1
0
Fork 0
mirror of https://git.tukaani.org/xz.git synced 2024-04-04 12:36:23 +02:00
This is an archive of xz repository, as it stood @ 2024-04-04T10:36:00Z. See https://tukaani.org/xz-backdoor/ as for what happened. Repository is frozen and will not be updated. https://tukaani.org/xz-backdoor/
Find a file
Lasse Collin 913ddc5572 liblzma: Vaccinate against an ill patch from RHEL/CentOS 7.
RHEL/CentOS 7 shipped with 5.1.2alpha, including the threaded
encoder that is behind #ifdef LZMA_UNSTABLE in the API headers.
In 5.1.2alpha these symbols are under XZ_5.1.2alpha in liblzma.map.
API/ABI compatibility tracking isn't done between development
releases so newer releases didn't have XZ_5.1.2alpha anymore.

Later RHEL/CentOS 7 updated xz to 5.2.2 but they wanted to keep
the exported symbols compatible with 5.1.2alpha. After checking
the ABI changes it turned out that >= 5.2.0 ABI is backward
compatible with the threaded encoder functions from 5.1.2alpha
(but not vice versa as fixes and extensions to these functions
were made between 5.1.2alpha and 5.2.0).

In RHEL/CentOS 7, XZ Utils 5.2.2 was patched with
xz-5.2.2-compat-libs.patch to modify liblzma.map:

  - XZ_5.1.2alpha was added with lzma_stream_encoder_mt and
    lzma_stream_encoder_mt_memusage. This matched XZ Utils 5.1.2alpha.

  - XZ_5.2 was replaced with XZ_5.2.2. It is clear that this was
    an error; the intention was to keep using XZ_5.2 (XZ_5.2.2
    has never been used in XZ Utils). So XZ_5.2.2 lists all
    symbols that were listed under XZ_5.2 before the patch.
    lzma_stream_encoder_mt and _mt_memusage are included too so
    they are listed both here and under XZ_5.1.2alpha.

The patch didn't add any __asm__(".symver ...") lines to the .c
files. Thus the resulting liblzma.so exports the threaded encoder
functions under XZ_5.1.2alpha only. Listing the two functions
also under XZ_5.2.2 in liblzma.map has no effect without
matching .symver lines.

The lack of XZ_5.2 in RHEL/CentOS 7 means that binaries linked
against unpatched XZ Utils 5.2.x won't run on RHEL/CentOS 7.
This is unfortunate but this alone isn't too bad as the problem
is contained within RHEL/CentOS 7 and doesn't affect users
of other distributions. It could also be fixed internally in
RHEL/CentOS 7.

The second problem is more serious: In XZ Utils 5.2.2 the API
headers don't have #ifdef LZMA_UNSTABLE for obvious reasons.
This is true in RHEL/CentOS 7 version too. Thus now programs
using new APIs can be compiled without an extra #define. However,
the programs end up depending on symbol version XZ_5.1.2alpha
(and possibly also XZ_5.2.2) instead of XZ_5.2 as they would
with an unpatched XZ Utils 5.2.2. This means that such binaries
won't run on other distributions shipping XZ Utils >= 5.2.0 as
they don't provide XZ_5.1.2alpha or XZ_5.2.2; they only provide
XZ_5.2 (and XZ_5.0). (This includes RHEL/CentOS 8 as the patch
luckily isn't included there anymore with XZ Utils 5.2.4.)

Binaries built by RHEL/CentOS 7 users get distributed and then
people wonder why they don't run on some other distribution.
Seems that people have found out about the patch and been copying
it to some build scripts, seemingly curing the symptoms but
actually spreading the illness further and outside RHEL/CentOS 7.

The ill patch seems to be from late 2016 (RHEL 7.3) and in 2017 it
had spread at least to EasyBuild. I heard about the events only
recently. :-(

This commit splits liblzma.map into two versions: one for
GNU/Linux and another for other OSes that can use symbol versioning
(FreeBSD, Solaris, maybe others). The Linux-specific file and the
matching additions to .c files add full compatibility with binaries
that have been built against a RHEL/CentOS-patched liblzma. Builds
for OSes other than GNU/Linux won't get the vaccine as they should
be immune to the problem (I really hope that no build script uses
the RHEL/CentOS 7 patch outside GNU/Linux).

The RHEL/CentOS compatibility symbols XZ_5.1.2alpha and XZ_5.2.2
are intentionally put *after* XZ_5.2 in liblzma_linux.map. This way
if one forgets to #define HAVE_SYMBOL_VERSIONS_LINUX when building,
the resulting liblzma.so.5 will have lzma_stream_encoder_mt@@XZ_5.2
since XZ_5.2 {...} is the first one that lists that function.
Without HAVE_SYMBOL_VERSIONS_LINUX @XZ_5.1.2alpha and @XZ_5.2.2
will be missing but that's still a minor problem compared to
only having lzma_stream_encoder_mt@@XZ_5.1.2alpha!

The "local: *;" line was moved to XZ_5.0 so that it doesn't need
to be moved around. It doesn't matter where it is put.

Having two similar liblzma_*.map files is a bit silly as it is,
at least for now, easily possible to generate the generic one
from the Linux-specific file. But that adds extra steps and
increases the risk of mistakes when supporting more than one
build system. So I rather maintain two files in parallel and let
validate_map.sh check that they are in sync when "make mydist"
is run.

This adds .symver lines for lzma_stream_encoder_mt@XZ_5.2.2 and
lzma_stream_encoder_mt_memusage@XZ_5.2.2 even though these
weren't exported by RHEL/CentOS 7 (only @@XZ_5.1.2alpha was
for these two). I added these anyway because someone might
misunderstand the RHEL/CentOS 7 patch and think that @XZ_5.2.2
(@@XZ_5.2.2) versions were exported too.

At glance one could suggest using __typeof__ to copy the function
prototypes when making aliases. However, this doesn't work trivially
because __typeof__ won't copy attributes (lzma_nothrow, lzma_pure)
and it won't change symbol visibility from hidden to default (done
by LZMA_API()). Attributes could be copied with __copy__ attribute
but that needs GCC 9 and a fallback method would be needed anyway.

This uses __symver__ attribute with GCC >= 10 and
__asm__(".symver ...") with everything else. The attribute method
is required for LTO (-flto) support with GCC. Using -flto with
GCC older than 10 is now broken on GNU/Linux and will not be fixed
(can silently result in a broken liblzma build that has dangerously
incorrect symbol versions). LTO builds with Clang seem to work
with the traditional __asm__(".symver ...") method.

Thanks to Boud Roukema for reporting the problem and discussing
the details and testing the fix.
2022-09-08 15:01:29 +03:00
build-aux Build: Fix a CR+LF problem when running autoreconf -fi on OS/2. 2015-02-26 20:46:14 +02:00
cmake CMake: Fix compatibility with CMake 3.13. 2020-11-17 21:09:39 +02:00
debug Avoid variable-length arrays in the debug programs. 2014-12-21 18:05:03 +02:00
doc liblzma: Add optional autodetection of LZMA end marker. 2022-07-13 22:24:07 +03:00
dos DOS: Update dos/Makefile for DJGPP 2.05. 2020-03-11 19:38:08 +02:00
extra extra/scanlzma: Fix compiler warnings. 2018-04-29 18:48:00 +03:00
lib Put the interesting parts of XZ Utils into the public domain. 2009-04-13 11:27:40 +03:00
m4 Build: Update m4/ax_pthread.m4 from Autoconf Archive (again). 2020-03-15 15:26:20 +02:00
macosx macosx: separate liblzma package 2013-08-03 13:15:32 +03:00
po Translations: Add Portuguese translation. 2022-08-22 18:06:38 +03:00
po4a Translations: Change the copyright comment string to use with po4a. 2022-07-25 19:11:05 +03:00
src liblzma: Vaccinate against an ill patch from RHEL/CentOS 7. 2022-09-08 15:01:29 +03:00
tests Tests: Add the .lzma files to test_files.sh. 2022-07-14 20:33:05 +03:00
windows Windows: Fix broken liblzma.dll build with Visual Studio project files. 2022-08-18 17:38:05 +03:00
.gitignore Created script to generate code coverage reports. 2022-07-10 22:42:22 +03:00
AUTHORS Add Jia Tan to AUTHORS. 2022-08-12 14:28:41 +03:00
autogen.sh Build: Add support for --no-po4a option to autogen.sh. 2020-02-27 20:24:27 +02:00
ChangeLog Update the Git repository URL to HTTPS in ChangeLog. 2017-04-24 19:30:22 +03:00
CMakeLists.txt CMake: Add xz symlinks. 2022-08-31 16:42:04 +03:00
configure.ac liblzma: Vaccinate against an ill patch from RHEL/CentOS 7. 2022-09-08 15:01:29 +03:00
COPYING Update the home page URLs to HTTPS. 2017-04-19 22:17:35 +03:00
COPYING.GPLv2 Update the copies of GPLv2 and LGPLv2.1 from gnu.org. 2010-11-04 18:31:40 +02:00
COPYING.GPLv3 Imported to git. 2007-12-09 00:42:33 +02:00
COPYING.LGPLv2.1 Update the copies of GPLv2 and LGPLv2.1 from gnu.org. 2010-11-04 18:31:40 +02:00
Doxyfile.in spelling 2019-05-11 20:52:37 +03:00
INSTALL Update INSTALL for Windows and DOS and add preliminary info for z/OS. 2020-03-15 15:27:22 +02:00
INSTALL.generic Update INSTALL.generic from Automake 1.16.1. 2020-03-16 16:43:29 +02:00
Makefile.am Build: Include the CMake files in the distribution. 2022-08-18 17:49:16 +03:00
NEWS Add NEWS for 5.3.3alpha. 2022-08-22 18:13:56 +03:00
PACKAGERS Update docs. 2010-10-19 10:21:08 +03:00
README README: Update outdated sections. 2020-03-16 20:01:37 +02:00
THANKS Update THANKS. 2022-07-19 23:23:54 +03:00
TODO Update TODO. 2014-09-14 21:02:41 +03:00

XZ Utils
========

    0. Overview
    1. Documentation
       1.1. Overall documentation
       1.2. Documentation for command-line tools
       1.3. Documentation for liblzma
    2. Version numbering
    3. Reporting bugs
    4. Translations
    5. Other implementations of the .xz format
    6. Contact information


0. Overview
-----------

    XZ Utils provide a general-purpose data-compression library plus
    command-line tools. The native file format is the .xz format, but
    also the legacy .lzma format is supported. The .xz format supports
    multiple compression algorithms, which are called "filters" in the
    context of XZ Utils. The primary filter is currently LZMA2. With
    typical files, XZ Utils create about 30 % smaller files than gzip.

    To ease adapting support for the .xz format into existing applications
    and scripts, the API of liblzma is somewhat similar to the API of the
    popular zlib library. For the same reason, the command-line tool xz
    has a command-line syntax similar to that of gzip.

    When aiming for the highest compression ratio, the LZMA2 encoder uses
    a lot of CPU time and may use, depending on the settings, even
    hundreds of megabytes of RAM. However, in fast modes, the LZMA2 encoder
    competes with bzip2 in compression speed, RAM usage, and compression
    ratio.

    LZMA2 is reasonably fast to decompress. It is a little slower than
    gzip, but a lot faster than bzip2. Being fast to decompress means
    that the .xz format is especially nice when the same file will be
    decompressed very many times (usually on different computers), which
    is the case e.g. when distributing software packages. In such
    situations, it's not too bad if the compression takes some time,
    since that needs to be done only once to benefit many people.

    With some file types, combining (or "chaining") LZMA2 with an
    additional filter can improve the compression ratio. A filter chain may
    contain up to four filters, although usually only one or two are used.
    For example, putting a BCJ (Branch/Call/Jump) filter before LZMA2
    in the filter chain can improve compression ratio of executable files.

    Since the .xz format allows adding new filter IDs, it is possible that
    some day there will be a filter that is, for example, much faster to
    compress than LZMA2 (but probably with worse compression ratio).
    Similarly, it is possible that some day there is a filter that will
    compress better than LZMA2.

    XZ Utils supports multithreaded compression. XZ Utils doesn't support
    multithreaded decompression yet. It has been planned though and taken
    into account when designing the .xz file format. In the future, files
    that were created in threaded mode can be decompressed in threaded
    mode too.


1. Documentation
----------------

1.1. Overall documentation

    README              This file

    INSTALL.generic     Generic install instructions for those not familiar
                        with packages using GNU Autotools
    INSTALL             Installation instructions specific to XZ Utils
    PACKAGERS           Information to packagers of XZ Utils

    COPYING             XZ Utils copyright and license information
    COPYING.GPLv2       GNU General Public License version 2
    COPYING.GPLv3       GNU General Public License version 3
    COPYING.LGPLv2.1    GNU Lesser General Public License version 2.1

    AUTHORS             The main authors of XZ Utils
    THANKS              Incomplete list of people who have helped making
                        this software
    NEWS                User-visible changes between XZ Utils releases
    ChangeLog           Detailed list of changes (commit log)
    TODO                Known bugs and some sort of to-do list

    Note that only some of the above files are included in binary
    packages.


1.2. Documentation for command-line tools

    The command-line tools are documented as man pages. In source code
    releases (and possibly also in some binary packages), the man pages
    are also provided in plain text (ASCII only) and PDF formats in the
    directory "doc/man" to make the man pages more accessible to those
    whose operating system doesn't provide an easy way to view man pages.


1.3. Documentation for liblzma

    The liblzma API headers include short docs about each function
    and data type as Doxygen tags. These docs should be quite OK as
    a quick reference.

    There are a few example/tutorial programs that should help in
    getting started with liblzma. In the source package the examples
    are in "doc/examples" and in binary packages they may be under
    "examples" in the same directory as this README.

    Since the liblzma API has similarities to the zlib API, some people
    may find it useful to read the zlib docs and tutorial too:

        http://zlib.net/manual.html
        http://zlib.net/zlib_how.html


2. Version numbering
--------------------

    The version number format of XZ Utils is X.Y.ZS:

      - X is the major version. When this is incremented, the library
        API and ABI break.

      - Y is the minor version. It is incremented when new features
        are added without breaking the existing API or ABI. An even Y
        indicates a stable release and an odd Y indicates unstable
        (alpha or beta version).

      - Z is the revision. This has a different meaning for stable and
        unstable releases:

          * Stable: Z is incremented when bugs get fixed without adding
            any new features. This is intended to be convenient for
            downstream distributors that want bug fixes but don't want
            any new features to minimize the risk of introducing new bugs.

          * Unstable: Z is just a counter. API or ABI of features added
            in earlier unstable releases having the same X.Y may break.

      - S indicates stability of the release. It is missing from the
        stable releases, where Y is an even number. When Y is odd, S
        is either "alpha" or "beta" to make it very clear that such
        versions are not stable releases. The same X.Y.Z combination is
        not used for more than one stability level, i.e. after X.Y.Zalpha,
        the next version can be X.Y.(Z+1)beta but not X.Y.Zbeta.


3. Reporting bugs
-----------------

    Naturally it is easiest for me if you already know what causes the
    unexpected behavior. Even better if you have a patch to propose.
    However, quite often the reason for unexpected behavior is unknown,
    so here are a few things to do before sending a bug report:

      1. Try to create a small example how to reproduce the issue.

      2. Compile XZ Utils with debugging code using configure switches
         --enable-debug and, if possible, --disable-shared. If you are
         using GCC, use CFLAGS='-O0 -ggdb3'. Don't strip the resulting
         binaries.

      3. Turn on core dumps. The exact command depends on your shell;
         for example in GNU bash it is done with "ulimit -c unlimited",
         and in tcsh with "limit coredumpsize unlimited".

      4. Try to reproduce the suspected bug. If you get "assertion failed"
         message, be sure to include the complete message in your bug
         report. If the application leaves a coredump, get a backtrace
         using gdb:
           $ gdb /path/to/app-binary   # Load the app to the debugger.
           (gdb) core core   # Open the coredump.
           (gdb) bt   # Print the backtrace. Copy & paste to bug report.
           (gdb) quit   # Quit gdb.

    Report your bug via email or IRC (see Contact information below).
    Don't send core dump files or any executables. If you have a small
    example file(s) (total size less than 256 KiB), please include
    it/them as an attachment. If you have bigger test files, put them
    online somewhere and include a URL to the file(s) in the bug report.

    Always include the exact version number of XZ Utils in the bug report.
    If you are using a snapshot from the git repository, use "git describe"
    to get the exact snapshot version. If you are using XZ Utils shipped
    in an operating system distribution, mention the distribution name,
    distribution version, and exact xz package version; if you cannot
    repeat the bug with the code compiled from unpatched source code,
    you probably need to report a bug to your distribution's bug tracking
    system.


4. Translations
---------------

    The xz command line tool and all man pages can be translated.
    The translations are handled via the Translation Project. If you
    wish to help translating xz, please join the Translation Project:

        https://translationproject.org/html/translators.html

    Below are notes and testing instructions specific to xz
    translations.

    Testing can be done by installing xz into a temporary directory:

        ./configure --disable-shared --prefix=/tmp/xz-test
        # <Edit the .po file in the po directory.>
        make -C po update-po
        make install
        bash debug/translation.bash | less
        bash debug/translation.bash | less -S  # For --list outputs

    Repeat the above as needed (no need to re-run configure though).

    Note especially the following:

      - The output of --help and --long-help must look nice on
        an 80-column terminal. It's OK to add extra lines if needed.

      - In contrast, don't add extra lines to error messages and such.
        They are often preceded with e.g. a filename on the same line,
        so you have no way to predict where to put a \n. Let the terminal
        do the wrapping even if it looks ugly. Adding new lines will be
        even uglier in the generic case even if it looks nice in a few
        limited examples.

      - Be careful with column alignment in tables and table-like output
        (--list, --list --verbose --verbose, --info-memory, --help, and
        --long-help):

          * All descriptions of options in --help should start in the
            same column (but it doesn't need to be the same column as
            in the English messages; just be consistent if you change it).
            Check that both --help and --long-help look OK, since they
            share several strings.

          * --list --verbose and --info-memory print lines that have
            the format "Description:   %s". If you need a longer
            description, you can put extra space between the colon
            and %s. Then you may need to add extra space to other
            strings too so that the result as a whole looks good (all
            values start at the same column).

          * The columns of the actual tables in --list --verbose --verbose
            should be aligned properly. Abbreviate if necessary. It might
            be good to keep at least 2 or 3 spaces between column headings
            and avoid spaces in the headings so that the columns stand out
            better, but this is a matter of opinion. Do what you think
            looks best.

      - Be careful to put a period at the end of a sentence when the
        original version has it, and don't put it when the original
        doesn't have it. Similarly, be careful with \n characters
        at the beginning and end of the strings.

      - Read the TRANSLATORS comments that have been extracted from the
        source code and included in xz.pot. Some comments suggest
        testing with a specific command which needs an .xz file. You
        may use e.g. any tests/files/good-*.xz. However, these test
        commands are included in translations.bash output, so reading
        translations.bash output carefully can be enough.

      - If you find language problems in the original English strings,
        feel free to suggest improvements. Ask if something is unclear.

      - The translated messages should be understandable (sometimes this
        may be a problem with the original English messages too). Don't
        make a direct word-by-word translation from English especially if
        the result doesn't sound good in your language.

    Thanks for your help!


5. Other implementations of the .xz format
------------------------------------------

    7-Zip and the p7zip port of 7-Zip support the .xz format starting
    from the version 9.00alpha.

        http://7-zip.org/
        http://p7zip.sourceforge.net/

    XZ Embedded is a limited implementation written for use in the Linux
    kernel, but it is also suitable for other embedded use.

        https://tukaani.org/xz/embedded.html


6. Contact information
----------------------

    If you have questions, bug reports, patches etc. related to XZ Utils,
    contact Lasse Collin <lasse.collin@tukaani.org> (in Finnish or English).
    I'm sometimes slow at replying. If you haven't got a reply within two
    weeks, assume that your email has got lost and resend it or use IRC.

    You can find me also from #tukaani on Freenode; my nick is Larhzu.
    The channel tends to be pretty quiet, so just ask your question and
    someone may wake up.