if optimizations are enabled. Thanks to Iouri Kharon.
2023-01-10sysdefs.h: Fix a comment.Lasse Collin1-1/+1
2023-01-10sysdefs.h: Don't include memory.h anymore even if it were available.Lasse Collin1-6/+2
It quite probably was never needed, that is, any system where memory.h was required likely couldn't compile XZ Utils for other reasons anyway. XZ Utils 5.2.6 and later source packages were generated using Autoconf 2.71 which no longer defines HAVE_MEMORY_H. So the code being removed is no longer used anyway.
2023-01-09liblzma: CLMUL CRC64: Workaround a bug in MSVC (VS2015-2022).Lasse Collin1-0/+6
I haven't tested with MSVC myself and there doesn't seem to be information about the problem online, so I'm relying on the bug report. Thanks to Iouri Kharon for the bug report and the patch.
2023-01-09liblzma: Remove common.h include from common/index.h.Jia Tan4-2/+10
common/index.h is needed by liblzma internally and tests. common.h will include and define many things that are not needed by the tests. Also, this prevents include order problems because both common.h and lzma.h define LZMA_API. On most platforms it results only in a warning but on Windows it would break the build as the definition in common.h must be used only for building liblzma itself.
2023-01-09liblzma: Add NULL check to lzma_index_hash_append.Jia Tan1-1/+1
This is for consistency with lzma_index_append.
2023-01-09liblzma: Replaced hardcoded 0x0 index indicator byte with macroJia Tan6-5/+9
2023-01-09Style: Change #if !defined() to #ifndef in mythread.h.Jia Tan1-1/+1
2023-01-05Build: Only define HAVE_PROGRAM_INVOCATION_NAME if it is set to 1.Jia Tan2-2/+2
HAVE_DECL_PROGRAM_INVOCATION_NAME is renamed to HAVE_PROGRAM_INVOCATION_NAME. Previously, HAVE_DECL_PROGRAM_INVOCATION_NAME was always set when building with autotools. CMake would only set this when it was 1, and the dos/config.h did not define it. The new macro definition is consistent across build systems.
2023-01-05xz: Includes <time.h> and <sys/time.h> conditionally in mytime.c.Jia Tan1-1/+3
Previously, mytime.c depended on mythread.h for <time.h> to be included.
2023-01-05liblzma: Includes sys/time.h conditionally in mythreadJia Tan1-1/+7
Previously, <sys/time.h> was always included, even if mythread only used clock_gettime. <time.h> is still needed even if clock_gettime is not used though because struct timespec is needed for mythread_condtime.
2023-01-05Build: No longer require HAVE_DECL_CLOCK_MONOTONIC to always be set.Jia Tan2-5/+4
Previously, if threading was enabled HAVE_DECL_CLOCK_MONOTONIC would always be set to 0 or 1. However, this macro was needed in xz so if xz was not built with threading and HAVE_DECL_CLOCK_MONOTONIC was not defined but HAVE_CLOCK_GETTIME was, it caused a warning during build. Now, HAVE_DECL_CLOCK_MONOTONIC has been renamed to HAVE_CLOCK_MONOTONIC and will only be set if it is 1.
2022-12-28liblzma: Update documentation for lzma_filter_encoder.Jia Tan1-2/+5
2022-12-20liblzma: Fix lzma_microlzma_encoder() return value.Jia Tan1-1/+2
Using return_if_error on lzma_lzma_lclppb_encode was improper because return_if_error is expecting an lzma_ret value, but lzma_lzma_lclppb_encode returns a boolean. This could result in lzma_microlzma_encoder, which would be misleading for applications.
2022-12-20liblzma: Update authors list in arm64.c.Lasse Collin1-0/+1
2022-12-13Bump version to 5.4.0 and soname to 5.4.0.larhzu/v5.4.0Lasse Collin4-6/+6
2022-12-11xz: Rename --experimental-arm64 to --arm64.Lasse Collin1-1/+1
2022-12-11liblzma: Change LZMA_FILTER_ARM64 to the official Filter ID 0x0A.Lasse Collin1-5/+1
2022-12-08xz: Make args_info.files_name a const pointer.Lasse Collin2-2/+2
2022-12-08xz: Don't modify argv[].Lasse Collin1-4/+19
The code that parses --memlimit options and --block-list modified the argv[] when parsing the option string from optarg. This was visible in "ps auxf" and such and could be confusing. I didn't understand it back in the day when I wrote that code. Now a copy is allocated when modifiable strings are needed.
2022-12-08liblzma: Check for unexpected NULL pointers in block_header_decode().Lasse Collin1-0/+4
The API docs gave an impression that such checks are done but they actually weren't done. In practice it made little difference since the calling code has a bug if these are NULL. Thanks to Jia Tan for the original patch that checked for block->filters == NULL.
2022-12-01Bump version number for 5.3.5beta.larhzu/v5.3.5betaLasse Collin3-12/+12
This also sorts the symbol names alphabetically in liblzma_*.map.
2022-12-01liblzma: Use __has_attribute(__symver__) to fix Clang detection.Lasse Collin1-1/+14
If someone sets up Clang to define __GNUC__ to 10 or greater then symvers broke. __has_attribute is supported by such GCC and Clang versions that don't support __symver__ so this should be much better and simpler way to detect if __symver__ is actually supported. Thanks to Tomasz Gajc for the bug report.
2022-12-01liblzma: Omit zero-skipping from ARM64 filter.Lasse Collin2-59/+24
It has some complicated downsides and its usefulness is more limited than I originally thought. So this change is bad for certain very specific situations but a generic solution that works for other filters (and is otherwise better too) is planned anyway. And this way 7-Zip can use the same compatible filter for the .7z format. This is still marked as experimental with a new temporary Filter ID.
2022-12-01xz: Omit the special notes about ARM64 filter on the man page.Lasse Collin1-3/+2
2022-12-01liblzma: Don't be over-specific in lzma_str_to_filters API doc.Lasse Collin1-2/+1
2022-12-01liblzma: Silence unused variable warning when BCJ filters are disabled.Lasse Collin1-0/+15
Thanks to Jia Tan for the original patch.
2022-11-30xz: Remove message_filters_to_str function prototype from message.h.Jia Tan1-16/+0
This was forgotten from 7484744af6cbabe81e92af7d9e061dfd597fff7b.
2022-11-29liblzma: Improve documentation for string to filter functions.Jia Tan1-8/+9
2022-11-29liblzma: Two fixes to lzma_str_list_filters() API docs.Lasse Collin1-3/+3
Thanks to Jia Tan.
2022-11-28xz: Use lzma_str_from_filters().Lasse Collin2-175/+28
Two uses: Displaying encoder filter chain when compressing with -vv, and displaying the decoder filter chain in --list -vv.
2022-11-28liblzma: Add lzma_str_to_filters, _from_filters, and _list_filters.Lasse Collin5-0/+1567
lzma_str_to_filters() uses static error messages which makes them not very precise. It tells the position in the string where an error occurred though which helps quite a bit if applications take advantage of it. Dynamic error messages can be added later with a new flag if it seems important enough.
2022-11-28liblzma: Make lzma_validate_chain() available outside filter_common.c.Lasse Collin2-4/+7
2022-11-28liblzma: Remove lzma_lz_decoder_uncompressed() as it's now unused.Lasse Collin2-17/+0
2022-11-28liblzma: Use LZMA1EXT feature in lzma_microlzma_decoder().Lasse Collin1-7/+8
Here too this avoids the slightly ugly method to set the uncompressed size. Also moved the setting of dict_size to the struct initializer.
2022-11-28liblzma: Use LZMA1EXT feature in lzma_alone_decoder().Lasse Collin1-5/+13
This avoids the need to use the slightly ugly method to set the uncompressed size.
2022-11-27liblzma: Add LZMA_FILTER_LZMA1EXT to support LZMA1 without end marker.Lasse Collin9-15/+204
Some file formats need support for LZMA1 streams that don't use the end of payload marker (EOPM) alias end of stream (EOS) marker. So far liblzma API has supported decompressing such streams via lzma_alone_decoder() when .lzma header specifies a known uncompressed size. Encoding support hasn't been available in the API. Instead of adding a new LZMA1-only API for this purpose, this commit adds a new filter ID for use with raw encoder and decoder. The main benefit of this approach is that then also filter chains are possible, for example, if someone wants to implement support for .7z files that use the x86 BCJ filter with LZMA1 (not BCJ2 as that isn't supported in liblzma).
2022-11-27liblzma: Avoid unneeded use of void pointer in LZMA decoder.Lasse Collin2-3/+2
2022-11-27liblzma: Pass the Filter ID to LZ encoder and decoder.Lasse Collin14-12/+26
This allows using two Filter IDs with the same initialization function and data structures.
2022-11-27liblzma: Remove two FIXME comments.Lasse Collin1-2/+2
2022-11-26xz: Use lzma_filters_free().Lasse Collin1-6/+2
2022-11-26liblzma: Use lzma_filters_free() in more places.Lasse Collin3-38/+8
2022-11-25liblzma: Omit simple coder init functions if they are disabled.Lasse Collin6-0/+24
2022-11-24xz: Allow nice_len 2 and 3 even if match finder requires 3 or 4.Lasse Collin1-5/+0
Now that liblzma accepts these, we avoid the extra check and there's one message less for translators too.
2022-11-24liblzma: Allow nice_len 2 and 3 even if match finder requires 3 or 4.Lasse Collin3-8/+26
That is, if the specified nice_len is smaller than the minimum of the match finder, silently use the match finder's minimum value instead of reporting an error. The old behavior is annoying to users and it complicates xz options handling too.
2022-11-24liblzma: Add lzma_filters_update() support to the multi-threaded encoder.Lasse Collin2-23/+109
A tiny downside of this is that now a 1-4 tiny allocations are made for every Block because each worker thread needs its own copy of the filter chain.
2022-11-24Build: Don't put GNU/Linux-specific symbol versions into static liblzma.Lasse Collin1-0/+12
It not only makes no sense to put symbol versions into a static library but it can also cause breakage. By default Libtool #defines PIC if building a shared library and doesn't define it for static libraries. This is documented in the Libtool manual. It can be overriden using --with-pic or --without-pic. configure.ac detects if --with-pic or --without-pic is used and then gives an error if neither --disable-shared nor --disable-static was used at the same time. Thus, in normal situations it works to build both shared and static library at the same time on GNU/Linux, only --with-pic or --without-pic requires that only one type of library is built. Thanks to John Paul Adrian Glaubitz from Debian for reporting the problem that occurred on ia64: https://www.mail-archive.com/xz-devel@tukaani.org/msg00610.html
2022-11-24liblzma: Refactor to use lzma_filters_free().Lasse Collin2-21/+6
lzma_filters_free() sets the options to NULL and ids to LZMA_VLI_UNKNOWN so there is no need to do it by caller; the filter arrays will always be left in a safe state. Also use memcpy() instead of a loop to copy a filter chain when it is known to be safe to copy LZMA_FILTERS_MAX + 1 (even if the elements past the terminator might be uninitialized).
2022-11-24liblzma: Fix another invalid free() after memory allocation failure.Lasse Collin1-0/+4
This time it can happen when lzma_stream_encoder_mt() is used to reinitialize an existing multi-threaded Stream encoder and one of 1-4 tiny allocations in lzma_filters_copy() fail. It's very similar to the previous bug 10430fbf3820dafd4eafd38ec8be161a6978ed2b, happening with an array of lzma_filter structures whose old options are freed but the replacement never arrives due to a memory allocation failure in lzma_filters_copy().
2022-11-24liblzma: Add support for LZMA_SYNC_FLUSH in the Block encoder.Jia Tan1-0/+1
The documentation mentions that lzma_block_encoder() supports LZMA_SYNC_FLUSH but it was never added to supported_actions[] in the internal structure. Because of this, LZMA_SYNC_FLUSH could not be used with the Block encoder unless it was the next coder after something like stream_encoder() or stream_encoder_mt().
2022-11-24liblzma: Add new API function lzma_filters_free().Lasse Collin4-0/+49
This is small but convenient and should have been added a long time ago.
2022-11-23liblzma: Add lzma_attr_warn_unused_result to lzma_filters_copy().Lasse Collin1-1/+2
2022-11-23liblzma: Fix invalid free() after memory allocation failure.Lasse Collin1-8/+31
The bug was in the single-threaded .xz Stream encoder in the code that is used for both re-initialization and for lzma_filters_update(). To trigger it, an application had to either re-initialize an existing encoder instance with lzma_stream_encoder() or use lzma_filters_update(), and then one of the 1-4 tiny allocations in lzma_filters_copy() (called from stream_encoder_update()) must fail. An error was correctly reported but the encoder state was corrupted. This is related to the recent fix in f8ee61e74eb40600445fdb601c374d582e1e9c8a which is good but it wasn't enough to fix the main problem in stream_encoder.c.
2022-11-22liblzma: Fix language in a comment.Lasse Collin1-1/+1
2022-11-22liblzma: Fix infinite loop in LZMA encoder init with dict_size >= 2 GiB.Lasse Collin1-4/+15
The encoder doesn't support dictionary sizes larger than 1536 MiB. This is validated, for example, when calculating the memory usage via lzma_raw_encoder_memusage(). It is also enforced by the LZ part of the encoder initialization. However, LZMA encoder with LZMA_MODE_NORMAL did an unsafe calculation with dict_size before such validation and that results in an infinite loop if dict_size was 2 << 30 or greater.
2022-11-21liblzma: Fix two Doxygen commands in the API headers.Lasse Collin2-2/+2
These were caught by clang -Wdocumentation.
2022-11-19xz: Refactor duplicate code from hardware_memlimit_mtenc_get().Lasse Collin1-1/+1
2022-11-19xz: Add support --threads=+N so that -T+1 gives threaded mode.Lasse Collin4-6/+51
2022-11-15Bump version number for 5.3.4alpha.larhzu/v5.3.4alphaLasse Collin3-3/+3
2022-11-14Revert "liblzma: Simple/BCJ filters: Allow disabling generic BCJ options."Lasse Collin9-11/+10
This reverts commit 177bdc922cb17bd0fd831ab8139dfae912a5c2b8 and also does equivalent change to arm64.c. Now that ARM64 filter will use lzma_options_bcj, this change is not needed anymore.
2022-11-14Replace the experimental ARM64 filter with a new experimental version.Lasse Collin11-287/+147
This is incompatible with the previous version. This has space/tab fixes in filter_*.c and bcj.h too.
2022-11-14liblzma: Add fast CRC64 for 32/64-bit x86 using SSSE3 + SSE4.1 + CLMUL.Lasse Collin2-9/+461
It also works on E2K as it supports these intrinsics. On x86-64 runtime detection is used so the code keeps working on older processors too. A CLMUL-only build can be done by using -msse4.1 -mpclmul in CFLAGS and this will reduce the library size since the generic implementation and its 8 KiB lookup table will be omitted. On 32-bit x86 this isn't used by default for now because by default on 32-bit x86 the separate assembly file crc64_x86.S is used. If --disable-assembler is used then this new CLMUL code is used the same way as on 64-bit x86. However, a CLMUL-only build (-msse4.1 -mpclmul) won't omit the 8 KiB lookup table on 32-bit x86 due to a currently-missing check for disabled assembler usage. The configure.ac check should be such that the code won't be built if something in the toolchain doesn't support it but --disable-clmul-crc option can be used to unconditionally disable this feature. CLMUL speeds up decompression of files that have compressed very well (assuming CRC64 is used as a check type). It is know that the CLMUL code is significantly slower than the generic code for tiny inputs (especially 1-8 bytes but up to 16 bytes). If that is a real-world problem then there is already a commented-out variant that uses the generic version for small inputs. Thanks to Ilya Kurdyukov for the original patch which was derived from a white paper from Intel [1] (published in 2009) and public domain code from [2] (released in 2016). [1] https://www.intel.com/content/dam/www/public/us/en/documents/white-papers/fast-crc-computation-generic-polynomials-pclmulqdq-paper.pdf [2] https://github.com/rawrunprotected/crc
2022-11-14liblzma: Use __attribute__((__constructor__)) if available.Lasse Collin3-1/+13
This uses it for CRC table initializations when using --disable-small. It avoids mythread_once() overhead. It also means that then --disable-small --disable-threads is thread-safe if this attribute is supported.
2022-11-11liblzma: Fix building with Intel ICC (the classic compiler).Lasse Collin1-1/+1
It claims __GNUC__ >= 10 but doesn't support __symver__ attribute. Thanks to Stephen Sachs.
2022-11-11liblzma: Fix incorrect #ifdef for x86 SSE2 support.Lasse Collin1-2/+1
__SSE2__ is the correct macro for SSE2 support with GCC, Clang, and ICC. __SSE2_MATH__ means doing floating point math with SSE2 instead of 387. Often the latter macro is defined if the first one is but it was still a bug.
2022-11-11xzdiff: Add support for .lz files.Lasse Collin1-5/+5
The other scripts don't need changes for .lz support because in those scripts it is enough that xz supports .lz.
2022-11-11Scripts: Ignore warnings from xz.Lasse Collin4-7/+8
In practice this means making the scripts work when the input files have an unsupported check type which isn't a problem in practice unless support for some check types has been disabled at build time.
2022-11-09xz: Update the man page about BCJ filters, including upcoming --arm64.Lasse Collin1-37/+29
The --arm64 isn't actually implemented yet in the form described in this commit. Thanks to Jia Tan.
2022-11-09xz: Add --arm64 to --long-help and omit endianness from ARM(-Thumb).Lasse Collin1-2/+3
Modern 32-bit ARM in big endian mode use little endian for instruction encoding still, so the filters work on such executables too. It's likely less confusing for users this way. The --arm64 option hasn't been implemented yet (there is --experimental-arm64 but it's different). The --arm64 option is added now anyway because this is the likely result and the strings need to be ready for translators. Thanks to Jia Tan.
2022-11-09xz: Remove the commented-out FORMAT_GZIP, gzip, .gz, and .tgz.Lasse Collin3-12/+0
2022-11-09xz: Add .lz (lzip) decompression support.Lasse Collin6-13/+141
If configured with --disable-lzip-decoder then --long-help will still list `lzip' in --format but I left it like that since due to translations it would be messy to have two help strings. Features are disabled only in special situations so wrong help in such a situation shouldn't matter much. Thanks to Michał Górny for the original patch.
2022-11-09liblzma: Add .lz support to lzma_auto_decoder().Lasse Collin4-11/+47
Thanks to Michał Górny for the original patch.
2022-11-09liblzma: Add .lz (lzip) decompression support (format versions 0 and 1).Lasse Collin5-2/+480
Support for format version 0 was removed from lzip 1.18 for some reason. .lz format version 0 files are rare (and old) but some source packages were released in this format, and some people might have personal files in this format too. It's very little extra code to support it along side format version 1 so this commits adds support for both. The Sync Flush marker extentension to the original .lz format version 1 isn't supported. It would require changes to the LZMA decoder itself. Such files are very rare anyway. See the API doc for lzma_lzip_decoder() for more details about the .lz format support. Thanks to Michał Górny for the original patch.
2022-11-09liblzma: Add the missing Makefile.inc change for --disable-microlzma.Lasse Collin1-2/+10
This was forgotten from commit 59c4d6e1390f6f4176f43ac1dad1f7ac03c449b8.
2022-11-09xz: Add comments about stdin and src_st.st_size.Lasse Collin2-0/+13
"xz -v < regular_file > out.xz" doesn't display the percentage and estimated remaining time because it doesn't even try to check the input file size when input is read from stdin. This could be improved but for now there's just a comment to remind about it.
2022-11-09xz: Fix displaying of file sizes in progress indicator in passthru mode.Lasse Collin1-1/+5
It worked for one input file since the counters are zero when xz starts but they weren't reset when starting a new file in passthru mode. For example, if files A, B, and C are one byte each, then "xz -dcvf A B C" would show file sizes as 1, 2, and 3 bytes instead of 1, 1, and 1 byte.
2022-11-09xz: Add a comment why --to-stdout is not in --help.Lasse Collin1-0/+3
It is on the man page still.
2022-11-08xz: Make xz -lvv show that the upcoming --arm64 needs 5.4.0 to decompress.Lasse Collin1-5/+15
2022-11-08liblzma: Update API docs about decoder flags.Lasse Collin1-4/+17
2022-11-08liblzma: Use the return_if_error() macro in alone_decoder.c.Lasse Collin1-4/+2
2022-11-08liblzma: Fix a comment in auto_decoder.c.Lasse Collin1-2/+2
2022-11-08xz: Initialize the pledge(2) sandbox at the very beginning of main().Lasse Collin1-13/+14
It feels better that the initializations are sandboxed too. They don't do anything that the pledge() call wouldn't allow.
2022-11-07xz: Extend --robot --info-memory output.Lasse Collin2-15/+56
Now it includes everything that the human-readable --info-memory shows.
2022-11-07liblzma: Include cached memory in reported memusage in threaded decoder.Lasse Collin1-3/+19
This affects lzma_memusage() and lzma_memlimit_set() when used with the threaded decompressor. Now all allocations are reported by lzma_memusage() (so it's not misleading) and lzma_memlimit_set() cannot lower the limit below that value. The alternative would have been to allow lowering the limit if doing so is possible by freeing the cached memory but since the primary use case of lzma_memlimit_set() is to increase memlimit after LZMA_MEMLIMIT_ERROR this simple approach was selected. The cached memory was always included when enforcing the memory usage limit while decoding. Thanks to Jia Tan.
2022-11-07xz: Avoid a compiler warning in progress_speed() in message.c.Jia Tan1-6/+3
This should be smaller too since it avoids the string constants.
2022-10-31Windows: Fix mythread_once() macro with Vista threads.Lasse Collin1-3/+4
Don't call InitOnceComplete() if initialization was already done. So far mythread_once() has been needed only when building with --enable-small. windows/build.bash does this together with --disable-threads so the Vista-specific mythread_once() is never needed by those builds. VS project files or CMake-builds don't support HAVE_SMALL builds at all.
2022-10-31liblzma: Silence -Wconversion warning from crc64_fast.c.Lasse Collin1-2/+3
2022-10-25xz: Fix --single-stream with an empty .xz Stream.Lasse Collin1-0/+9
Example: $ xz -dc --single-stream good-0-empty.xz xz: good-0-empty.xz: Internal error (bug) The code, that is tries to catch some input file issues early, didn't anticipate LZMA_STREAM_END which is possible in that code only when --single-stream is used.
2022-10-25xz: Add support for OpenBSD's pledge() sandbox.Lasse Collin3-1/+25
2022-10-25xz: Fix decompressor behavior if input uses an unsupported check type.Lasse Collin1-4/+15
Now files with unsupported check will make xz display a warning, set the exit status to 2 (unless --no-warn is used), and then decompress the file normally. This is how it was supposed to work since the beginning but this was broken by the commit 231c3c7098f1099a56abb8afece76fc9b8699f05, that is, a little before 5.0.0 was released. The buggy behavior displayed a message, set exit status 1 (error), and xz didn't attempt to to decompress the file. This doesn't matter today except for special builds that disable CRC64 or SHA-256 at build time (but such builds should be used in special situations only). The bug matters if new check type is added in the future and an old xz version is used to decompress such a file; however, it's likely that such files would use a new filter too and an old xz wouldn't be able to decompress the file anyway. The first hunk in the commit is the actual fix. The second hunk is a cleanup since LZMA_TELL_ANY_CHECK isn't used in xz. There is a test file for unsupported check type but it wasn't used by test_files.sh, perhaps due to different behavior between xz and the simpler xzdec.
2022-10-25xz: Clarify the man page: input file isn't removed if an error occurs.Lasse Collin1-2/+3
2022-10-25xz: Refactor to remove is_empty_filename().Lasse Collin3-17/+3
Long ago it was used in list.c too but nowadays it's needed only in io_open_src() so it's nicer to avoid a separate function.
2022-10-25xz: If input file cannot be removed, treat it as a warning, not error.Lasse Collin1-2/+2
Treating it as a warning (message + exit status 2) matches gzip and it seems more logical as at that point the output file has already been successfully closed. When it's a warning it is possible to suppress it with --no-warn.
2022-10-24liblzma: Threaded decoder: Stop the worker threads on errors.Lasse Collin1-7/+26
It's waste of CPU time and electricity to leave the unfinished worker threads running when it is known that their output will get ignored.
2022-10-20tuklib_cpucores: Use HW_NCPUONLINE on OpenBSD.Lasse Collin1-0/+9
On OpenBSD the number of cores online is often less than what HW_NCPU would return because OpenBSD disables simultaneous multi-threading (SMT) by default. Thanks to Christian Weisgerber.
2022-10-05liblzma: Fix a compilation issue when encoders are disabled.Jia Tan1-3/+4
When encoders were disabled and threading enabled, outqueue.c and outqueue.h were not compiled. The multi threaded decoder required these files, so compilation failed.
2022-10-05tuklib_integer: Add 64-bit endianness-converting reads and writes.Lasse Collin2-8/+47
Also update the comment in liblzma's memcmplen.h. Thanks to Michał Górny for the original patch for the reads.
2022-09-30liblzma: Add API doc note about the .xz decoder LZMA_MEMLIMIT_ERROR bug.Lasse Collin1-0/+11
The bug was fixed in 660739f99ab211edec4071de98889fb32ed04e98.
2022-09-28liblzma: Add dest and src NULL checks to lzma_index_cat.Jia Tan1-0/+3
The documentation states LZMA_PROG_ERROR can be returned from lzma_index_cat. Previously, lzma_index_cat could not return LZMA_PROG_ERROR. Now, the validation is similar to lzma_index_append, which does a NULL check on the index parameter.
2022-09-28liblzma: Fix copying of check type statistics in lzma_index_cat().Jia Tan1-1/+6
The check type of the last Stream in dest was never copied to dest->checks (the code tried to copy it but it was done too late). This meant that the value returned by lzma_index_checks() would only include the check type of the last Stream when multiple lzma_indexes had been concatenated. In xz --list this meant that the summary would only list the check type of the last Stream, so in this sense this was only a visual bug. However, it's possible that some applications use this information for purposes other than merely showing it to the users in an informational message. I'm not aware of such applications though and it's quite possible that such applications don't exist. Regular streamed decompression in xz or any other application doesn't use lzma_index_cat() and so this bug cannot affect them.
2022-09-28tuklib_physmem: Fix Unicode builds on Windows.Lasse Collin1-1/+1
Thanks to ArSaCiA Game.
2022-09-28liblzma: Stream decoder: Fix restarting after LZMA_MEMLIMIT_ERROR.Lasse Collin1-3/+13
If lzma_code() returns LZMA_MEMLIMIT_ERROR it is now possible to use lzma_memlimit_set() to increase the limit and continue decoding. This was supposed to work from the beginning but there was a bug. With other decoders (.lzma or threaded .xz) this already worked correctly.
2022-09-28liblzma: Stream decoder: Fix comments.Lasse Collin1-7/+5
2022-09-20liblzma: ARM64: Add comments.Lasse Collin1-0/+13
2022-09-20liblzma: ARM64: Fix wrong comment in API doc.Lasse Collin1-2/+2
Thanks to Jia Tan.
2022-09-19xz: Add --experimental-arm64[=width=WIDTH].Lasse Collin4-0/+60
It will be renamed to --arm64 once it is stable. Man page or --long-help weren't updated yet.
2022-09-19liblzma: Add experimental ARM64 BCJ filter with a temporary Filter ID.Lasse Collin9-1/+308
That is, the Filter ID will be changed once the design is final. The current version will be removed. So files created with the tempoary Filter ID won't be supported in the future.
2022-09-17liblzma: Simple/BCJ filters: Allow disabling generic BCJ options.Lasse Collin8-9/+10
This will be needed for the ARM64 BCJ filter as it will use its own options struct.
2022-09-16xzgrep: Fix compatibility with old shells.Lasse Collin1-3/+3
Running the current xzgrep on Slackware 10.1 with GNU bash 3.00.15: xzgrep: line 231: syntax error near unexpected token `;;' On SCO OpenServer 5.0.7 with Korn Shell 93r: syntax error at line 231 : `;;' unexpected Turns out that some old shells don't like apostrophes (') inside command substitutions. For example, the following fails: x=$(echo foo # asdf'zxcv echo bar) printf '%s\n' "$x" The problem was introduced by commits 69d1b3fc29677af8ade8dc15dba83f0589cb63d6 (2022-03-29), bd7b290f3fe4faeceb7d3497ed9bf2e6ed5e7dc5 (2022-07-18), and a648978b20495b7aa4a8b029c5a810b5ad9d08ff (2022-07-19). 5.2.6 is the only stable release that included this problem. Thanks to Kevin R. Bulgrien for reporting the problem on SCO OpenServer 5.0.7 and for providing the fix.
2022-09-09liblzma: lzma_filters_copy: Keep dest[] unmodified if an error occurs.Lasse Collin2-7/+15
lzma_stream_encoder() and lzma_stream_encoder_mt() always assumed this. Before this patch, failing lzma_filters_copy() could result in free(invalid_pointer) or invalid memory reads in stream_encoder.c or stream_encoder_mt.c. To trigger this, allocating memory for a filter options structure has to fail. These are tiny allocations so in practice they very rarely fail. Certain badness in the filter chain array could also make lzma_filters_copy() fail but both stream_encoder.c and stream_encoder_mt.c validate the filter chain before trying to copy it, so the crash cannot occur this way.
2022-09-08liblzma: lzma_index_append: Add missing integer overflow check.Jia Tan1-0/+4
The documentation in src/liblzma/api/lzma/index.h suggests that both the unpadded (compressed) size and the uncompressed size are checked for overflow, but only the unpadded size was checked. The uncompressed check is done first since that is more likely to occur than the unpadded or index field size overflows.
2022-09-08liblzma: Vaccinate against an ill patch from RHEL/CentOS 7.Lasse Collin9-14/+360
RHEL/CentOS 7 shipped with 5.1.2alpha, including the threaded encoder that is behind #ifdef LZMA_UNSTABLE in the API headers. In 5.1.2alpha these symbols are under XZ_5.1.2alpha in liblzma.map. API/ABI compatibility tracking isn't done between development releases so newer releases didn't have XZ_5.1.2alpha anymore. Later RHEL/CentOS 7 updated xz to 5.2.2 but they wanted to keep the exported symbols compatible with 5.1.2alpha. After checking the ABI changes it turned out that >= 5.2.0 ABI is backward compatible with the threaded encoder functions from 5.1.2alpha (but not vice versa as fixes and extensions to these functions were made between 5.1.2alpha and 5.2.0). In RHEL/CentOS 7, XZ Utils 5.2.2 was patched with xz-5.2.2-compat-libs.patch to modify liblzma.map: - XZ_5.1.2alpha was added with lzma_stream_encoder_mt and lzma_stream_encoder_mt_memusage. This matched XZ Utils 5.1.2alpha. - XZ_5.2 was replaced with XZ_5.2.2. It is clear that this was an error; the intention was to keep using XZ_5.2 (XZ_5.2.2 has never been used in XZ Utils). So XZ_5.2.2 lists all symbols that were listed under XZ_5.2 before the patch. lzma_stream_encoder_mt and _mt_memusage are included too so they are listed both here and under XZ_5.1.2alpha. The patch didn't add any __asm__(".symver ...") lines to the .c files. Thus the resulting liblzma.so exports the threaded encoder functions under XZ_5.1.2alpha only. Listing the two functions also under XZ_5.2.2 in liblzma.map has no effect without matching .symver lines. The lack of XZ_5.2 in RHEL/CentOS 7 means that binaries linked against unpatched XZ Utils 5.2.x won't run on RHEL/CentOS 7. This is unfortunate but this alone isn't too bad as the problem is contained within RHEL/CentOS 7 and doesn't affect users of other distributions. It could also be fixed internally in RHEL/CentOS 7. The second problem is more serious: In XZ Utils 5.2.2 the API headers don't have #ifdef LZMA_UNSTABLE for obvious reasons. This is true in RHEL/CentOS 7 version too. Thus now programs using new APIs can be compiled without an extra #define. However, the programs end up depending on symbol version XZ_5.1.2alpha (and possibly also XZ_5.2.2) instead of XZ_5.2 as they would with an unpatched XZ Utils 5.2.2. This means that such binaries won't run on other distributions shipping XZ Utils >= 5.2.0 as they don't provide XZ_5.1.2alpha or XZ_5.2.2; they only provide XZ_5.2 (and XZ_5.0). (This includes RHEL/CentOS 8 as the patch luckily isn't included there anymore with XZ Utils 5.2.4.) Binaries built by RHEL/CentOS 7 users get distributed and then people wonder why they don't run on some other distribution. Seems that people have found out about the patch and been copying it to some build scripts, seemingly curing the symptoms but actually spreading the illness further and outside RHEL/CentOS 7. The ill patch seems to be from late 2016 (RHEL 7.3) and in 2017 it had spread at least to EasyBuild. I heard about the events only recently. :-( This commit splits liblzma.map into two versions: one for GNU/Linux and another for other OSes that can use symbol versioning (FreeBSD, Solaris, maybe others). The Linux-specific file and the matching additions to .c files add full compatibility with binaries that have been built against a RHEL/CentOS-patched liblzma. Builds for OSes other than GNU/Linux won't get the vaccine as they should be immune to the problem (I really hope that no build script uses the RHEL/CentOS 7 patch outside GNU/Linux). The RHEL/CentOS compatibility symbols XZ_5.1.2alpha and XZ_5.2.2 are intentionally put *after* XZ_5.2 in liblzma_linux.map. This way if one forgets to #define HAVE_SYMBOL_VERSIONS_LINUX when building, the resulting liblzma.so.5 will have lzma_stream_encoder_mt@@XZ_5.2 since XZ_5.2 {...} is the first one that lists that function. Without HAVE_SYMBOL_VERSIONS_LINUX @XZ_5.1.2alpha and @XZ_5.2.2 will be missing but that's still a minor problem compared to only having lzma_stream_encoder_mt@@XZ_5.1.2alpha! The "local: *;" line was moved to XZ_5.0 so that it doesn't need to be moved around. It doesn't matter where it is put. Having two similar liblzma_*.map files is a bit silly as it is, at least for now, easily possible to generate the generic one from the Linux-specific file. But that adds extra steps and increases the risk of mistakes when supporting more than one build system. So I rather maintain two files in parallel and let validate_map.sh check that they are in sync when "make mydist" is run. This adds .symver lines for lzma_stream_encoder_mt@XZ_5.2.2 and lzma_stream_encoder_mt_memusage@XZ_5.2.2 even though these weren't exported by RHEL/CentOS 7 (only @@XZ_5.1.2alpha was for these two). I added these anyway because someone might misunderstand the RHEL/CentOS 7 patch and think that @XZ_5.2.2 (@@XZ_5.2.2) versions were exported too. At glance one could suggest using __typeof__ to copy the function prototypes when making aliases. However, this doesn't work trivially because __typeof__ won't copy attributes (lzma_nothrow, lzma_pure) and it won't change symbol visibility from hidden to default (done by LZMA_API()). Attributes could be copied with __copy__ attribute but that needs GCC 9 and a fallback method would be needed anyway. This uses __symver__ attribute with GCC >= 10 and __asm__(".symver ...") with everything else. The attribute method is required for LTO (-flto) support with GCC. Using -flto with GCC older than 10 is now broken on GNU/Linux and will not be fixed (can silently result in a broken liblzma build that has dangerously incorrect symbol versions). LTO builds with Clang seem to work with the traditional __asm__(".symver ...") method. Thanks to Boud Roukema for reporting the problem and discussing the details and testing the fix.
2022-08-22Bump version number for 5.3.3alpha.larhzu/v5.3.3alphaLasse Collin2-2/+2
2022-08-22xz: Try to clarify --memlimit-mt-decompress vs. --memlimit-compress.Lasse Collin1-12/+19
2022-08-19xz: Revise --info-memory output.Lasse Collin2-6/+27
The strings could be more descriptive but it's good to have some version of this committed now. --robot mode wasn't changed yet.
2022-08-19xz: Update the man page for threaded decompression and memlimits.Lasse Collin1-27/+121
This documents the changes made in commits 6c6da57ae2aa962aabde6892442227063d87e88c, cad299008cf73ec566f0662a9cf2b94f86a99659, and 898faa97287a756231c663a3ed5165672b417207. The --info-memory bit hasn't been finished yet even though it's already mentioned in this commit under --memlimit-mt-decompress and --threads.
2022-08-18liblzma: Threaded decoder: Improve LZMA_FAIL_FAST when LZMA_FINISH is used.Lasse Collin2-0/+48
It will now return LZMA_DATA_ERROR (not LZMA_OK or LZMA_BUF_ERROR) if LZMA_FINISH is used and there isn't enough input to finish decoding the Block Header or the Block. The use of LZMA_DATA_ERROR is simpler and the less risky than LZMA_BUF_ERROR but this might be changed before 5.4.0.
2022-07-25liblzma: Refactor lzma_mf_is_supported() to use a switch-statement.Jia Tan1-18/+14
2022-07-24xz: Update the man page that change to --keep will be in 5.2.6.Lasse Collin1-2/+2
2022-07-19xzgrep man page: Document exit statuses.Lasse Collin1-1/+14
2022-07-19xzgrep: Improve error handling, especially signals.Lasse Collin1-19/+53
xzgrep wouldn't exit on SIGPIPE or SIGQUIT when it clearly should have. It's quite possible that it's not perfect still but at least it's much better. If multiple exit statuses compete, now it tries to pick the largest of value. Some comments were added. The exit status handling of signals is still broken if the shell uses values larger than 255 in $? to indicate that a process died due to a signal ***and*** their "exit" command doesn't take this into account. This seems to work well with the ksh and yash versions I tried. However, there is a report in gzip/zgrep that OpenSolaris 5.11 (not 5.10) has a problem with "exit" truncating the argument to 8 bits: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=22900#25 Such a bug would break xzgrep but I didn't add a workaround at least for now. 5.11 is old and I don't know if the problem exists in modern descendants, or if the problem exists in other ksh implementations in use.
2022-07-19xzgrep: Make the fix for ZDI-CAN-16587 more robust.Lasse Collin1-1/+4
I don't know if this can make a difference in the real world but it looked kind of suspicious (what happens with sed implementations that cannot process very long lines?). At least this commit shouldn't make it worse.
2022-07-18xzgrep: Use grep -H --label when available (GNU, *BSDs).Lasse Collin1-0/+21
It avoids the use of sed for prefixing filenames to output lines. Using sed for that is slower and prone to security bugs so now the sed method is only used as a fallback. This also fixes an actual bug: When grepping a binary file, GNU grep nowadays prints its diagnostics to stderr instead of stdout and thus the sed-method for prefixing the filename doesn't work. So with this commit grepping binary files gives reasonable output with GNU grep now. This was inspired by zgrep but the implementation is different.
2022-07-18xzgrep: Use -e to specify the pattern to grep.Lasse Collin1-8/+4
Now we don't need the separate test for adding the -q option as it can be added directly in the two places where it's needed.
2022-07-18Scripts: Use printf instead of echo in a few places.Lasse Collin4-11/+11
It's a good habbit as echo has some portability corner cases when the string contents can be anything.
2022-07-17xzgrep: Add more LC_ALL=C to avoid bugs with multibyte characters.Lasse Collin1-6/+8
Also replace one use of expr with printf. The rationale for LC_ALL=C was already mentioned in 69d1b3fc29677af8ade8dc15dba83f0589cb63d6 that fixed a security issue. However, unrelated uses weren't changed in that commit yet. POSIX says that with sed and such tools one should use LC_ALL=C to ensure predictable behavior when strings contain byte sequences that aren't valid multibyte characters in the current locale. See under "Application usage" in here: https://pubs.opengroup.org/onlinepubs/9699919799/utilities/sed.html With GNU sed invalid multibyte strings would work without this; it's documented in its Texinfo manual. Some other implementations aren't so forgiving.
2022-07-17xzgrep: Fix parsing of certain options.Lasse Collin1-2/+17
Fix handling of "xzgrep -25 foo" (in GNU grep "grep -25 foo" is an alias for "grep -C25 foo"). xzgrep would treat "foo" as filename instead of as a pattern. This bug was fixed in zgrep in gzip in 2012. Add -E, -F, -G, and -P to the "no argument required" list. Add -X to "argument required" list. It is an intentionally-undocumented GNU grep option so this isn't an important option for xzgrep but it seems that other grep implementations (well, those that I checked) don't support -X so I hope this change is an improvement still. grep -d (grep --directories=ACTION) requires an argument. In contrast to zgrep, I kept -d in the "no argument required" list because it's not supported in xzgrep (or zgrep). This way "xzgrep -d" gives an error about option being unsupported instead of telling that it requires an argument. Both zgrep and xzgrep tell that it's unsupported if an argument is specified. Add comments.
2022-07-14liblzma: Rename a variable and improve a comment.Lasse Collin1-4/+9
2022-07-13liblzma: Add optional autodetection of LZMA end marker.Lasse Collin6-37/+86
Turns out that this is needed for .lzma files as the spec in LZMA SDK says that end marker may be present even if the size is stored in the header. Such files are rare but exist in the real world. The code in liblzma is so old that the spec didn't exist in LZMA SDK back then and I had understood that such files weren't possible (the lzma tool in LZMA SDK didn't create such files). This modifies the internal API so that LZMA decoder can be told if EOPM is allowed even when the uncompressed size is known. It's allowed with .lzma and not with other uses. Thanks to Karl Beldan for reporting the problem.
2022-07-12xz: Document the special memlimit case of 2000 MiB on MIPS32.Lasse Collin1-2/+6
See commit fc3d3a7296ef58bb799a73943636b8bfd95339f7.
2022-05-23liblzma: Silence a warning.Lasse Collin1-1/+1
The actual initialization is done via mythread_sync and seems that GCC doesn't necessarily see that it gets initialized there.
2022-04-14xz: Fix build with --disable-threads.Lasse Collin1-0/+4
2022-04-14xz: Change the cap of the default -T0 memlimit for 32-bit xz.Lasse Collin1-1/+3
The SIZE_MAX / 3 was 1365 MiB. 1400 MiB gives little more room and it looks like a round (artificial) number in --info-memory once --info-memory is made to display it. Also, using #if avoids useless code on 64-bit builds.
2022-04-14xz: Add a default soft memory usage limit for --threads=0.Lasse Collin3-11/+82
This is a soft limit in sense that it only affects the number of threads. It never makes xz fail and it never makes xz change settings that would affect the compressed output. The idea is to make -T0 have more reasonable behavior when the system has very many cores or when a memory-hungry compression options are used. This also helps with 32-bit xz, preventing it from running out of address space. The downside of this commit is that now the number of threads might become too low compared to what the user expected. I hope this to be an acceptable compromise as the old behavior has been a source of well-argued complaints for a long time.
2022-04-14xz: Make -T0 use multithreaded mode on single-core systems.Lasse Collin3-9/+27
The main problem withi the old behavior is that the compressed output is different on single-core systems vs. multicore systems. This commit fixes it by making -T0 one thread in multithreaded mode on single-core systems. The downside of this is that it uses more memory. However, if --memlimit-compress is used, xz can (thanks to the previous commit) drop to the single-threaded mode still.
2022-04-14xz: Changes to --memlimit-compress and --no-adjust.Lasse Collin1-20/+43
In single-threaded mode, --memlimit-compress can make xz scale down the LZMA2 dictionary size to meet the memory usage limit. This obviously affects the compressed output. However, if xz was in threaded mode, --memlimit-compress could make xz reduce the number of threads but it wouldn't make xz switch from multithreaded mode to single-threaded mode or scale down the LZMA2 dictionary size. This seemed illogical and there was even a "FIXME?" about it. Now --memlimit-compress can make xz switch to single-threaded mode if one thread in multithreaded mode uses too much memory. If memory usage is still too high, then the LZMA2 dictionary size can be scaled down too. The option --no-adjust was also changed so that it no longer prevents xz from scaling down the number of threads as that doesn't affect compressed output (only performance). After this commit --no-adjust only prevents adjustments that affect compressed output, that is, with --no-adjust xz won't switch from multithreaded mode to single-threaded mode and won't scale down the LZMA2 dictionary size. The man page wasn't updated yet.
2022-04-12xz: Add --memlimit-mt-decompress along with a default limit value.Lasse Collin5-42/+97
--memlimit-mt-decompress allows specifying the limit for multithreaded decompression. This matches memlimit_threading in liblzma. This limit can only affect the number of threads being used; it will never prevent xz from decompressing a file. The old --memlimit-decompress option is still used at the same time. If the value of --memlimit-decompress (the default value or one specified by the user) is less than the value of --memlimit-mt-decompress , then --memlimit-mt-decompress is reduced to match --memlimit-decompress. Man page wasn't updated yet.
2022-04-06liblzma: Threaded decoder: Improve setting of pending_error.Lasse Collin1-16/+35
It doesn't need to be done conditionally. The comments try to explain it.
2022-04-06liblzma: Add a new flag LZMA_FAIL_FAST for threaded decoder.Lasse Collin3-26/+56
In most cases if the input file is corrupt the application won't care about the uncompressed content at all. With this new flag the threaded decoder will return an error as soon as any thread has detected an error; it won't wait to copy out the data before the location of the error. I don't plan to use this in xz to keep the behavior consistent between single-threaded and multi-threaded modes.
2022-04-05liblzma: Threaded decoder: Always wait for output if LZMA_FINISH is used.Lasse Collin1-2/+24
This makes the behavior consistent with the single-threaded decoder when handling truncated .xz files. Thanks to Jia Tan for finding this issue.
2022-04-02liblzma: Threaded decoder: Support zpipe.c-style decoding loop.Lasse Collin1-10/+67
This makes it possible to call lzma_code() in a loop that only reads new input when lzma_code() didn't fill the output buffer completely. That isn't the calling style suggested by the liblzma example program 02_decompress.c so perhaps the usefulness of this feature is limited. Also, it is possible to write such a loop so that it works with the single-threaded decoder but not with the threaded decoder even after this commit, or so that it works only if lzma_mt.timeout = 0. The zlib tutorial <https://zlib.net/zlib_how.html> is a well-known example of a loop where more input is read only when output isn't full. Porting this as is to liblzma would work with the single-threaded decoder (if LZMA_CONCATENATED isn't used) but it wouldn't work with threaded decoder even after this commit because the loop assumes that no more output is possible when it cannot read more input ("if (strm.avail_in == 0) break;"). This cannot be fixed at liblzma side; the loop has to be modified at least a little. I'm adding this in any case because the actual code is simple and short and should have no harmful side-effects in other situations.
2022-03-29xzgrep: Fix escaping of malicious filenames (ZDI-CAN-16587).Lasse Collin1-8/+12
Malicious filenames can make xzgrep to write to arbitrary files or (with a GNU sed extension) lead to arbitrary code execution. xzgrep from XZ Utils versions up to and including 5.2.5 are affected. 5.3.1alpha and 5.3.2alpha are affected as well. This patch works for all of them. This bug was inherited from gzip's zgrep. gzip 1.12 includes a fix for zgrep. The issue with the old sed script is that with multiple newlines, the N-command will read the second line of input, then the s-commands will be skipped because it's not the end of the file yet, then a new sed cycle starts and the pattern space is printed and emptied. So only the last line or two get escaped. One way to fix this would be to read all lines into the pattern space first. However, the included fix is even simpler: All lines except the last line get a backslash appended at the end. To ensure that shell command substitution doesn't eat a possible trailing newline, a colon is appended to the filename before escaping. The colon is later used to separate the filename from the grep output so it is fine to add it here instead of a few lines later. The old code also wasn't POSIX compliant as it used \n in the replacement section of the s-command. Using \<newline> is the POSIX compatible method. LC_ALL=C was added to the two critical sed commands. POSIX sed manual recommends it when using sed to manipulate pathnames because in other locales invalid multibyte sequences might cause issues with some sed implementations. In case of GNU sed, these particular sed scripts wouldn't have such problems but some other scripts could have, see: info '(sed)Locale Considerations' This vulnerability was discovered by: cleemy desu wayo working with Trend Micro Zero Day Initiative Thanks to Jim Meyering and Paul Eggert discussing the different ways to fix this and for coordinating the patch release schedule with gzip.
2022-03-26liblzma: Fix a deadlock in threaded decoder.Lasse Collin1-19/+52
If a worker thread has consumed all input so far and it's waiting on thr->cond and then the main thread enables partial update for that thread, the code used to deadlock. This commit allows one dummy decoding pass to occur in this situation which then also does the partial update. As part of the fix, this moves thr->progress_* updates to avoid the second thr->mutex locking. Thanks to Jia Tan for finding, debugging, and reporting the bug.
2022-03-23liblzma: Threaded decoder: Don't stop threads on LZMA_TIMED_OUT.Lasse Collin1-1/+1
LZMA_TIMED_OUT is not an error and thus stopping threads on LZMA_TIMED_OUT breaks the decoder badly. Thanks to Jia Tan for finding the bug and for the patch.
2022-03-07xz: Add initial support for threaded decompression.Lasse Collin1-1/+35
If threading support is enabled at build time, this will use lzma_stream_decoder_mt() even for single-threaded mode. With memlimit_threading=0 the behavior should be identical. This needs some work like adding --memlimit-threading=LIMIT. The original patch from Sebastian Andrzej Siewior included a method to get currently available RAM on Linux. It might be one way to go but as it is Linux-only, the available-RAM approach needs work for portability or using a fallback method on other OSes. The man page wasn't updated yet.
2022-03-07liblzma: Add threaded .xz decompressor.Lasse Collin5-7/+1907
I realize that this is about a decade late. Big thanks to Sebastian Andrzej Siewior for the original patch. I made a bunch of smaller changes but after a while quite a few things got rewritten. So any bugs in the commit were created by me.
2022-03-06liblzma: Fix docs: lzma_block_decoder() cannot return LZMA_UNSUPPORTED_CHECK.Lasse Collin1-3/+0
If Check is unsupported, it will be silently ignored. It's the caller's job to handle it.
2022-03-06liblzma: Add new output queue (lzma_outq) features.Lasse Collin2-8/+79
Add lzma_outq_clear_cache2() which may leave one buffer allocated in the cache. Add lzma_outq_outbuf_memusage() to get the memory needed for a single lzma_outbuf. This is now used internally in outqueue.c too. Track both the total amount of memory allocated and the amount of memory that is in active use (not in cache). In lzma_outbuf, allow storing the current input position that matches the current output position. This way the main thread can notice when no more output is possible without first providing more input. Allow specifying return code for lzma_outq_read() in a finished lzma_outbuf.
2022-03-06liblzma: Index hash: Change return value type of hash_append() to void.Lasse Collin1-6/+5