summaryrefslogtreecommitdiff
path: root/patches/source/squashfs-tools
diff options
context:
space:
mode:
authorPatrick J Volkerding <volkerdi@slackware.com>2018-05-25 23:29:36 +0000
committerEric Hameleers <alien@slackware.com>2018-06-01 00:36:01 +0200
commit39366733c3fe943363566756e2e152c45a1b3cb2 (patch)
tree228b0735896af90ca78151c9a69aa3efd12c8cae /patches/source/squashfs-tools
parentd31c50870d0bee042ce660e445c9294a59a3a65b (diff)
downloadcurrent-39366733c3fe943363566756e2e152c45a1b3cb2.tar.gz
Fri May 25 23:29:36 UTC 201814.2
patches/packages/glibc-zoneinfo-2018e-noarch-2_slack14.2.txz: Rebuilt. Handle removal of US/Pacific-New timezone. If we see that the machine is using this, it will be automatically switched to US/Pacific.
Diffstat (limited to 'patches/source/squashfs-tools')
-rw-r--r--patches/source/squashfs-tools/0001-kfreebsd.patch123
-rw-r--r--patches/source/squashfs-tools/0002-fix_phys_mem_calculation.patch159
-rw-r--r--patches/source/squashfs-tools/0003-CVE-2015-4645_and_CVE-2015-4646.patch76
-rw-r--r--patches/source/squashfs-tools/0004-unsquashfs-add-support-for-LZMA-magics.patch102
-rw-r--r--patches/source/squashfs-tools/0006-uptream-fix-race.patch54
-rw-r--r--patches/source/squashfs-tools/0007-fix-2GB-limit-in-mksquashfs.patch27
-rw-r--r--patches/source/squashfs-tools/slack-desc19
-rwxr-xr-xpatches/source/squashfs-tools/squashfs-tools.SlackBuild122
8 files changed, 682 insertions, 0 deletions
diff --git a/patches/source/squashfs-tools/0001-kfreebsd.patch b/patches/source/squashfs-tools/0001-kfreebsd.patch
new file mode 100644
index 00000000..7ce6cd5b
--- /dev/null
+++ b/patches/source/squashfs-tools/0001-kfreebsd.patch
@@ -0,0 +1,123 @@
+Author: Cyril Brulebois <kibi@debian.org>
+Description: Fixes FTBFS on kfreebsd (Closes: #557174).
+Last-Update: 2015-09-06
+
+--- squashfs-tools-4.3.orig/squashfs-tools/mksquashfs.c
++++ squashfs-tools-4.3/squashfs-tools/mksquashfs.c
+@@ -51,7 +51,7 @@
+ #include <limits.h>
+ #include <ctype.h>
+
+-#ifndef linux
++#if !defined(linux) && !defined(__GLIBC__)
+ #define __BYTE_ORDER BYTE_ORDER
+ #define __BIG_ENDIAN BIG_ENDIAN
+ #define __LITTLE_ENDIAN LITTLE_ENDIAN
+@@ -4105,7 +4105,7 @@ void initialise_threads(int readq, int f
+ BAD_ERROR("Failed to set signal mask in intialise_threads\n");
+
+ if(processors == -1) {
+-#ifndef linux
++#if !defined(linux) && !defined(__GLIBC__)
+ int mib[2];
+ size_t len = sizeof(processors);
+
+--- squashfs-tools-4.3.orig/squashfs-tools/read_fs.c
++++ squashfs-tools-4.3/squashfs-tools/read_fs.c
+@@ -35,7 +35,7 @@
+ #include <limits.h>
+ #include <dirent.h>
+
+-#ifndef linux
++#if !defined(linux) && !defined(__GLIBC__)
+ #define __BYTE_ORDER BYTE_ORDER
+ #define __BIG_ENDIAN BIG_ENDIAN
+ #define __LITTLE_ENDIAN LITTLE_ENDIAN
+--- squashfs-tools-4.3.orig/squashfs-tools/read_xattrs.c
++++ squashfs-tools-4.3/squashfs-tools/read_xattrs.c
+@@ -31,7 +31,7 @@
+ #include <stdio.h>
+ #include <string.h>
+
+-#ifndef linux
++#if !defined(linux) && !defined(__GLIBC__)
+ #define __BYTE_ORDER BYTE_ORDER
+ #define __BIG_ENDIAN BIG_ENDIAN
+ #define __LITTLE_ENDIAN LITTLE_ENDIAN
+--- squashfs-tools-4.3.orig/squashfs-tools/swap.c
++++ squashfs-tools-4.3/squashfs-tools/swap.c
+@@ -19,7 +19,7 @@
+ * swap.c
+ */
+
+-#ifndef linux
++#if !defined(linux) && !defined(__GLIBC__)
+ #define __BYTE_ORDER BYTE_ORDER
+ #define __BIG_ENDIAN BIG_ENDIAN
+ #define __LITTLE_ENDIAN LITTLE_ENDIAN
+--- squashfs-tools-4.3.orig/squashfs-tools/unsquashfs.c
++++ squashfs-tools-4.3/squashfs-tools/unsquashfs.c
+@@ -2190,7 +2190,7 @@ void initialise_threads(int fragment_buf
+ "\n");
+
+ if(processors == -1) {
+-#ifndef linux
++#if !defined(linux) && !defined(__GLIBC__)
+ int mib[2];
+ size_t len = sizeof(processors);
+
+--- squashfs-tools-4.3.orig/squashfs-tools/unsquashfs.h
++++ squashfs-tools-4.3/squashfs-tools/unsquashfs.h
+@@ -47,7 +47,7 @@
+ #include <sys/ioctl.h>
+ #include <sys/time.h>
+
+-#ifndef linux
++#if !defined(linux) && !defined(__GLIBC__)
+ #define __BYTE_ORDER BYTE_ORDER
+ #define __BIG_ENDIAN BIG_ENDIAN
+ #define __LITTLE_ENDIAN LITTLE_ENDIAN
+--- squashfs-tools-4.3.orig/squashfs-tools/xz_wrapper.h
++++ squashfs-tools-4.3/squashfs-tools/xz_wrapper.h
+@@ -24,7 +24,7 @@
+ *
+ */
+
+-#ifndef linux
++#if !defined(linux) && !defined(__GLIBC__)
+ #define __BYTE_ORDER BYTE_ORDER
+ #define __BIG_ENDIAN BIG_ENDIAN
+ #define __LITTLE_ENDIAN LITTLE_ENDIAN
+--- squashfs-tools-4.3.orig/squashfs-tools/gzip_wrapper.h
++++ squashfs-tools-4.3/squashfs-tools/gzip_wrapper.h
+@@ -24,7 +24,7 @@
+ *
+ */
+
+-#ifndef linux
++#if !defined(linux) && !defined(__GLIBC__)
+ #define __BYTE_ORDER BYTE_ORDER
+ #define __BIG_ENDIAN BIG_ENDIAN
+ #define __LITTLE_ENDIAN LITTLE_ENDIAN
+--- squashfs-tools-4.3.orig/squashfs-tools/lz4_wrapper.h
++++ squashfs-tools-4.3/squashfs-tools/lz4_wrapper.h
+@@ -24,7 +24,7 @@
+ *
+ */
+
+-#ifndef linux
++#if !defined(linux) && !defined(__GLIBC__)
+ #define __BYTE_ORDER BYTE_ORDER
+ #define __BIG_ENDIAN BIG_ENDIAN
+ #define __LITTLE_ENDIAN LITTLE_ENDIAN
+--- squashfs-tools-4.3.orig/squashfs-tools/lzo_wrapper.h
++++ squashfs-tools-4.3/squashfs-tools/lzo_wrapper.h
+@@ -24,7 +24,7 @@
+ *
+ */
+
+-#ifndef linux
++#if !defined(linux) && !defined(__GLIBC__)
+ #define __BYTE_ORDER BYTE_ORDER
+ #define __BIG_ENDIAN BIG_ENDIAN
+ #define __LITTLE_ENDIAN LITTLE_ENDIAN
diff --git a/patches/source/squashfs-tools/0002-fix_phys_mem_calculation.patch b/patches/source/squashfs-tools/0002-fix_phys_mem_calculation.patch
new file mode 100644
index 00000000..20f9005b
--- /dev/null
+++ b/patches/source/squashfs-tools/0002-fix_phys_mem_calculation.patch
@@ -0,0 +1,159 @@
+From 55f7ba830d40d438f0b0663a505e0c227fc68b6b Mon Sep 17 00:00:00 2001
+From: Phillip Lougher <phillip@squashfs.org.uk>
+Date: Tue, 10 Jun 2014 21:51:52 +0100
+Subject: [PATCH] mksquashfs: fix phys mem calculation for 32-bit processes on
+ PAE/64-bit kernels
+
+When adding the code to base default memory usage on physical memory
+(by default use 25% of physical memory), I made an oversight. I assumed
+the process would be able to address 25% of physical memory.
+
+However, for 32-bit processes running on a PAE kernel or 64-bit kernel,
+25% of physical memory can easily exceed the addressible memory for a
+32-bit process, e.g. if a machine has 24 GB of physical memory, the
+code would asume the process could easily use 6 GB.
+
+A 32-bit process by definition can only address 4 GB (32-bit pointers).
+But, due to the typical kernel/user-space split (1GB/3GB, or 2GB/2GB)
+on PAE kernels, a 32-bit process may only be able to address 2 GB.
+
+So, if Mksquashfs is a 32-bit application running on a PAE/64-bit kernel,
+the code assumes it can address much more memory than it really can, which
+means it runs out of memory.
+
+The fix is to impose a maximum default limit on 32-bit kernels, or
+otherwise to never use a value more than 25% of the address space. If
+we assume the maximum address space is 2 GB, then the maximum becomes
+512 MB. But, given most kernels used the 1GB/3GB split, that may be
+unduely conservative, and 25% of 3 GB (756 MB) may be better. This
+patch compromises on 640 MB, which is mid-way between the 512 MB and 756 MB
+values. It is also the fixed default value previously used by Mksquashfs.
+
+This patch also alters the code which imposes a maximum size. Previously
+it was believed limiting to the physical memory size was adequate. But
+obviously this needs to be updated to take into account a 32-bit process
+may only be able to address 2 GB. In the process I've also taken the
+opportunity to limit all requests to no more than 75% of physical memory.
+
+Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
+---
+ squashfs-tools/mksquashfs.c | 78 ++++++++++++++++++++++++++++++++++++++++-----
+ 1 file changed, 70 insertions(+), 8 deletions(-)
+
+diff --git a/squashfs-tools/mksquashfs.c b/squashfs-tools/mksquashfs.c
+index 86f82bb..5370ecf 100644
+--- a/squashfs-tools/mksquashfs.c
++++ b/squashfs-tools/mksquashfs.c
+@@ -304,7 +304,7 @@ void restorefs();
+ struct dir_info *scan1_opendir(char *pathname, char *subpath, int depth);
+ void write_filesystem_tables(struct squashfs_super_block *sBlk, int nopad);
+ unsigned short get_checksum_mem(char *buff, int bytes);
+-int get_physical_memory();
++void check_usable_phys_mem(int total_mem);
+
+
+ void prep_exit()
+@@ -4053,11 +4053,7 @@ void initialise_threads(int readq, int fragq, int bwriteq, int fwriteq,
+ BAD_ERROR("Queue sizes rediculously too large\n");
+ total_mem += fwriteq;
+
+- if(total_mem > get_physical_memory()) {
+- ERROR("Total queue sizes larger than physical memory.\n");
+- ERROR("Mksquashfs will exhaust physical memory and thrash.\n");
+- BAD_ERROR("Queues too large\n");
+- }
++ check_usable_phys_mem(total_mem);
+
+ /*
+ * convert from queue size in Mbytes to queue size in
+@@ -4879,6 +4875,72 @@ int get_physical_memory()
+ }
+
+
++void check_usable_phys_mem(int total_mem)
++{
++ /*
++ * We want to allow users to use as much of their physical
++ * memory as they wish. However, for practical reasons there are
++ * limits which need to be imposed, to protect users from themselves
++ * and to prevent people from using Mksquashfs as a DOS attack by using
++ * all physical memory. Mksquashfs uses memory to cache data from disk
++ * to optimise performance. It is pointless to ask it to use more
++ * than 75% of physical memory, as this causes thrashing and it is thus
++ * self-defeating.
++ */
++ int mem = get_physical_memory();
++
++ mem = (mem >> 1) + (mem >> 2); /* 75% */
++
++ if(total_mem > mem) {
++ ERROR("Total memory requested is more than 75%% of physical "
++ "memory.\n");
++ ERROR("Mksquashfs uses memory to cache data from disk to "
++ "optimise performance.\n");
++ ERROR("It is pointless to ask it to use more than this amount "
++ "of memory, as this\n");
++ ERROR("causes thrashing and it is thus self-defeating.\n");
++ BAD_ERROR("Requested memory size too large\n");
++ }
++
++ if(sizeof(void *) == 4 && total_mem > 2048) {
++ /*
++ * If we're running on a kernel with PAE or on a 64-bit kernel,
++ * then the 75% physical memory limit can still easily exceed
++ * the addressable memory by this process.
++ *
++ * Due to the typical kernel/user-space split (1GB/3GB, or
++ * 2GB/2GB), we have to conservatively assume the 32-bit
++ * processes can only address 2-3GB. So refuse if the user
++ * tries to allocate more than 2GB.
++ */
++ ERROR("Total memory requested may exceed maximum "
++ "addressable memory by this process\n");
++ BAD_ERROR("Requested memory size too large\n");
++ }
++}
++
++
++int get_default_phys_mem()
++{
++ int mem = get_physical_memory() / SQUASHFS_TAKE;
++
++ if(sizeof(void *) == 4 && mem > 640) {
++ /*
++ * If we're running on a kernel with PAE or on a 64-bit kernel,
++ * the default memory usage can exceed the addressable
++ * memory by this process.
++ * Due to the typical kernel/user-space split (1GB/3GB, or
++ * 2GB/2GB), we have to conservatively assume the 32-bit
++ * processes can only address 2-3GB. So limit the default
++ * usage to 640M, which gives room for other data.
++ */
++ mem = 640;
++ }
++
++ return mem;
++}
++
++
+ void calculate_queue_sizes(int mem, int *readq, int *fragq, int *bwriteq,
+ int *fwriteq)
+ {
+@@ -4890,7 +4952,7 @@ void calculate_queue_sizes(int mem, int *readq, int *fragq, int *bwriteq,
+
+
+ #define VERSION() \
+- printf("mksquashfs version 4.3 (2014/05/12)\n");\
++ printf("mksquashfs version 4.3-git (2014/06/09)\n");\
+ printf("copyright (C) 2014 Phillip Lougher "\
+ "<phillip@squashfs.org.uk>\n\n"); \
+ printf("This program is free software; you can redistribute it and/or"\
+@@ -4918,7 +4980,7 @@ int main(int argc, char *argv[])
+ int fragq;
+ int bwriteq;
+ int fwriteq;
+- int total_mem = get_physical_memory() / SQUASHFS_TAKE;
++ int total_mem = get_default_phys_mem();
+ int progress = TRUE;
+ int force_progress = FALSE;
+ struct file_buffer **fragment = NULL;
diff --git a/patches/source/squashfs-tools/0003-CVE-2015-4645_and_CVE-2015-4646.patch b/patches/source/squashfs-tools/0003-CVE-2015-4645_and_CVE-2015-4646.patch
new file mode 100644
index 00000000..d81639f6
--- /dev/null
+++ b/patches/source/squashfs-tools/0003-CVE-2015-4645_and_CVE-2015-4646.patch
@@ -0,0 +1,76 @@
+From 6777e08cc38bc780d27c69c1d8c272867b74524f Mon Sep 17 00:00:00 2001
+From: Giancarlo Canales Barreto <gcanalesb@me.com>
+Date: Wed, 17 Jun 2015 00:22:19 -0400
+Subject: [PATCH] Update unsquash-4.c
+
+There seems to be a stack overflow in read_fragment_table_4 at via what seems to be an integer overflow. Still looking into this problem, it seems like two or three different problems combined.
+
+The first problem overflows the bytes variable, so that the allocation is enormous.
+```c
+int bytes = SQUASHFS_FRAGMENT_BYTES(sBlk.s.fragments);
+```
+
+If we fix this by making the variable size_t, we run into an unrelated problem in which the stack VLA allocation of fragment_table_index can easily exceed RLIMIT_STACK.
+```c
+long long fragment_table_index[indexes];
+```
+
+In the case of my system, the RLIMIT_STACK is 8388608, and VLA is asking for 15728648. Plus the stack probably already has a bunch of other things. This is what I believe ultimately leads to the stack overflow.
+
+Afterwards, the heap allocation seems to succeed, and the disastrous call to read_fs_bytes is made, which initiates transfer from the squashfs image to the stack. At this stage, a stack overflow appears to be in full effect.
+
+```c
+ res = read_fs_bytes(fd, sBlk.s.fragment_table_start,
+ SQUASHFS_FRAGMENT_INDEX_BYTES(sBlk.s.fragments),
+ fragment_table_index);
+```
+This problem is also present in other read_fragment_table_N functions, and in in the original squashfs-tools.
+
+```
+Parallel unsquashfs: Using 8 processors
+ASAN:SIGSEGV
+=================================================================
+==8221==ERROR: AddressSanitizer: stack-overflow on address 0x7ffef3ae9608 (pc 0x000000559011 bp 0x7ffef49e9670 sp 0x7ffef3ae9610 T0)
+ #0 0x559010 in read_fragment_table_4 /home/septimus/vr/squashfs-vr/squashfs-tools/unsquash-4.c:40:9
+ #1 0x525073 in main /home/septimus/vr/squashfs-vr/squashfs-tools/unsquashfs.c:2763:5
+ #2 0x7fb56c533a3f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x20a3f)
+ #3 0x418468 in _start (/home/septimus/vr/squashfs-vr/squashfs-tools/unsquashfs+0x418468)
+SUMMARY: AddressSanitizer: stack-overflow /home/septimus/vr/squashfs-vr/squashfs-tools/unsquash-4.c:40:9 in read_fragment_table_4
+==8221==ABORTING
+```
+
+Perhaps we should avoid using VLA altogether, and allocate fragment_table_index to the heap?
+This pull request is an example implementation of the fix for unsquash-4, but I don't have enough test vectors to verify it will not break anything.
+---
+ unsquash-4.c | 11 ++++++++---
+ 1 file changed, 8 insertions(+), 3 deletions(-)
+
+diff --git a/squashfs-tools/unsquash-4.c b/squashfs-tools/unsquash-4.c
+index ecdaac7..2c0cf63 100644
+--- a/squashfs-tools/unsquash-4.c
++++ b/squashfs-tools/unsquash-4.c
+@@ -31,9 +31,9 @@ static unsigned int *id_table;
+ int read_fragment_table_4(long long *directory_table_end)
+ {
+ int res, i;
+- int bytes = SQUASHFS_FRAGMENT_BYTES(sBlk.s.fragments);
+- int indexes = SQUASHFS_FRAGMENT_INDEXES(sBlk.s.fragments);
+- long long fragment_table_index[indexes];
++ size_t bytes = SQUASHFS_FRAGMENT_BYTES(sBlk.s.fragments);
++ size_t indexes = SQUASHFS_FRAGMENT_INDEXES(sBlk.s.fragments);
++ long long *fragment_table_index;
+
+ TRACE("read_fragment_table: %d fragments, reading %d fragment indexes "
+ "from 0x%llx\n", sBlk.s.fragments, indexes,
+@@ -44,6 +44,11 @@ int read_fragment_table_4(long long *directory_table_end)
+ return TRUE;
+ }
+
++ fragment_table_index = malloc(indexes*sizeof(long long));
++ if(fragment_table_index == NULL)
++ EXIT_UNSQUASH("read_fragment_table: failed to allocate "
++ "fragment table index\n");
++
+ fragment_table = malloc(bytes);
+ if(fragment_table == NULL)
+ EXIT_UNSQUASH("read_fragment_table: failed to allocate "
diff --git a/patches/source/squashfs-tools/0004-unsquashfs-add-support-for-LZMA-magics.patch b/patches/source/squashfs-tools/0004-unsquashfs-add-support-for-LZMA-magics.patch
new file mode 100644
index 00000000..258416bf
--- /dev/null
+++ b/patches/source/squashfs-tools/0004-unsquashfs-add-support-for-LZMA-magics.patch
@@ -0,0 +1,102 @@
+From c2dc60a94b01a1fff4a22db1c0569651afa6c959 Mon Sep 17 00:00:00 2001
+From: Jonas Gorski <jonas.gorski@gmail.com>
+Date: Wed, 19 Oct 2011 11:44:57 +0200
+Subject: [PATCH] unsquashfs: add support for LZMA magics
+X-Face: z*RaLf`X<@C75u6Ig9}{oW$H;1_\2t5)({*|jhM<pyWR#k60!#=#>/Vb;]yA5<GWI5`6u&+
+ ;6b'@y|8w"wB;4/e!7wYYrcqdJFY,~%Gk_4]cq$Ei/7<j&N3ah(m`ku?pX.&+~:_/wC~dwn^)MizBG
+ !pE^+iDQQ1yC6^,)YDKkxDd!T>\I~93>J<_`<4)A{':UrE
+
+Some vendor (e.g. Thomson/Technicolor) use a different super block magic
+to indicate LZMA compression:
+
+ qshs (0x71736873) - LZMA compression
+ shsq (0x73687371) - LZMA compression, SWAPPED fields
+
+Add support for detecting this and enable extraction for filesystems
+from those firmwares.
+
+Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
+Tested-by: Antonio Ospite <ospite@studenti.unina.it>
+---
+ squashfs-tools/squashfs_fs.h | 6 ++++++
+ squashfs-tools/unsquashfs.c | 24 ++++++++++++++++++------
+ 2 files changed, 24 insertions(+), 6 deletions(-)
+
+diff --git a/squashfs-tools/squashfs_fs.h b/squashfs-tools/squashfs_fs.h
+index d4fba1b..8462a6b 100644
+--- a/squashfs-tools/squashfs_fs.h
++++ b/squashfs-tools/squashfs_fs.h
+@@ -30,6 +30,12 @@
+ #define SQUASHFS_MAGIC_SWAP 0x68737173
+ #define SQUASHFS_START 0
+
++/*
++ * Squashfs + LZMA
++ */
++#define SQUASHFS_MAGIC_LZMA 0x71736873
++#define SQUASHFS_MAGIC_LZMA_SWAP 0x73687371
++
+ /* size of metadata (inode and directory) blocks */
+ #define SQUASHFS_METADATA_SIZE 8192
+ #define SQUASHFS_METADATA_LOG 13
+diff --git a/squashfs-tools/unsquashfs.c b/squashfs-tools/unsquashfs.c
+index 320bead..7869a38 100644
+--- a/squashfs-tools/unsquashfs.c
++++ b/squashfs-tools/unsquashfs.c
+@@ -1516,10 +1516,12 @@ int read_super(char *source)
+ */
+ read_fs_bytes(fd, SQUASHFS_START, sizeof(struct squashfs_super_block),
+ &sBlk_4);
+- swap = sBlk_4.s_magic != SQUASHFS_MAGIC;
++ swap = (sBlk_4.s_magic != SQUASHFS_MAGIC &&
++ sBlk_4.s_magic != SQUASHFS_MAGIC_LZMA);
+ SQUASHFS_INSWAP_SUPER_BLOCK(&sBlk_4);
+
+- if(sBlk_4.s_magic == SQUASHFS_MAGIC && sBlk_4.s_major == 4 &&
++ if((sBlk_4.s_magic == SQUASHFS_MAGIC ||
++ sBlk_4.s_magic == SQUASHFS_MAGIC_LZMA) && sBlk_4.s_major == 4 &&
+ sBlk_4.s_minor == 0) {
+ s_ops.squashfs_opendir = squashfs_opendir_4;
+ s_ops.read_fragment = read_fragment_4;
+@@ -1532,7 +1534,11 @@ int read_super(char *source)
+ /*
+ * Check the compression type
+ */
+- comp = lookup_compressor_id(sBlk.s.compression);
++ if (sBlk_4.s_magic == SQUASHFS_MAGIC_LZMA)
++ comp = lookup_compressor("lzma");
++ else
++ comp = lookup_compressor_id(sBlk.s.compression);
++
+ return TRUE;
+ }
+
+@@ -1547,8 +1553,10 @@ int read_super(char *source)
+ * Check it is a SQUASHFS superblock
+ */
+ swap = 0;
+- if(sBlk_3.s_magic != SQUASHFS_MAGIC) {
+- if(sBlk_3.s_magic == SQUASHFS_MAGIC_SWAP) {
++ if(sBlk_3.s_magic != SQUASHFS_MAGIC &&
++ sBlk_3.s_magic != SQUASHFS_MAGIC_LZMA) {
++ if(sBlk_3.s_magic == SQUASHFS_MAGIC_SWAP ||
++ sBlk_3.s_magic == SQUASHFS_MAGIC_LZMA_SWAP) {
+ squashfs_super_block_3 sblk;
+ ERROR("Reading a different endian SQUASHFS filesystem "
+ "on %s\n", source);
+@@ -1626,7 +1634,11 @@ int read_super(char *source)
+ /*
+ * 1.x, 2.x and 3.x filesystems use gzip compression.
+ */
+- comp = lookup_compressor("gzip");
++ if (sBlk.s.s_magic == SQUASHFS_MAGIC_LZMA)
++ comp = lookup_compressor("lzma");
++ else
++ comp = lookup_compressor("gzip");
++
+ return TRUE;
+
+ failed_mount:
+--
+1.7.10.4
+
diff --git a/patches/source/squashfs-tools/0006-uptream-fix-race.patch b/patches/source/squashfs-tools/0006-uptream-fix-race.patch
new file mode 100644
index 00000000..3cefbe5b
--- /dev/null
+++ b/patches/source/squashfs-tools/0006-uptream-fix-race.patch
@@ -0,0 +1,54 @@
+commit de03266983ceb62e5365aac84fcd3b2fd4d16e6f
+Author: Phillip Lougher <phillip@squashfs.org.uk>
+Date: Thu Sep 18 01:28:11 2014 +0100
+
+ mksquashfs: fix rare race in fragment waiting in filesystem finalisation
+
+ Fix a rare race condition in fragment waiting when finalising the
+ filesystem. This is a race condition that was initially fixed in 2009,
+ but inadvertantly re-introduced in the latest release when the code
+ was rewritten.
+
+ Background:
+
+ When finalising the filesystem, the main control thread needs to ensure
+ all the in-flight fragments have been queued to the writer thread before
+ asking the writer thread to finish, and then writing the metadata.
+
+ It does this by waiting on the fragments_outstanding counter. Once this
+ counter reaches 0, it synchronises with the writer thread, waiting until
+ the writer thread reports no outstanding data to be written.
+
+ However, the main thread can race with the fragment deflator thread(s)
+ because the fragment deflator thread(s) decrement the fragments_outstanding
+ counter and release the mutex before queueing the compressed fragment
+ to the writer thread, i.e. the offending code is:
+
+ fragments_outstanding --;
+ pthread_mutex_unlock(&fragment_mutex);
+ queue_put(to_writer, write_buffer);
+
+ In extremely rare circumstances, the main thread may see the
+ fragments_outstanding counter is zero before the fragment
+ deflator sends the fragment buffer to the writer thread, and synchronise
+ with the writer thread, and finalise before the fragment has been written.
+
+ The fix is to ensure the fragment is queued to the writer thread
+ before releasing the mutex.
+
+ Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
+
+diff --git a/squashfs-tools/mksquashfs.c b/squashfs-tools/mksquashfs.c
+index 87b7d86..f1fcff1 100644
+--- a/squashfs-tools/mksquashfs.c
++++ b/squashfs-tools/mksquashfs.c
+@@ -2445,8 +2445,8 @@ void *frag_deflator(void *arg)
+ write_buffer->block = bytes;
+ bytes += compressed_size;
+ fragments_outstanding --;
+- pthread_mutex_unlock(&fragment_mutex);
+ queue_put(to_writer, write_buffer);
++ pthread_mutex_unlock(&fragment_mutex);
+ TRACE("Writing fragment %lld, uncompressed size %d, "
+ "compressed size %d\n", file_buffer->block,
+ file_buffer->size, compressed_size);
diff --git a/patches/source/squashfs-tools/0007-fix-2GB-limit-in-mksquashfs.patch b/patches/source/squashfs-tools/0007-fix-2GB-limit-in-mksquashfs.patch
new file mode 100644
index 00000000..c689a3a9
--- /dev/null
+++ b/patches/source/squashfs-tools/0007-fix-2GB-limit-in-mksquashfs.patch
@@ -0,0 +1,27 @@
+From 9c1db6d13a51a2e009f0027ef336ce03624eac0d Mon Sep 17 00:00:00 2001
+From: "Guan, Xin" <guanx.bac@gmail.com>
+Date: Sat, 13 Sep 2014 13:15:26 +0200
+Subject: [PATCH] Fix 2GB-limit of the is_fragment(...) function.
+
+Applies to squashfs-tools 4.3.
+
+Reported-by: Bruno Wolff III <bruno@wolff.to>
+Signed-off-by: Guan, Xin <guanx.bac@gmail.com>
+Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
+---
+ squashfs-tools/mksquashfs.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/squashfs-tools/mksquashfs.c b/squashfs-tools/mksquashfs.c
+index f1fcff1..d221c35 100644
+--- a/squashfs-tools/mksquashfs.c
++++ b/squashfs-tools/mksquashfs.c
+@@ -2055,7 +2055,7 @@ struct file_info *duplicate(long long file_size, long long bytes,
+
+ inline int is_fragment(struct inode_info *inode)
+ {
+- int file_size = inode->buf.st_size;
++ off_t file_size = inode->buf.st_size;
+
+ /*
+ * If this block is to be compressed differently to the
diff --git a/patches/source/squashfs-tools/slack-desc b/patches/source/squashfs-tools/slack-desc
new file mode 100644
index 00000000..681a6630
--- /dev/null
+++ b/patches/source/squashfs-tools/slack-desc
@@ -0,0 +1,19 @@
+# HOW TO EDIT THIS FILE:
+# The "handy ruler" below makes it easier to edit a package description. Line
+# up the first '|' above the ':' following the base package name, and the '|'
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
+# customary to leave one space after the ':' except on otherwise blank lines.
+
+ |-----handy-ruler------------------------------------------------------|
+squashfs-tools: squashfs-tools (squashed read-only filesystem for Linux)
+squashfs-tools:
+squashfs-tools: Squashfs is a highly compressed read-only filesystem for Linux.
+squashfs-tools: Squashfs compresses both files, inodes and directories, and
+squashfs-tools: supports block sizes up to 1Mbytes for greater compression.
+squashfs-tools: It is implemented as a kernel module under VFS.
+squashfs-tools: The package contains tools for manipulation of squashfs bundles.
+squashfs-tools:
+squashfs-tools:
+squashfs-tools: squashfs-tools home: http://squashfs.sourceforge.net/
+squashfs-tools:
diff --git a/patches/source/squashfs-tools/squashfs-tools.SlackBuild b/patches/source/squashfs-tools/squashfs-tools.SlackBuild
new file mode 100755
index 00000000..1b010d0e
--- /dev/null
+++ b/patches/source/squashfs-tools/squashfs-tools.SlackBuild
@@ -0,0 +1,122 @@
+#!/bin/sh
+
+# Copyright 2015 Eric Hameleers, Eindhoven, NL
+# Copyright 2017 Patrick J. Volkerding, Sebeka, Minnesota, USA
+# All rights reserved.
+#
+# Redistribution and use of this script, with or without modification, is
+# permitted provided that the following conditions are met:
+#
+# 1. Redistributions of this script must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+#
+# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
+# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
+# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+
+PKGNAM=squashfs-tools
+VERSION=${VERSION:-$(echo squashfs*.tar.xz | cut -b9- | rev | cut -f3- -d . | rev)}
+BUILD=${BUILD:-2_slack14.2}
+
+# Automatically determine the architecture we're building on:
+if [ -z "$ARCH" ]; then
+ case "$(uname -m)" in
+ i?86) ARCH=i586 ;;
+ arm*) readelf /usr/bin/file -A | egrep -q "Tag_CPU.*[4,5]" && ARCH=arm || ARCH=armv7hl ;;
+ # Unless $ARCH is already set, use uname -m for all other archs:
+ *) ARCH=$(uname -m) ;;
+ esac
+ export ARCH
+fi
+
+NUMJOBS=${NUMJOBS:-" -j7 "}
+
+if [ "$ARCH" = "i586" ]; then
+ SLKCFLAGS="-O2 -march=i586 -mtune=i686"
+ LIBDIRSUFFIX=""
+elif [ "$ARCH" = "i686" ]; then
+ SLKCFLAGS="-O2 -march=i686"
+ LIBDIRSUFFIX=""
+elif [ "$ARCH" = "s390" ]; then
+ SLKCFLAGS="-O2"
+ LIBDIRSUFFIX=""
+elif [ "$ARCH" = "x86_64" ]; then
+ SLKCFLAGS="-O2 -fPIC"
+ LIBDIRSUFFIX="64"
+elif [ "$ARCH" = "armv7hl" ]; then
+ SLKCFLAGS="-O3 -march=armv7-a -mfpu=vfpv3-d16"
+ LIBDIRSUFFIX=""
+else
+ SLKCFLAGS="-O2"
+ LIBDIRSUFFIX=""
+fi
+
+CWD=$(pwd)
+TMP=${TMP:-/tmp}
+PKG=$TMP/package-$PKGNAM
+
+rm -rf $PKG
+mkdir -p $TMP $PKG
+
+cd $TMP
+rm -rf squashfs${VERSION}
+tar xvf $CWD/squashfs${VERSION}.tar.xz || exit 1
+cd squashfs${VERSION} || exit 1
+
+zcat $CWD/0001-kfreebsd.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/0002-fix_phys_mem_calculation.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/0003-CVE-2015-4645_and_CVE-2015-4646.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/0004-unsquashfs-add-support-for-LZMA-magics.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/0006-uptream-fix-race.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/0007-fix-2GB-limit-in-mksquashfs.patch.gz | patch -p1 --verbose || exit 1
+
+chown -R root:root .
+find . \
+ \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
+ -exec chmod 755 {} \; -o \
+ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
+ -exec chmod 644 {} \;
+
+cd squashfs-tools || exit 1
+
+# Build:
+CFLAGS="$SLKCFLAGS" \
+make $NUMJOBS \
+ GZIP_SUPPORT="1" \
+ XZ_SUPPORT="1" \
+ LZO_SUPPORT="1" \
+ LZMA_XZ_SUPPORT="1" \
+ COMP_DEFAULT="xz" || exit 1
+
+# Install:
+make install INSTALL_DIR=$PKG/usr/bin || exit 1
+
+# Strip binaries:
+( cd $PKG
+ find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
+ find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
+)
+
+# Add a documentation directory:
+mkdir -p $PKG/usr/doc/${PKGNAM}-$VERSION
+( cd ..
+ cp -a \
+ ACKNOWLEDGEMENTS CHANGES COPYING DONATIONS INSTALL \
+ README* PERFORMANCE.README *.example \
+ $PKG/usr/doc/${PKGNAM}-$VERSION
+)
+
+mkdir -p $PKG/install
+cat $CWD/slack-desc > $PKG/install/slack-desc
+
+cd $PKG
+/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz
+