[File] [PATCH] Adding built-in decompression for bzip2/lzma/xz

Christoph Biedl astron.com.bwoj at manchmal.in-ulm.de
Thu Jul 18 18:59:32 UTC 2019


Hello,

as documented, the seccomp feature will break execution of the file
program if -z or -Z option is used on content that cannot be
decompressed internally. Currently, only compressions understood by
zlib can be handled internally, e.g. gzip.

To reduce the impact, I've created likewise support for bzip2, lzma,
and xz. It was mostly copy'n'paste (and some edit) so all existing
flaws were reproduced :-]

For bzip2 there already was an unused stub which I recycled.

For xz/lzma there's a small irritation since the library is called
lzma, obviously for historical reasons, while certainly the most common
use case today is xz. So I decided to name the options/constants/names
"xz", causing brain twist in a few places. Also, liblzma seems to use
the futex syscall so I had to whitelist that one as well.

Regards,
    Christoph
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Add-support-for-built-in-bzip2-decompression.patch
Type: text/x-diff
Size: 4607 bytes
Desc: not available
URL: <https://mailman.astron.com/pipermail/file/attachments/20190718/4ee06abb/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0002-Add-support-for-built-in-lzma-xz-decompression.patch
Type: text/x-diff
Size: 5153 bytes
Desc: not available
URL: <https://mailman.astron.com/pipermail/file/attachments/20190718/4ee06abb/attachment-0001.bin>


More information about the File mailing list