jory/upx
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

all: final cleanups in preparation for release

Browse Source
This commit is contained in:
Markus F.X.J. Oberhumer 2023-08-03 14:20:35 +02:00
parent 13e5c13695
commit fa364d6ea3
57 changed files with 62 additions and 1087 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.clang-tidy
View File

@ -6,6 +6,7 @@ Checks: >
-bugprone-assignment-in-if-condition,
-bugprone-branch-clone,
-bugprone-easily-swappable-parameters,
-bugprone-empty-catch,
-bugprone-implicit-widening-of-multiplication-result,
-bugprone-macro-parentheses,
-bugprone-narrowing-conversions,
@ -14,12 +15,14 @@ Checks: >
-bugprone-suspicious-include,
-bugprone-suspicious-memory-comparison,
-bugprone-suspicious-string-compare,
-bugprone-switch-missing-default-case,
clang-analyzer-*,
-clang-analyzer-optin.performance.Padding,
-clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling,
-clang-analyzer-security.insecureAPI.strcpy,
clang-diagnostics-*',
performance-*,
-performance-avoid-endl,
-performance-unnecessary-value-param,
FormatStyle: file
HeaderFilterRegex: '.*'

2
.gitignore vendored
View File

@ -9,6 +9,8 @@
GNUmakefile
MMakefile
Makevars.local*
compile_flags.txt
Tmp*
tmp*
*.a

6
compile_flags.txt
View File

@ -1,6 +0,0 @@
-std=gnu++17
-Ivendor
-DDEBUG
-fno-strict-aliasing
-fno-strict-overflow
-funsigned-char

2
doc/upx.1 generated
View File

@ -133,7 +133,7 @@
.\" ========================================================================
.\"
.IX Title "UPX 1"
.TH UPX 1 "2023-05-28" "upx 4.1.0" " "
.TH UPX 1 "2023-08-03" "upx 4.1.0" " "
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

1
misc/analyze/clang-tidy/clang-tidy-bzip2.yml
View File

@ -9,6 +9,7 @@ Checks: >
-bugprone-macro-parentheses,
-bugprone-narrowing-conversions,
-bugprone-reserved-identifier,
-bugprone-switch-missing-default-case,
clang-analyzer-*,
-clang-analyzer-core.UndefinedBinaryOperatorResult,
-clang-analyzer-core.uninitialized.Assign,

1
misc/analyze/clang-tidy/clang-tidy-zlib.yml
View File

@ -9,6 +9,7 @@ Checks: >
-bugprone-macro-parentheses,
-bugprone-narrowing-conversions,
-bugprone-reserved-identifier,
-bugprone-switch-missing-default-case,
clang-analyzer-*,
-clang-analyzer-optin.performance.Padding,
-clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling,

1
misc/analyze/clang-tidy/clang-tidy-zstd.yml
View File

@ -11,6 +11,7 @@ Checks: >
-bugprone-misplaced-widening-cast,
-bugprone-narrowing-conversions,
-bugprone-reserved-identifier,
-bugprone-switch-missing-default-case,
clang-analyzer-*,
-clang-analyzer-core.UndefinedBinaryOperatorResult,
-clang-analyzer-deadcode.DeadStores,

52
misc/podman/test-qemu/README.md
View File

@ -1,52 +0,0 @@
test-qemu with Podman
=====================
This directory provides some simple scripts for creating and running
quite small Alpine Linux container images, intended for testing
statically-linked Linux executables with Podman and qemu-user.
Very short usage instructions follow.
### Where do I get statically-linked Linux binaries:
- all recent official UPX linux release binaries are statically linked
- the `zigcc linux-musl` artifacts as created by our GitHub Actions CI
- many other `linux-musl` binaries are statically linked
- many `Go` and some `Rust` programs are statically linked
### PREPARATION OUTSIDE THE CONTAINER:
```sh
cd your-upx-top-level-directory
mkdir -p tmp
cd tmp
# download official UPX release binaries
wget https://github.com/upx/upx/releases/download/v4.0.2/upx-4.0.2-amd64_linux.tar.xz
wget https://github.com/upx/upx/releases/download/v4.0.2/upx-4.0.2-arm64_linux.tar.xz
wget https://github.com/upx/upx/releases/download/v4.0.2/upx-4.0.2-armeb_linux.tar.xz
wget https://github.com/upx/upx/releases/download/v4.0.2/upx-4.0.2-arm_linux.tar.xz
wget https://github.com/upx/upx/releases/download/v4.0.2/upx-4.0.2-i386_linux.tar.xz
wget https://github.com/upx/upx/releases/download/v4.0.2/upx-4.0.2-mipsel_linux.tar.xz
wget https://github.com/upx/upx/releases/download/v4.0.2/upx-4.0.2-mips_linux.tar.xz
wget https://github.com/upx/upx/releases/download/v4.0.2/upx-4.0.2-powerpc64le_linux.tar.xz
wget https://github.com/upx/upx/releases/download/v4.0.2/upx-4.0.2-powerpc_linux.tar.xz
# and unpack all .tar.xz files
for f in ./upx*.tar.xz; do tar -xJf $f; done
```
### INSIDE THE CONTAINER:
```sh
cd /home/upx/src/upx/tmp
# check that the official UPX release binaries do work
qemu-i386 ./upx-4.0.2-i386_linux/upx --version
qemu-mips ./upx-4.0.2-mips_linux/upx --version
# ...same for more architectures
# use qemu-mips to unpack the arm64 binary, and then run the unpacked arm64 binary:
qemu-mips ./upx-4.0.2-mips_linux/upx -d upx-4.0.2-arm64_linux/upx -o upx-arm64-unpacked
qemu-aarch64 ./upx-arm64-unpacked --version
# ...same for more architectures
```

16
misc/podman/test-qemu/test-qemu-2.12-alpine/10-create-image.sh
View File

@ -1,16 +0,0 @@
#! /usr/bin/env bash
## vim:set ts=4 sw=4 et:
set -e; set -o pipefail
argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
# create the image from Dockerfile
# using a rootless Podman container
image=upx-test-qemu-2.12-alpine-20230725-v1
[[ $1 == --print-image ]] && echo "$image" && exit 0
podman build --squash -t "$image" -f "$argv0dir/Dockerfile" "$argv0dir"
podman image list "$image"
echo
podman image tree "$image"

19
misc/podman/test-qemu/test-qemu-2.12-alpine/11-list-packages.sh
View File

@ -1,19 +0,0 @@
#! /usr/bin/env bash
## vim:set ts=4 sw=4 et:
set -e; set -o pipefail
argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
# list all system packages that are installed in the image
# using a rootless Podman container
image="$("$argv0dir/10-create-image.sh" --print-image)"
podman image list "$image"
echo
podman image tree "$image"
echo 'Packages:'
flags=( --read-only --rm --pull=never )
flags+=( --cap-drop=all ) # drop all capabilities
flags+=( --network=none ) # no network needed
podman run "${flags[@]}" "$image" bash -c $'apk info -v | sed \'s/ *$//\' | LC_ALL=C sort'

41
misc/podman/test-qemu/test-qemu-2.12-alpine/20-image-run-shell.sh
View File

@ -1,41 +0,0 @@
#! /usr/bin/env bash
## vim:set ts=4 sw=4 et:
set -e; set -o pipefail
argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
# run an interactive shell in the image
# using a rootless Podman container
image="$("$argv0dir/10-create-image.sh" --print-image)"
flags=( --read-only --rm --pull=never )
flags+=( --cap-drop=all ) # drop all capabilities
flags+=( --network=none ) # no network needed
flags+=( -ti -e TERM="$TERM" ) # allocate an interactive pseudo-tty and pass $TERM
if [[ 1 == 1 ]]; then
# run as user upx 2000:2000
flags+=( --user 2000 )
# map container users 0..999 to subuid-users 1..1000, and map container user 2000 to current host user
flags+=( --uidmap=0:1:1000 --uidmap=2000:0:1 )
# map container groups 0..999 to subgid-groups 1..1000, and map container group 2000 to current host group
flags+=( --gidmap=0:1:1000 --gidmap=2000:0:1 )
# NOTE: we mount the upx top-level directory read-write under /home/upx/src/upx
# INFO: SELinux users *may* have to add ":z" to the volume mount flags; check the docs!
flags+=( -v "${argv0dir}/../../../..:/home/upx/src/upx" )
flags+=( -w /home/upx/src/upx ) # set working directory
flags+=( --tmpfs /home/upx/.cache:rw,exec ) # mount a writeable tmpfs
flags+=( --tmpfs /home/upx/.local:rw,exec ) # mount a writeable tmpfs
else
# run as user root 0:0
# ONLY FOR DEBUGGING THE IMAGE
# map container user/group 0 to current host user/group
flags+=( --user 0 )
fi
if [[ $# == 0 ]]; then
podman run "${flags[@]}" "$image" bash -l
else
podman run "${flags[@]}" "$image" "$@"
fi
# please see usage instructions in ../README.md

35
misc/podman/test-qemu/test-qemu-2.12-alpine/Dockerfile
View File

@ -1,35 +0,0 @@
FROM docker.io/library/alpine:3.8
# install qemu-2.12.0-r3 and some utils
RUN apk update && apk upgrade && apk add \
bash-completion \
coreutils \
musl-dbg \
qemu-aarch64 \
qemu-aarch64_be \
qemu-arm \
qemu-armeb \
qemu-i386 \
qemu-m68k \
qemu-mips \
qemu-mipsel \
qemu-ppc \
qemu-ppc64 \
qemu-ppc64le \
qemu-riscv32 \
qemu-riscv64 \
qemu-s390x \
qemu-sh4 \
qemu-sh4eb \
qemu-x86_64 \
strace \
zsh \
&& true
# create default user upx:upx 2000:2000
RUN adduser upx -u 2000 -D \
&& cd /home/upx && chmod 00700 . \
&& mkdir -p .cache/tmp .local/bin src/upx \
&& chown -R upx:upx . \
&& true
USER upx

16
misc/podman/test-qemu/test-qemu-3.1-alpine/10-create-image.sh
View File

@ -1,16 +0,0 @@
#! /usr/bin/env bash
## vim:set ts=4 sw=4 et:
set -e; set -o pipefail
argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
# create the image from Dockerfile
# using a rootless Podman container
image=upx-test-qemu-3.1-alpine-20230725-v1
[[ $1 == --print-image ]] && echo "$image" && exit 0
podman build --squash -t "$image" -f "$argv0dir/Dockerfile" "$argv0dir"
podman image list "$image"
echo
podman image tree "$image"

19
misc/podman/test-qemu/test-qemu-3.1-alpine/11-list-packages.sh
View File

@ -1,19 +0,0 @@
#! /usr/bin/env bash
## vim:set ts=4 sw=4 et:
set -e; set -o pipefail
argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
# list all system packages that are installed in the image
# using a rootless Podman container
image="$("$argv0dir/10-create-image.sh" --print-image)"
podman image list "$image"
echo
podman image tree "$image"
echo 'Packages:'
flags=( --read-only --rm --pull=never )
flags+=( --cap-drop=all ) # drop all capabilities
flags+=( --network=none ) # no network needed
podman run "${flags[@]}" "$image" bash -c $'apk info -v | sed \'s/ *$//\' | LC_ALL=C sort'

41
misc/podman/test-qemu/test-qemu-3.1-alpine/20-image-run-shell.sh
View File

@ -1,41 +0,0 @@
#! /usr/bin/env bash
## vim:set ts=4 sw=4 et:
set -e; set -o pipefail
argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
# run an interactive shell in the image
# using a rootless Podman container
image="$("$argv0dir/10-create-image.sh" --print-image)"
flags=( --read-only --rm --pull=never )
flags+=( --cap-drop=all ) # drop all capabilities
flags+=( --network=none ) # no network needed
flags+=( -ti -e TERM="$TERM" ) # allocate an interactive pseudo-tty and pass $TERM
if [[ 1 == 1 ]]; then
# run as user upx 2000:2000
flags+=( --user 2000 )
# map container users 0..999 to subuid-users 1..1000, and map container user 2000 to current host user
flags+=( --uidmap=0:1:1000 --uidmap=2000:0:1 )
# map container groups 0..999 to subgid-groups 1..1000, and map container group 2000 to current host group
flags+=( --gidmap=0:1:1000 --gidmap=2000:0:1 )
# NOTE: we mount the upx top-level directory read-write under /home/upx/src/upx
# INFO: SELinux users *may* have to add ":z" to the volume mount flags; check the docs!
flags+=( -v "${argv0dir}/../../../..:/home/upx/src/upx" )
flags+=( -w /home/upx/src/upx ) # set working directory
flags+=( --tmpfs /home/upx/.cache:rw,exec ) # mount a writeable tmpfs
flags+=( --tmpfs /home/upx/.local:rw,exec ) # mount a writeable tmpfs
else
# run as user root 0:0
# ONLY FOR DEBUGGING THE IMAGE
# map container user/group 0 to current host user/group
flags+=( --user 0 )
fi
if [[ $# == 0 ]]; then
podman run "${flags[@]}" "$image" bash -l
else
podman run "${flags[@]}" "$image" "$@"
fi
# please see usage instructions in ../README.md

35
misc/podman/test-qemu/test-qemu-3.1-alpine/Dockerfile
View File

@ -1,35 +0,0 @@
FROM docker.io/library/alpine:3.9
# install qemu-3.1.0-r3 and some utils
RUN apk update && apk upgrade && apk add \
bash-completion \
coreutils \
musl-dbg \
qemu-aarch64 \
qemu-aarch64_be \
qemu-arm \
qemu-armeb \
qemu-i386 \
qemu-m68k \
qemu-mips \
qemu-mipsel \
qemu-ppc \
qemu-ppc64 \
qemu-ppc64le \
qemu-riscv32 \
qemu-riscv64 \
qemu-s390x \
qemu-sh4 \
qemu-sh4eb \
qemu-x86_64 \
strace \
zsh \
&& true
# create default user upx:upx 2000:2000
RUN adduser upx -u 2000 -D \
&& cd /home/upx && chmod 00700 . \
&& mkdir -p .cache/tmp .local/bin src/upx \
&& chown -R upx:upx . \
&& true
USER upx

16
misc/podman/test-qemu/test-qemu-4.2-alpine/10-create-image.sh
View File

@ -1,16 +0,0 @@
#! /usr/bin/env bash
## vim:set ts=4 sw=4 et:
set -e; set -o pipefail
argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
# create the image from Dockerfile
# using a rootless Podman container
image=upx-test-qemu-4.2-alpine-20230725-v1
[[ $1 == --print-image ]] && echo "$image" && exit 0
podman build --squash -t "$image" -f "$argv0dir/Dockerfile" "$argv0dir"
podman image list "$image"
echo
podman image tree "$image"

19
misc/podman/test-qemu/test-qemu-4.2-alpine/11-list-packages.sh
View File

@ -1,19 +0,0 @@
#! /usr/bin/env bash
## vim:set ts=4 sw=4 et:
set -e; set -o pipefail
argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
# list all system packages that are installed in the image
# using a rootless Podman container
image="$("$argv0dir/10-create-image.sh" --print-image)"
podman image list "$image"
echo
podman image tree "$image"
echo 'Packages:'
flags=( --read-only --rm --pull=never )
flags+=( --cap-drop=all ) # drop all capabilities
flags+=( --network=none ) # no network needed
podman run "${flags[@]}" "$image" bash -c $'apk info -v | sed \'s/ *$//\' | LC_ALL=C sort'

41
misc/podman/test-qemu/test-qemu-4.2-alpine/20-image-run-shell.sh
View File

@ -1,41 +0,0 @@
#! /usr/bin/env bash
## vim:set ts=4 sw=4 et:
set -e; set -o pipefail
argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
# run an interactive shell in the image
# using a rootless Podman container
image="$("$argv0dir/10-create-image.sh" --print-image)"
flags=( --read-only --rm --pull=never )
flags+=( --cap-drop=all ) # drop all capabilities
flags+=( --network=none ) # no network needed
flags+=( -ti -e TERM="$TERM" ) # allocate an interactive pseudo-tty and pass $TERM
if [[ 1 == 1 ]]; then
# run as user upx 2000:2000
flags+=( --user 2000 )
# map container users 0..999 to subuid-users 1..1000, and map container user 2000 to current host user
flags+=( --uidmap=0:1:1000 --uidmap=2000:0:1 )
# map container groups 0..999 to subgid-groups 1..1000, and map container group 2000 to current host group
flags+=( --gidmap=0:1:1000 --gidmap=2000:0:1 )
# NOTE: we mount the upx top-level directory read-write under /home/upx/src/upx
# INFO: SELinux users *may* have to add ":z" to the volume mount flags; check the docs!
flags+=( -v "${argv0dir}/../../../..:/home/upx/src/upx" )
flags+=( -w /home/upx/src/upx ) # set working directory
flags+=( --tmpfs /home/upx/.cache:rw,exec ) # mount a writeable tmpfs
flags+=( --tmpfs /home/upx/.local:rw,exec ) # mount a writeable tmpfs
else
# run as user root 0:0
# ONLY FOR DEBUGGING THE IMAGE
# map container user/group 0 to current host user/group
flags+=( --user 0 )
fi
if [[ $# == 0 ]]; then
podman run "${flags[@]}" "$image" bash -l
else
podman run "${flags[@]}" "$image" "$@"
fi
# please see usage instructions in ../README.md

35
misc/podman/test-qemu/test-qemu-4.2-alpine/Dockerfile
View File

@ -1,35 +0,0 @@
FROM docker.io/library/alpine:3.11
# install qemu-4.2.0-r0 and some utils
RUN apk update && apk upgrade && apk add \
bash-completion \
coreutils \
musl-dbg \
qemu-aarch64 \
qemu-aarch64_be \
qemu-arm \
qemu-armeb \
qemu-i386 \
qemu-m68k \
qemu-mips \
qemu-mipsel \
qemu-ppc \
qemu-ppc64 \
qemu-ppc64le \
qemu-riscv32 \
qemu-riscv64 \
qemu-s390x \
qemu-sh4 \
qemu-sh4eb \
qemu-x86_64 \
strace \
zsh \
&& true
# create default user upx:upx 2000:2000
RUN adduser upx -u 2000 -D \
&& cd /home/upx && chmod 00700 . \
&& mkdir -p .cache/tmp .local/bin src/upx \
&& chown -R upx:upx . \
&& true
USER upx

16
misc/podman/test-qemu/test-qemu-5.2-alpine/10-create-image.sh
View File

@ -1,16 +0,0 @@
#! /usr/bin/env bash
## vim:set ts=4 sw=4 et:
set -e; set -o pipefail
argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
# create the image from Dockerfile
# using a rootless Podman container
image=upx-test-qemu-5.2-alpine-20230725-v1
[[ $1 == --print-image ]] && echo "$image" && exit 0
podman build --squash -t "$image" -f "$argv0dir/Dockerfile" "$argv0dir"
podman image list "$image"
echo
podman image tree "$image"

19
misc/podman/test-qemu/test-qemu-5.2-alpine/11-list-packages.sh
View File

@ -1,19 +0,0 @@
#! /usr/bin/env bash
## vim:set ts=4 sw=4 et:
set -e; set -o pipefail
argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
# list all system packages that are installed in the image
# using a rootless Podman container
image="$("$argv0dir/10-create-image.sh" --print-image)"
podman image list "$image"
echo
podman image tree "$image"
echo 'Packages:'
flags=( --read-only --rm --pull=never )
flags+=( --cap-drop=all ) # drop all capabilities
flags+=( --network=none ) # no network needed
podman run "${flags[@]}" "$image" bash -c $'apk info -v | sed \'s/ *$//\' | LC_ALL=C sort'

41
misc/podman/test-qemu/test-qemu-5.2-alpine/20-image-run-shell.sh
View File

@ -1,41 +0,0 @@
#! /usr/bin/env bash
## vim:set ts=4 sw=4 et:
set -e; set -o pipefail
argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
# run an interactive shell in the image
# using a rootless Podman container
image="$("$argv0dir/10-create-image.sh" --print-image)"
flags=( --read-only --rm --pull=never )
flags+=( --cap-drop=all ) # drop all capabilities
flags+=( --network=none ) # no network needed
flags+=( -ti -e TERM="$TERM" ) # allocate an interactive pseudo-tty and pass $TERM
if [[ 1 == 1 ]]; then
# run as user upx 2000:2000
flags+=( --user 2000 )
# map container users 0..999 to subuid-users 1..1000, and map container user 2000 to current host user
flags+=( --uidmap=0:1:1000 --uidmap=2000:0:1 )
# map container groups 0..999 to subgid-groups 1..1000, and map container group 2000 to current host group
flags+=( --gidmap=0:1:1000 --gidmap=2000:0:1 )
# NOTE: we mount the upx top-level directory read-write under /home/upx/src/upx
# INFO: SELinux users *may* have to add ":z" to the volume mount flags; check the docs!
flags+=( -v "${argv0dir}/../../../..:/home/upx/src/upx" )
flags+=( -w /home/upx/src/upx ) # set working directory
flags+=( --tmpfs /home/upx/.cache:rw,exec ) # mount a writeable tmpfs
flags+=( --tmpfs /home/upx/.local:rw,exec ) # mount a writeable tmpfs
else
# run as user root 0:0
# ONLY FOR DEBUGGING THE IMAGE
# map container user/group 0 to current host user/group
flags+=( --user 0 )
fi
if [[ $# == 0 ]]; then
podman run "${flags[@]}" "$image" bash -l
else
podman run "${flags[@]}" "$image" "$@"
fi
# please see usage instructions in ../README.md

35
misc/podman/test-qemu/test-qemu-5.2-alpine/Dockerfile
View File

@ -1,35 +0,0 @@
FROM docker.io/library/alpine:3.13
# install qemu-5.2.0-r3 and some utils
RUN apk update && apk upgrade && apk add \
bash-completion \
coreutils \
musl-dbg \
qemu-aarch64 \
qemu-aarch64_be \
qemu-arm \
qemu-armeb \
qemu-i386 \
qemu-m68k \
qemu-mips \
qemu-mipsel \
qemu-ppc \
qemu-ppc64 \
qemu-ppc64le \
qemu-riscv32 \
qemu-riscv64 \
qemu-s390x \
qemu-sh4 \
qemu-sh4eb \
qemu-x86_64 \
strace \
zsh \
&& true
# create default user upx:upx 2000:2000
RUN adduser upx -u 2000 -D \
&& cd /home/upx && chmod 00700 . \
&& mkdir -p .cache/tmp .local/bin src/upx \
&& chown -R upx:upx . \
&& true
USER upx

16
misc/podman/test-qemu/test-qemu-6.0-alpine/10-create-image.sh
View File

@ -1,16 +0,0 @@
#! /usr/bin/env bash
## vim:set ts=4 sw=4 et:
set -e; set -o pipefail
argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
# create the image from Dockerfile
# using a rootless Podman container
image=upx-test-qemu-6.0-alpine-20230725-v1
[[ $1 == --print-image ]] && echo "$image" && exit 0
podman build --squash -t "$image" -f "$argv0dir/Dockerfile" "$argv0dir"
podman image list "$image"
echo
podman image tree "$image"

19
misc/podman/test-qemu/test-qemu-6.0-alpine/11-list-packages.sh
View File

@ -1,19 +0,0 @@
#! /usr/bin/env bash
## vim:set ts=4 sw=4 et:
set -e; set -o pipefail
argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
# list all system packages that are installed in the image
# using a rootless Podman container
image="$("$argv0dir/10-create-image.sh" --print-image)"
podman image list "$image"
echo
podman image tree "$image"
echo 'Packages:'
flags=( --read-only --rm --pull=never )
flags+=( --cap-drop=all ) # drop all capabilities
flags+=( --network=none ) # no network needed
podman run "${flags[@]}" "$image" bash -c $'apk info -v | sed \'s/ *$//\' | LC_ALL=C sort'

41
misc/podman/test-qemu/test-qemu-6.0-alpine/20-image-run-shell.sh
View File

@ -1,41 +0,0 @@
#! /usr/bin/env bash
## vim:set ts=4 sw=4 et:
set -e; set -o pipefail
argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
# run an interactive shell in the image
# using a rootless Podman container
image="$("$argv0dir/10-create-image.sh" --print-image)"
flags=( --read-only --rm --pull=never )
flags+=( --cap-drop=all ) # drop all capabilities
flags+=( --network=none ) # no network needed
flags+=( -ti -e TERM="$TERM" ) # allocate an interactive pseudo-tty and pass $TERM
if [[ 1 == 1 ]]; then
# run as user upx 2000:2000
flags+=( --user 2000 )
# map container users 0..999 to subuid-users 1..1000, and map container user 2000 to current host user
flags+=( --uidmap=0:1:1000 --uidmap=2000:0:1 )
# map container groups 0..999 to subgid-groups 1..1000, and map container group 2000 to current host group
flags+=( --gidmap=0:1:1000 --gidmap=2000:0:1 )
# NOTE: we mount the upx top-level directory read-write under /home/upx/src/upx
# INFO: SELinux users *may* have to add ":z" to the volume mount flags; check the docs!
flags+=( -v "${argv0dir}/../../../..:/home/upx/src/upx" )
flags+=( -w /home/upx/src/upx ) # set working directory
flags+=( --tmpfs /home/upx/.cache:rw,exec ) # mount a writeable tmpfs
flags+=( --tmpfs /home/upx/.local:rw,exec ) # mount a writeable tmpfs
else
# run as user root 0:0
# ONLY FOR DEBUGGING THE IMAGE
# map container user/group 0 to current host user/group
flags+=( --user 0 )
fi
if [[ $# == 0 ]]; then
podman run "${flags[@]}" "$image" bash -l
else
podman run "${flags[@]}" "$image" "$@"
fi
# please see usage instructions in ../README.md

35
misc/podman/test-qemu/test-qemu-6.0-alpine/Dockerfile
View File

@ -1,35 +0,0 @@
FROM docker.io/library/alpine:3.14
# install qemu-6.0.0-r5 and some utils
RUN apk update && apk upgrade && apk add \
bash-completion \
coreutils \
musl-dbg \
qemu-aarch64 \
qemu-aarch64_be \
qemu-arm \
qemu-armeb \
qemu-i386 \
qemu-m68k \
qemu-mips \
qemu-mipsel \
qemu-ppc \
qemu-ppc64 \
qemu-ppc64le \
qemu-riscv32 \
qemu-riscv64 \
qemu-s390x \
qemu-sh4 \
qemu-sh4eb \
qemu-x86_64 \
strace \
zsh \
&& true
# create default user upx:upx 2000:2000
RUN adduser upx -u 2000 -D \
&& cd /home/upx && chmod 00700 . \
&& mkdir -p .cache/tmp .local/bin src/upx \
&& chown -R upx:upx . \
&& true
USER upx

16
misc/podman/test-qemu/test-qemu-6.1-alpine/10-create-image.sh
View File

@ -1,16 +0,0 @@
#! /usr/bin/env bash
## vim:set ts=4 sw=4 et:
set -e; set -o pipefail
argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
# create the image from Dockerfile
# using a rootless Podman container
image=upx-test-qemu-6.1-alpine-20230725-v1
[[ $1 == --print-image ]] && echo "$image" && exit 0
podman build --squash -t "$image" -f "$argv0dir/Dockerfile" "$argv0dir"
podman image list "$image"
echo
podman image tree "$image"

19
misc/podman/test-qemu/test-qemu-6.1-alpine/11-list-packages.sh
View File

@ -1,19 +0,0 @@
#! /usr/bin/env bash
## vim:set ts=4 sw=4 et:
set -e; set -o pipefail
argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
# list all system packages that are installed in the image
# using a rootless Podman container
image="$("$argv0dir/10-create-image.sh" --print-image)"
podman image list "$image"
echo
podman image tree "$image"
echo 'Packages:'
flags=( --read-only --rm --pull=never )
flags+=( --cap-drop=all ) # drop all capabilities
flags+=( --network=none ) # no network needed
podman run "${flags[@]}" "$image" bash -c $'apk info -v | sed \'s/ *$//\' | LC_ALL=C sort'

41
misc/podman/test-qemu/test-qemu-6.1-alpine/20-image-run-shell.sh
View File

@ -1,41 +0,0 @@
#! /usr/bin/env bash
## vim:set ts=4 sw=4 et:
set -e; set -o pipefail
argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
# run an interactive shell in the image
# using a rootless Podman container
image="$("$argv0dir/10-create-image.sh" --print-image)"
flags=( --read-only --rm --pull=never )
flags+=( --cap-drop=all ) # drop all capabilities
flags+=( --network=none ) # no network needed
flags+=( -ti -e TERM="$TERM" ) # allocate an interactive pseudo-tty and pass $TERM
if [[ 1 == 1 ]]; then
# run as user upx 2000:2000
flags+=( --user 2000 )
# map container users 0..999 to subuid-users 1..1000, and map container user 2000 to current host user
flags+=( --uidmap=0:1:1000 --uidmap=2000:0:1 )
# map container groups 0..999 to subgid-groups 1..1000, and map container group 2000 to current host group
flags+=( --gidmap=0:1:1000 --gidmap=2000:0:1 )
# NOTE: we mount the upx top-level directory read-write under /home/upx/src/upx
# INFO: SELinux users *may* have to add ":z" to the volume mount flags; check the docs!
flags+=( -v "${argv0dir}/../../../..:/home/upx/src/upx" )
flags+=( -w /home/upx/src/upx ) # set working directory
flags+=( --tmpfs /home/upx/.cache:rw,exec ) # mount a writeable tmpfs
flags+=( --tmpfs /home/upx/.local:rw,exec ) # mount a writeable tmpfs
else
# run as user root 0:0
# ONLY FOR DEBUGGING THE IMAGE
# map container user/group 0 to current host user/group
flags+=( --user 0 )
fi
if [[ $# == 0 ]]; then
podman run "${flags[@]}" "$image" bash -l
else
podman run "${flags[@]}" "$image" "$@"
fi
# please see usage instructions in ../README.md

35
misc/podman/test-qemu/test-qemu-6.1-alpine/Dockerfile
View File

@ -1,35 +0,0 @@
FROM docker.io/library/alpine:3.15
# install qemu-6.1.1-r0 and some utils
RUN apk update && apk upgrade && apk add \
bash-completion \
coreutils \
musl-dbg \
qemu-aarch64 \
qemu-aarch64_be \
qemu-arm \
qemu-armeb \
qemu-i386 \
qemu-m68k \
qemu-mips \
qemu-mipsel \
qemu-ppc \
qemu-ppc64 \
qemu-ppc64le \
qemu-riscv32 \
qemu-riscv64 \
qemu-s390x \
qemu-sh4 \
qemu-sh4eb \
qemu-x86_64 \
strace \
zsh \
&& true
# create default user upx:upx 2000:2000
RUN adduser upx -u 2000 -D \
&& cd /home/upx && chmod 00700 . \
&& mkdir -p .cache/tmp .local/bin src/upx \
&& chown -R upx:upx . \
&& true
USER upx

16
misc/podman/test-qemu/test-qemu-7.0-alpine/10-create-image.sh
View File

@ -1,16 +0,0 @@
#! /usr/bin/env bash
## vim:set ts=4 sw=4 et:
set -e; set -o pipefail
argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
# create the image from Dockerfile
# using a rootless Podman container
image=upx-test-qemu-7.0-alpine-20230725-v1
[[ $1 == --print-image ]] && echo "$image" && exit 0
podman build --squash -t "$image" -f "$argv0dir/Dockerfile" "$argv0dir"
podman image list "$image"
echo
podman image tree "$image"

19
misc/podman/test-qemu/test-qemu-7.0-alpine/11-list-packages.sh
View File

@ -1,19 +0,0 @@
#! /usr/bin/env bash
## vim:set ts=4 sw=4 et:
set -e; set -o pipefail
argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
# list all system packages that are installed in the image
# using a rootless Podman container
image="$("$argv0dir/10-create-image.sh" --print-image)"
podman image list "$image"
echo
podman image tree "$image"
echo 'Packages:'
flags=( --read-only --rm --pull=never )
flags+=( --cap-drop=all ) # drop all capabilities
flags+=( --network=none ) # no network needed
podman run "${flags[@]}" "$image" bash -c $'apk info -v | sed \'s/ *$//\' | LC_ALL=C sort'

41
misc/podman/test-qemu/test-qemu-7.0-alpine/20-image-run-shell.sh
View File

@ -1,41 +0,0 @@
#! /usr/bin/env bash
## vim:set ts=4 sw=4 et:
set -e; set -o pipefail
argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
# run an interactive shell in the image
# using a rootless Podman container
image="$("$argv0dir/10-create-image.sh" --print-image)"
flags=( --read-only --rm --pull=never )
flags+=( --cap-drop=all ) # drop all capabilities
flags+=( --network=none ) # no network needed
flags+=( -ti -e TERM="$TERM" ) # allocate an interactive pseudo-tty and pass $TERM
if [[ 1 == 1 ]]; then
# run as user upx 2000:2000
flags+=( --user 2000 )
# map container users 0..999 to subuid-users 1..1000, and map container user 2000 to current host user
flags+=( --uidmap=0:1:1000 --uidmap=2000:0:1 )
# map container groups 0..999 to subgid-groups 1..1000, and map container group 2000 to current host group
flags+=( --gidmap=0:1:1000 --gidmap=2000:0:1 )
# NOTE: we mount the upx top-level directory read-write under /home/upx/src/upx
# INFO: SELinux users *may* have to add ":z" to the volume mount flags; check the docs!
flags+=( -v "${argv0dir}/../../../..:/home/upx/src/upx" )
flags+=( -w /home/upx/src/upx ) # set working directory
flags+=( --tmpfs /home/upx/.cache:rw,exec ) # mount a writeable tmpfs
flags+=( --tmpfs /home/upx/.local:rw,exec ) # mount a writeable tmpfs
else
# run as user root 0:0
# ONLY FOR DEBUGGING THE IMAGE
# map container user/group 0 to current host user/group
flags+=( --user 0 )
fi
if [[ $# == 0 ]]; then
podman run "${flags[@]}" "$image" bash -l
else
podman run "${flags[@]}" "$image" "$@"
fi
# please see usage instructions in ../README.md

35
misc/podman/test-qemu/test-qemu-7.0-alpine/Dockerfile
View File

@ -1,35 +0,0 @@
FROM docker.io/library/alpine:3.16
# install qemu-7.0.0-r0 and some utils
RUN apk update && apk upgrade && apk add \
bash-completion \
coreutils \
musl-dbg \
qemu-aarch64 \
qemu-aarch64_be \
qemu-arm \
qemu-armeb \
qemu-i386 \
qemu-m68k \
qemu-mips \
qemu-mipsel \
qemu-ppc \
qemu-ppc64 \
qemu-ppc64le \
qemu-riscv32 \
qemu-riscv64 \
qemu-s390x \
qemu-sh4 \
qemu-sh4eb \
qemu-x86_64 \
strace \
zsh \
&& true
# create default user upx:upx 2000:2000
RUN adduser upx -u 2000 -D \
&& cd /home/upx && chmod 00700 . \
&& mkdir -p .cache/tmp .local/bin src/upx \
&& chown -R upx:upx . \
&& true
USER upx

16
misc/podman/test-qemu/test-qemu-7.1-alpine/10-create-image.sh
View File

@ -1,16 +0,0 @@
#! /usr/bin/env bash
## vim:set ts=4 sw=4 et:
set -e; set -o pipefail
argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
# create the image from Dockerfile
# using a rootless Podman container
image=upx-test-qemu-7.1-alpine-20230725-v1
[[ $1 == --print-image ]] && echo "$image" && exit 0
podman build --squash -t "$image" -f "$argv0dir/Dockerfile" "$argv0dir"
podman image list "$image"
echo
podman image tree "$image"

19
misc/podman/test-qemu/test-qemu-7.1-alpine/11-list-packages.sh
View File

@ -1,19 +0,0 @@
#! /usr/bin/env bash
## vim:set ts=4 sw=4 et:
set -e; set -o pipefail
argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
# list all system packages that are installed in the image
# using a rootless Podman container
image="$("$argv0dir/10-create-image.sh" --print-image)"
podman image list "$image"
echo
podman image tree "$image"
echo 'Packages:'
flags=( --read-only --rm --pull=never )
flags+=( --cap-drop=all ) # drop all capabilities
flags+=( --network=none ) # no network needed
podman run "${flags[@]}" "$image" bash -c $'apk info -v | sed \'s/ *$//\' | LC_ALL=C sort'

41
misc/podman/test-qemu/test-qemu-7.1-alpine/20-image-run-shell.sh
View File

@ -1,41 +0,0 @@
#! /usr/bin/env bash
## vim:set ts=4 sw=4 et:
set -e; set -o pipefail
argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
# run an interactive shell in the image
# using a rootless Podman container
image="$("$argv0dir/10-create-image.sh" --print-image)"
flags=( --read-only --rm --pull=never )
flags+=( --cap-drop=all ) # drop all capabilities
flags+=( --network=none ) # no network needed
flags+=( -ti -e TERM="$TERM" ) # allocate an interactive pseudo-tty and pass $TERM
if [[ 1 == 1 ]]; then
# run as user upx 2000:2000
flags+=( --user 2000 )
# map container users 0..999 to subuid-users 1..1000, and map container user 2000 to current host user
flags+=( --uidmap=0:1:1000 --uidmap=2000:0:1 )
# map container groups 0..999 to subgid-groups 1..1000, and map container group 2000 to current host group
flags+=( --gidmap=0:1:1000 --gidmap=2000:0:1 )
# NOTE: we mount the upx top-level directory read-write under /home/upx/src/upx
# INFO: SELinux users *may* have to add ":z" to the volume mount flags; check the docs!
flags+=( -v "${argv0dir}/../../../..:/home/upx/src/upx" )
flags+=( -w /home/upx/src/upx ) # set working directory
flags+=( --tmpfs /home/upx/.cache:rw,exec ) # mount a writeable tmpfs
flags+=( --tmpfs /home/upx/.local:rw,exec ) # mount a writeable tmpfs
else
# run as user root 0:0
# ONLY FOR DEBUGGING THE IMAGE
# map container user/group 0 to current host user/group
flags+=( --user 0 )
fi
if [[ $# == 0 ]]; then
podman run "${flags[@]}" "$image" bash -l
else
podman run "${flags[@]}" "$image" "$@"
fi
# please see usage instructions in ../README.md

35
misc/podman/test-qemu/test-qemu-7.1-alpine/Dockerfile
View File

@ -1,35 +0,0 @@
FROM docker.io/library/alpine:3.17
# install qemu-7.1.0-r7 and some utils
RUN apk update && apk upgrade && apk add \
bash-completion \
coreutils \
musl-dbg \
qemu-aarch64 \
qemu-aarch64_be \
qemu-arm \
qemu-armeb \
qemu-i386 \
qemu-m68k \
qemu-mips \
qemu-mipsel \
qemu-ppc \
qemu-ppc64 \
qemu-ppc64le \
qemu-riscv32 \
qemu-riscv64 \
qemu-s390x \
qemu-sh4 \
qemu-sh4eb \
qemu-x86_64 \
strace \
zsh \
&& true
# create default user upx:upx 2000:2000
RUN adduser upx -u 2000 -D \
&& cd /home/upx && chmod 00700 . \
&& mkdir -p .cache/tmp .local/bin src/upx \
&& chown -R upx:upx . \
&& true
USER upx

16
misc/podman/test-qemu/test-qemu-8.0-alpine/10-create-image.sh
View File

@ -1,16 +0,0 @@
#! /usr/bin/env bash
## vim:set ts=4 sw=4 et:
set -e; set -o pipefail
argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
# create the image from Dockerfile
# using a rootless Podman container
image=upx-test-qemu-8.0-alpine-20230725-v1
[[ $1 == --print-image ]] && echo "$image" && exit 0
podman build --squash -t "$image" -f "$argv0dir/Dockerfile" "$argv0dir"
podman image list "$image"
echo
podman image tree "$image"

19
misc/podman/test-qemu/test-qemu-8.0-alpine/11-list-packages.sh
View File

@ -1,19 +0,0 @@
#! /usr/bin/env bash
## vim:set ts=4 sw=4 et:
set -e; set -o pipefail
argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
# list all system packages that are installed in the image
# using a rootless Podman container
image="$("$argv0dir/10-create-image.sh" --print-image)"
podman image list "$image"
echo
podman image tree "$image"
echo 'Packages:'
flags=( --read-only --rm --pull=never )
flags+=( --cap-drop=all ) # drop all capabilities
flags+=( --network=none ) # no network needed
podman run "${flags[@]}" "$image" bash -c $'apk info -v | sed \'s/ *$//\' | LC_ALL=C sort'

41
misc/podman/test-qemu/test-qemu-8.0-alpine/20-image-run-shell.sh
View File

@ -1,41 +0,0 @@
#! /usr/bin/env bash
## vim:set ts=4 sw=4 et:
set -e; set -o pipefail
argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
# run an interactive shell in the image
# using a rootless Podman container
image="$("$argv0dir/10-create-image.sh" --print-image)"
flags=( --read-only --rm --pull=never )
flags+=( --cap-drop=all ) # drop all capabilities
flags+=( --network=none ) # no network needed
flags+=( -ti -e TERM="$TERM" ) # allocate an interactive pseudo-tty and pass $TERM
if [[ 1 == 1 ]]; then
# run as user upx 2000:2000
flags+=( --user 2000 )
# map container users 0..999 to subuid-users 1..1000, and map container user 2000 to current host user
flags+=( --uidmap=0:1:1000 --uidmap=2000:0:1 )
# map container groups 0..999 to subgid-groups 1..1000, and map container group 2000 to current host group
flags+=( --gidmap=0:1:1000 --gidmap=2000:0:1 )
# NOTE: we mount the upx top-level directory read-write under /home/upx/src/upx
# INFO: SELinux users *may* have to add ":z" to the volume mount flags; check the docs!
flags+=( -v "${argv0dir}/../../../..:/home/upx/src/upx" )
flags+=( -w /home/upx/src/upx ) # set working directory
flags+=( --tmpfs /home/upx/.cache:rw,exec ) # mount a writeable tmpfs
flags+=( --tmpfs /home/upx/.local:rw,exec ) # mount a writeable tmpfs
else
# run as user root 0:0
# ONLY FOR DEBUGGING THE IMAGE
# map container user/group 0 to current host user/group
flags+=( --user 0 )
fi
if [[ $# == 0 ]]; then
podman run "${flags[@]}" "$image" bash -l
else
podman run "${flags[@]}" "$image" "$@"
fi
# please see usage instructions in ../README.md

35
misc/podman/test-qemu/test-qemu-8.0-alpine/Dockerfile
View File

@ -1,35 +0,0 @@
FROM docker.io/library/alpine:3.18
# install qemu-8.0.3-r1 and some utils
RUN apk update && apk upgrade && apk add \
bash-completion \
coreutils \
musl-dbg \
qemu-aarch64 \
qemu-aarch64_be \
qemu-arm \
qemu-armeb \
qemu-i386 \
qemu-m68k \
qemu-mips \
qemu-mipsel \
qemu-ppc \
qemu-ppc64 \
qemu-ppc64le \
qemu-riscv32 \
qemu-riscv64 \
qemu-s390x \
qemu-sh4 \
qemu-sh4eb \
qemu-x86_64 \
strace \
zsh \
&& true
# create default user upx:upx 2000:2000
RUN adduser upx -u 2000 -D \
&& cd /home/upx && chmod 00700 . \
&& mkdir -p .cache/tmp .local/bin src/upx \
&& chown -R upx:upx . \
&& true
USER upx

2
src/compress/compress_ucl.cpp
View File

@ -56,6 +56,8 @@ static int convert_errno_from_ucl(int r) {
// UCL extra:
case UCL_E_OVERLAP_OVERRUN:
return UPX_E_ERROR;
default:
break;
}
return UPX_E_ERROR;
}

2
src/compress/compress_zlib.cpp
View File

@ -64,6 +64,8 @@ static int convert_errno_from_zlib(int zr) {
return UPX_E_ERROR;
case -7: // UPX extra
return UPX_E_INPUT_OVERRUN;
default:
break;
}
return UPX_E_ERROR;
}

18
src/conf.h
View File

@ -85,7 +85,7 @@ inline void upx_std_call_once(upx_std_once_flag &flag, NoexceptCallable &&f) {
}
#endif // WITH_THREADS
// <type_traits> C++20 std::is_bounded_array
// <type_traits> upx_std_is_bounded_array: same as C++20 std::is_bounded_array
template <class T>
struct upx_std_is_bounded_array : public std::false_type {};
template <class T, size_t N>
@ -93,7 +93,13 @@ struct upx_std_is_bounded_array<T[N]> : public std::true_type {};
template <class T>
inline constexpr bool upx_std_is_bounded_array_v = upx_std_is_bounded_array<T>::value;
// <type_traits> is_same_all and is_same_any: std::is_same for multiple types
// <type_traits> upx_is_integral is overloaded for BE16 & friends; see bele.h
template <class T>
struct upx_is_integral : public std::is_integral<T> {};
template <class T>
inline constexpr bool upx_is_integral_v = upx_is_integral<T>::value;
// <type_traits> util: is_same_all and is_same_any means std::is_same for multiple types
template <class T, class... Ts>
struct is_same_all : public std::conjunction<std::is_same<T, Ts>...> {};
template <class T, class... Ts>
@ -103,12 +109,6 @@ struct is_same_any : public std::disjunction<std::is_same<T, Ts>...> {};
template <class T, class... Ts>
inline constexpr bool is_same_any_v = is_same_any<T, Ts...>::value;
// upx_is_integral is overloaded for BE16 & friends; see bele.h
template <class T>
struct upx_is_integral : public std::is_integral<T> {};
template <class T>
inline constexpr bool upx_is_integral_v = upx_is_integral<T>::value;
#if (ACC_ARCH_M68K && ACC_OS_TOS && ACC_CC_GNUC) && defined(__MINT__)
// horrible hack for broken compiler
#define upx_fake_alignas_1 __attribute__((__aligned__(1),__packed__))
@ -461,7 +461,7 @@ constexpr bool string_le(const char *a, const char *b) {
constexpr bool string_ge(const char *a, const char *b) {
return !string_lt(a, b);
}
}
} // namespace compile_time
/*************************************************************************
// constants

8
src/file.cpp
View File

@ -129,10 +129,10 @@ upx_off_t FileBase::seek(upx_off_t off, int whence) {
whence = SEEK_SET;
}
// SEEK_CUR falls through to here
upx_off_t rv = ::lseek(_fd, off, whence);
if (rv < 0)
upx_off_t l = ::lseek(_fd, off, whence);
if (l < 0)
throwIOException("seek error", errno);
return rv - _offset;
return l - _offset;
}
upx_off_t FileBase::tell() const {
@ -321,7 +321,7 @@ upx_off_t OutputFile::seek(upx_off_t off, int whence) {
void OutputFile::set_extent(upx_off_t offset, upx_off_t length) {
super::set_extent(offset, length);
bytes_written = 0;
if (0 == offset && 0xffffffffLL == length) {
if (0 == offset && 0xffffffffLL == length) { // TODO: check all callers of this method
if (::fstat(_fd, &st) != 0)
throwIOException(_name, errno);
_length = st.st_size - offset;

18
src/packer.h
View File

@ -291,29 +291,35 @@ protected:
static inline constexpr bool is_te32_type = is_same_any_v<T, byte, upx_uint32_t, BE32, LE32>;
template <class T>
static inline constexpr bool is_te64_type = is_same_any_v<T, byte, upx_uint64_t, BE64, LE64>;
template <class T>
using enable_if_te16 = std::enable_if_t<is_te16_type<T>, T>;
template <class T>
using enable_if_te32 = std::enable_if_t<is_te32_type<T>, T>;
template <class T>
using enable_if_te64 = std::enable_if_t<is_te64_type<T>, T>;
template <class T, class = std::enable_if_t<is_te16_type<T>, T> >
template <class T, class = enable_if_te16<T> >
inline unsigned get_te16(const T *p) const noexcept {
return bele->get16(p);
}
template <class T, class = std::enable_if_t<is_te32_type<T>, T> >
template <class T, class = enable_if_te32<T> >
inline unsigned get_te32(const T *p) const noexcept {
return bele->get32(p);
}
template <class T, class = std::enable_if_t<is_te64_type<T>, T> >
template <class T, class = enable_if_te64<T> >
inline upx_uint64_t get_te64(const T *p) const noexcept {
return bele->get64(p);
}
template <class T, class = std::enable_if_t<is_te16_type<T>, T> >
template <class T, class = enable_if_te16<T> >
inline void set_te16(T *p, unsigned v) noexcept {
bele->set16(p, v);
}
template <class T, class = std::enable_if_t<is_te32_type<T>, T> >
template <class T, class = enable_if_te32<T> >
inline void set_te32(T *p, unsigned v) noexcept {
bele->set32(p, v);
}
template <class T, class = std::enable_if_t<is_te64_type<T>, T> >
template <class T, class = enable_if_te64<T> >
inline void set_te64(T *p, upx_uint64_t v) noexcept {
bele->set64(p, v);
}

2
src/pefile.cpp
View File

@ -197,7 +197,7 @@ int PeFile::readFileHeader() {
throwCantPack(buf);
}
pe_offset += delta;
} else if (get_le32(&h) == 'P' + 'E' * 256)
} else if (get_le32((const byte *) &h) == 'P' + 'E' * 256)
break;
else
return 0;

7
src/util/membuffer.cpp
View File

@ -62,6 +62,7 @@ static noinline void init_use_simple_mcheck() noexcept {
static bool use_simple_mcheck() noexcept {
static upx_std_once_flag init_done;
upx_std_call_once(init_done, init_use_simple_mcheck);
// NOTE: clang-analyzer-unix.Malloc does not know that this flag is "constant"
return use_simple_mcheck_flag;
}
#else
@ -195,7 +196,7 @@ void MemBuffer::checkState() const {
}
void MemBuffer::alloc(upx_uint64_t bytes) {
// NOTE: we don't automatically free a used buffer
// INFO: we don't automatically free a used buffer
assert(ptr == nullptr);
assert(size_in_bytes == 0);
//
@ -254,9 +255,9 @@ void MemBuffer::dealloc() noexcept {
set_ne32(p + size_in_bytes, 0);
set_ne32(p + size_in_bytes + 4, 0);
//
::free(p - 16);
::free(p - 16); // NOLINT(clang-analyzer-unix.Malloc) // see NOTE above
} else {
::free(ptr);
::free(ptr); // NOLINT(clang-analyzer-unix.Malloc) // see NOTE above
}
ptr = nullptr;
size_in_bytes = 0;

6
src/util/xspan.cpp
View File

@ -76,7 +76,11 @@ void xspan_check_range(const void *ptr, const void *base, ptrdiff_t size_in_byte
xspan_fail_range_nullptr();
if very_unlikely (base == nullptr)
xspan_fail_range_nullbase();
ptrdiff_t off = (const charptr) ptr - (const charptr) base;
#if defined(__SANITIZE_ADDRESS__)
const acc_intptr_t off = (acc_uintptr_t) ptr - (acc_uintptr_t) base;
#else
const ptrdiff_t off = (const charptr) ptr - (const charptr) base;
#endif
if very_unlikely (off < 0 || off > size_in_bytes || size_in_bytes > UPX_RSIZE_MAX)
xspan_fail_range_range();
NO_fprintf(stderr, "xspan_check_range done\n");

10
src/util/xspan_impl.h
View File

@ -206,6 +206,16 @@ struct XSpanInternalDummyArg {
XSPAN_NAMESPACE_END
// poison a pointer: point to a non-null invalid address
// - resulting pointer should crash on dereference
// - this should be efficient (so no mmap() guard page etc.)
// - this should play nice with runtime checkers like ASAN, valgrind, etc.
// - this should play nice with static analyzers like clang-tidy
static forceinline void *XSPAN_GET_POISON_VOID_PTR() {
// return (void *) (upx_uintptr_t) 16; // NOLINT(performance-no-int-to-ptr)
return (void *) 16;
}
#ifndef XSPAN_DELETED_FUNCTION
#define XSPAN_DELETED_FUNCTION = delete
#endif

2
src/util/xspan_impl_common.h
View File

@ -114,7 +114,7 @@ forceinline ~CSelf() noexcept {}
noinline void invalidate() {
assertInvariants();
// poison the pointer: point to non-null invalid address
ptr = (pointer) (void *) (upx_uintptr_t) 16; // NOLINT(performance-no-int-to-ptr)
ptr = (pointer) XSPAN_GET_POISON_VOID_PTR();
// ptr = (pointer) (void *) &ptr; // point to self
base = ptr;
size_in_bytes = 0;

2
src/util/xspan_impl_ptr.h
View File

@ -78,7 +78,7 @@ public:
noinline void invalidate() {
assertInvariants();
// poison the pointer: point to non-null invalid address
ptr = (pointer) (void *) (upx_uintptr_t) 16; // NOLINT(performance-no-int-to-ptr)
ptr = (pointer) XSPAN_GET_POISON_VOID_PTR();
// ptr = (pointer) (void *) &ptr; // point to self
assertInvariants();
}

4
src/version.h
View File

@ -1,6 +1,6 @@
#define UPX_VERSION_HEX 0x040100 /* 04.01.00 */
#define UPX_VERSION_STRING "4.1.0"
#define UPX_VERSION_STRING4 "4.10"
#define UPX_VERSION_DATE "May 28th 2023"
#define UPX_VERSION_DATE_ISO "2023-05-28"
#define UPX_VERSION_DATE "Aug 3rd 2023"
#define UPX_VERSION_DATE_ISO "2023-08-03"
#define UPX_VERSION_YEAR "2023"

1
src/work.cpp
View File

@ -100,7 +100,6 @@ void do_one_file(const char *iname, char *oname) {
}
InputFile fi;
fi.st = st;
fi.sopen(iname, O_RDONLY | O_BINARY, SH_DENYWR);
#if USE_FTIME