Mirror/upx
1
0
Fork 0
mirror of https://github.com/upx/upx.git synced 2025-08-11 22:52:30 +08:00
Code Issues Projects Releases Wiki Activity

all: misc updates

Browse Source
This commit is contained in:
Markus F.X.J. Oberhumer
2023-07-12 18:59:08 +02:00
parent 7ec0faca1e
commit 8d41ae09c8
36 changed files with 405 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
.github/typos_config.toml vendored
View File

@ -4,7 +4,7 @@
# tricky, so some false positives are fine # tricky, so some false positives are fine
[files] [files]
extend-exclude = ["LICENSE", "misc/*/packages.txt"] extend-exclude = ["LICENSE", "misc/*/packages.txt", "misc/*/*/packages.txt"]
[default.extend-identifiers] [default.extend-identifiers]
# misc variable names & symbols # misc variable names & symbols
@ -13,7 +13,10 @@ ba = "ba"
fo = "fo" fo = "fo"
fof = "fof" fof = "fof"
O_WRONLY = "O_WRONLY" O_WRONLY = "O_WRONLY"
# clang-analyzer-optin.cplusplus
optin = "optin"
sidelen = "sidelen" sidelen = "sidelen"
tpos = "tpos"
# assembly sources # assembly sources
CArry = "CArry" CArry = "CArry"
hda = "hda" hda = "hda"

7
.github/workflows/ci.yml vendored
View File

@ -32,6 +32,7 @@ jobs:
sudo mv -v -n ./packages/usr/lib/x86_64-linux-gnu/lib* /usr/lib/x86_64-linux-gnu/ sudo mv -v -n ./packages/usr/lib/x86_64-linux-gnu/lib* /usr/lib/x86_64-linux-gnu/
rm -rf ./*.deb ./packages rm -rf ./*.deb ./packages
sudo ldconfig sudo ldconfig
# install upx-stubtools
wget -q -O - https://github.com/upx/upx-stubtools/releases/download/v20221212/bin-upx-20221212.tar.xz | tar -xJ wget -q -O - https://github.com/upx/upx-stubtools/releases/download/v20221212/bin-upx-20221212.tar.xz | tar -xJ
- name: 'Check out code' - name: 'Check out code'
uses: actions/checkout@v3 uses: actions/checkout@v3
@ -285,8 +286,6 @@ jobs:
- name: 'Prepare sources and Check out test suite' - name: 'Prepare sources and Check out test suite'
shell: bash shell: bash
run: | run: |
git config --global core.autocrlf input
git --version && bash --version
git clone --depth=1 https://github.com/upx/upx-testsuite ../deps/upx-testsuite git clone --depth=1 https://github.com/upx/upx-testsuite ../deps/upx-testsuite
mkdir -p -v build/$C/$B/{bzip2,ucl,upx,zlib,zstd} mkdir -p -v build/$C/$B/{bzip2,ucl,upx,zlib,zstd}
- name: 'Set up Developer Command Prompt' - name: 'Set up Developer Command Prompt'
@ -297,7 +296,7 @@ jobs:
- name: 'Build by hand' - name: 'Build by hand'
shell: cmd shell: cmd
run: | run: |
@REM setup directories @REM ===== set vars =====
where cl & where link where cl & where link
set RUN_CL=cl ${{ matrix.cl_machine_flags }} -MT set RUN_CL=cl ${{ matrix.cl_machine_flags }} -MT
set RUN_LIB=link -lib ${{ matrix.link_machine_flags }} set RUN_LIB=link -lib ${{ matrix.link_machine_flags }}
@ -331,7 +330,7 @@ jobs:
set UPX_LIBS=%BDIR%\bzip2\bzip2.lib %BDIR%\ucl\ucl.lib %BDIR%\zlib\zlib.lib %BDIR%\zstd\zstd.lib set UPX_LIBS=%BDIR%\bzip2\bzip2.lib %BDIR%\ucl\ucl.lib %BDIR%\zlib\zlib.lib %BDIR%\zstd\zstd.lib
set UPX_LIBS=%BDIR%\ucl\ucl.lib %BDIR%\zlib\zlib.lib set UPX_LIBS=%BDIR%\ucl\ucl.lib %BDIR%\zlib\zlib.lib
set sources=%s%\*.cpp %s%\check\*.cpp %s%\compress\*.cpp %s%\console\*.cpp %s%\filter\*.cpp %s%\util\*.cpp set sources=%s%\*.cpp %s%\check\*.cpp %s%\compress\*.cpp %s%\console\*.cpp %s%\filter\*.cpp %s%\util\*.cpp
%RUN_CL% -J -O2 -W4 -WX -std:c++17 -Zc:__cplusplus -EHsc -DUPX_VERSION_GITREV="""%GITREV%""" %UPX_DEFS% %DEFS% -I%H%\vendor -Feupx.exe %sources% %UPX_LIBS% /link ${{ matrix.link_machine_flags }} setargv.obj %RUN_CL% -J -O2 -W4 -WX -std:c++17 -Zc:__cplusplus -EHsc -DUPX_VERSION_GITREV="""%GITREV%""" %DEFS% %UPX_DEFS% -I%H%\vendor -Feupx.exe %sources% %UPX_LIBS% /link ${{ matrix.link_machine_flags }} setargv.obj
- name: 'Make artifact' - name: 'Make artifact'
shell: bash shell: bash
run: | run: |

2
.github/workflows/static-analyzer-clang-analyzer.yml vendored
View File

@ -2,7 +2,7 @@
name: 'Static Analyzer - clang-analyzer' name: 'Static Analyzer - clang-analyzer'
on: on:
schedule: [cron: '20 5 * * 3'] # run weekly Wednesday 05:20 UTC schedule: [cron: '10 5 * * 3'] # run weekly Wednesday 05:10 UTC
workflow_dispatch: workflow_dispatch:
jobs: jobs:

2
.github/workflows/static-analyzer-codeql.yml vendored
View File

@ -2,7 +2,7 @@
name: 'Static Analyzer - CodeQL' name: 'Static Analyzer - CodeQL'
on: on:
schedule: [cron: '40 5 * * 3'] # run weekly Wednesday 05:40 UTC schedule: [cron: '50 5 * * 3'] # run weekly Wednesday 05:50 UTC
workflow_dispatch: workflow_dispatch:
jobs: jobs:

8
.github/workflows/weekly-ci-alpine-linux.yml vendored
View File

@ -1,9 +1,9 @@
# Copyright (C) Markus Franz Xaver Johannes Oberhumer # Copyright (C) Markus Franz Xaver Johannes Oberhumer
# build under various Alpine Linux versions with clang and gcc, and # Build under various Alpine Linux versions with clang and gcc, and
# also test building with C++20 and C++23 # also test building with C++20 and C++23.
# also uses a subdirectory "upx with space" that contains whitespace in order # And also uses a subdirectory "upx with space" that contains whitespace in order
# to detect possible quoting issues # to detect possible quoting issues.
# info: Alpine 3.9 has clang-5, cmake-3.13.0 and gcc-8, which nicely # info: Alpine 3.9 has clang-5, cmake-3.13.0 and gcc-8, which nicely
# matches our minimal build requirements # matches our minimal build requirements

7
.gitignore vendored
View File

@ -13,18 +13,25 @@ tmp*
*.a *.a
*.d *.d
*.bz2
*.dll *.dll
*.dylib
*.exe *.exe
*.gz
*.lib *.lib
*.map *.map
*.o *.o
*.obj *.obj
*.out *.out
*.py[cdo] *.py[cdo]
*.rar
*.so *.so
*.swp *.swp
*.tmp *.tmp
*.ttp *.ttp
*.xz
*.zip
*.zst
doc/*.man doc/*.man
doc/*.ps doc/*.ps

2
misc/cross-compile-upx-with-podman/11-list-packages.sh
View File

@ -6,7 +6,7 @@ argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
# list all system packages that are installed in the image # list all system packages that are installed in the image
# using a rootless Podman container # using a rootless Podman container
image=upx-cross-compile-20230115-v4 image="$("$argv0dir/10-create-image.sh" --print-image)"
podman image list "$image" podman image list "$image"
echo echo

2
misc/rebuild-stubs-with-podman/11-list-packages.sh
View File

@ -6,7 +6,7 @@ argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
# list all system packages that are installed in the image # list all system packages that are installed in the image
# using a rootless Podman container # using a rootless Podman container
image=upx-stubtools-20221212-v6 image="$("$argv0dir/10-create-image.sh" --print-image)"
podman image list "$image" podman image list "$image"
echo echo

16
misc/test-qemu-with-podman/test-qemu3-alpine/10-create-image.sh Executable file
View File

@ -0,0 +1,16 @@
#! /usr/bin/env bash
## vim:set ts=4 sw=4 et:
set -e; set -o pipefail
argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
# create the image from Dockerfile
# using a rootless Podman container
image=upx-test-qemu3-alpine-20230708-v1
[[ $1 == --print-image ]] && echo "$image" && exit 0
podman build --squash -t "$image" -f "$argv0dir/Dockerfile" "$argv0dir"
podman image list "$image"
echo
podman image tree "$image"

19
misc/test-qemu-with-podman/test-qemu3-alpine/11-list-packages.sh Executable file
View File

@ -0,0 +1,19 @@
#! /usr/bin/env bash
## vim:set ts=4 sw=4 et:
set -e; set -o pipefail
argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
# list all system packages that are installed in the image
# using a rootless Podman container
image="$("$argv0dir/10-create-image.sh" --print-image)"
podman image list "$image"
echo
podman image tree "$image"
echo 'Packages:'
flags=( --read-only --rm --pull=never )
flags+=( --cap-drop=all ) # drop all capabilities
flags+=( --network=none ) # no network needed
podman run "${flags[@]}" "$image" bash -c $'apk info -v | sed \'s/ *$//\' | LC_ALL=C sort'

37
misc/test-qemu-with-podman/test-qemu3-alpine/20-image-run-shell.sh Executable file
View File

@ -0,0 +1,37 @@
#! /usr/bin/env bash
## vim:set ts=4 sw=4 et:
set -e; set -o pipefail
argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
# run an interactive shell in the image
# using a rootless Podman container
image="$("$argv0dir/10-create-image.sh" --print-image)"
flags=( --read-only --rm --pull=never )
flags+=( --cap-drop=all ) # drop all capabilities
flags+=( --network=none ) # no network needed
flags+=( -ti -e TERM="$TERM" ) # allocate an interactive pseudo-tty and pass $TERM
if [[ 1 == 1 ]]; then
# run as user upx 2000:2000
flags+=( --user 2000 )
# map container users 0..999 to subuid-users 1..1000, and map container user 2000 to current host user
flags+=( --uidmap=0:1:1000 --uidmap=2000:0:1 )
# map container groups 0..999 to subgid-groups 1..1000, and map container group 2000 to current host group
flags+=( --gidmap=0:1:1000 --gidmap=2000:0:1 )
# NOTE: we mount the upx top-level directory read-write under /home/upx/src/upx
# INFO: SELinux users *may* have to add ":z" to the volume mount flags; check the docs!
flags+=( -v "${argv0dir}/../../..:/home/upx/src/upx" )
flags+=( -w /home/upx/src/upx ) # set working directory
flags+=( --tmpfs /home/upx/.cache:rw,exec ) # mount a writeable tmpfs
flags+=( --tmpfs /home/upx/.local:rw,exec ) # mount a writeable tmpfs
else
# run as user root 0:0
# ONLY FOR DEBUGGING THE IMAGE
# map container user/group 0 to current host user/group
flags+=( --user 0 )
fi
podman run "${flags[@]}" "$image" bash -l
# please see usage instructions in ../README.md

26
misc/test-qemu-with-podman/test-qemu3-alpine/Dockerfile Normal file
View File

@ -0,0 +1,26 @@
FROM docker.io/library/alpine:3.9
# install qemu 3.1.0-r3 and some utils
RUN apk update && apk upgrade && apk add \
bash-completion \
musl-dbg \
qemu-aarch64 \
qemu-arm \
qemu-armeb \
qemu-i386 \
qemu-mips \
qemu-mipsel \
qemu-ppc \
qemu-ppc64 \
qemu-ppc64le \
qemu-x86_64 \
strace \
&& true
# create default user upx 2000:2000
RUN adduser upx -u 2000 -D \
&& cd /home/upx && chmod 00700 . \
&& mkdir -p .cache .local/bin src/upx \
&& chown -R upx:upx . \
&& true
USER upx

16
misc/test-qemu-with-podman/test-qemu4-alpine/10-create-image.sh Executable file
View File

@ -0,0 +1,16 @@
#! /usr/bin/env bash
## vim:set ts=4 sw=4 et:
set -e; set -o pipefail
argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
# create the image from Dockerfile
# using a rootless Podman container
image=upx-test-qemu4-alpine-20230708-v1
[[ $1 == --print-image ]] && echo "$image" && exit 0
podman build --squash -t "$image" -f "$argv0dir/Dockerfile" "$argv0dir"
podman image list "$image"
echo
podman image tree "$image"

19
misc/test-qemu-with-podman/test-qemu4-alpine/11-list-packages.sh Executable file
View File

@ -0,0 +1,19 @@
#! /usr/bin/env bash
## vim:set ts=4 sw=4 et:
set -e; set -o pipefail
argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
# list all system packages that are installed in the image
# using a rootless Podman container
image="$("$argv0dir/10-create-image.sh" --print-image)"
podman image list "$image"
echo
podman image tree "$image"
echo 'Packages:'
flags=( --read-only --rm --pull=never )
flags+=( --cap-drop=all ) # drop all capabilities
flags+=( --network=none ) # no network needed
podman run "${flags[@]}" "$image" bash -c $'apk info -v | sed \'s/ *$//\' | LC_ALL=C sort'

37
misc/test-qemu-with-podman/test-qemu4-alpine/20-image-run-shell.sh Executable file
View File

@ -0,0 +1,37 @@
#! /usr/bin/env bash
## vim:set ts=4 sw=4 et:
set -e; set -o pipefail
argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
# run an interactive shell in the image
# using a rootless Podman container
image="$("$argv0dir/10-create-image.sh" --print-image)"
flags=( --read-only --rm --pull=never )
flags+=( --cap-drop=all ) # drop all capabilities
flags+=( --network=none ) # no network needed
flags+=( -ti -e TERM="$TERM" ) # allocate an interactive pseudo-tty and pass $TERM
if [[ 1 == 1 ]]; then
# run as user upx 2000:2000
flags+=( --user 2000 )
# map container users 0..999 to subuid-users 1..1000, and map container user 2000 to current host user
flags+=( --uidmap=0:1:1000 --uidmap=2000:0:1 )
# map container groups 0..999 to subgid-groups 1..1000, and map container group 2000 to current host group
flags+=( --gidmap=0:1:1000 --gidmap=2000:0:1 )
# NOTE: we mount the upx top-level directory read-write under /home/upx/src/upx
# INFO: SELinux users *may* have to add ":z" to the volume mount flags; check the docs!
flags+=( -v "${argv0dir}/../../..:/home/upx/src/upx" )
flags+=( -w /home/upx/src/upx ) # set working directory
flags+=( --tmpfs /home/upx/.cache:rw,exec ) # mount a writeable tmpfs
flags+=( --tmpfs /home/upx/.local:rw,exec ) # mount a writeable tmpfs
else
# run as user root 0:0
# ONLY FOR DEBUGGING THE IMAGE
# map container user/group 0 to current host user/group
flags+=( --user 0 )
fi
podman run "${flags[@]}" "$image" bash -l
# please see usage instructions in ../README.md

26
misc/test-qemu-with-podman/test-qemu4-alpine/Dockerfile Normal file
View File

@ -0,0 +1,26 @@
FROM docker.io/library/alpine:3.11
# install qemu 4.2.0-r0 and some utils
RUN apk update && apk upgrade && apk add \
bash-completion \
musl-dbg \
qemu-aarch64 \
qemu-arm \
qemu-armeb \
qemu-i386 \
qemu-mips \
qemu-mipsel \
qemu-ppc \
qemu-ppc64 \
qemu-ppc64le \
qemu-x86_64 \
strace \
&& true
# create default user upx 2000:2000
RUN adduser upx -u 2000 -D \
&& cd /home/upx && chmod 00700 . \
&& mkdir -p .cache .local/bin src/upx \
&& chown -R upx:upx . \
&& true
USER upx

16
misc/test-qemu-with-podman/test-qemu5-alpine/10-create-image.sh Executable file
View File

@ -0,0 +1,16 @@
#! /usr/bin/env bash
## vim:set ts=4 sw=4 et:
set -e; set -o pipefail
argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
# create the image from Dockerfile
# using a rootless Podman container
image=upx-test-qemu5-alpine-20230708-v1
[[ $1 == --print-image ]] && echo "$image" && exit 0
podman build --squash -t "$image" -f "$argv0dir/Dockerfile" "$argv0dir"
podman image list "$image"
echo
podman image tree "$image"

19
misc/test-qemu-with-podman/test-qemu5-alpine/11-list-packages.sh Executable file
View File

@ -0,0 +1,19 @@
#! /usr/bin/env bash
## vim:set ts=4 sw=4 et:
set -e; set -o pipefail
argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
# list all system packages that are installed in the image
# using a rootless Podman container
image="$("$argv0dir/10-create-image.sh" --print-image)"
podman image list "$image"
echo
podman image tree "$image"
echo 'Packages:'
flags=( --read-only --rm --pull=never )
flags+=( --cap-drop=all ) # drop all capabilities
flags+=( --network=none ) # no network needed
podman run "${flags[@]}" "$image" bash -c $'apk info -v | sed \'s/ *$//\' | LC_ALL=C sort'

37
misc/test-qemu-with-podman/test-qemu5-alpine/20-image-run-shell.sh Executable file
View File

@ -0,0 +1,37 @@
#! /usr/bin/env bash
## vim:set ts=4 sw=4 et:
set -e; set -o pipefail
argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
# run an interactive shell in the image
# using a rootless Podman container
image="$("$argv0dir/10-create-image.sh" --print-image)"
flags=( --read-only --rm --pull=never )
flags+=( --cap-drop=all ) # drop all capabilities
flags+=( --network=none ) # no network needed
flags+=( -ti -e TERM="$TERM" ) # allocate an interactive pseudo-tty and pass $TERM
if [[ 1 == 1 ]]; then
# run as user upx 2000:2000
flags+=( --user 2000 )
# map container users 0..999 to subuid-users 1..1000, and map container user 2000 to current host user
flags+=( --uidmap=0:1:1000 --uidmap=2000:0:1 )
# map container groups 0..999 to subgid-groups 1..1000, and map container group 2000 to current host group
flags+=( --gidmap=0:1:1000 --gidmap=2000:0:1 )
# NOTE: we mount the upx top-level directory read-write under /home/upx/src/upx
# INFO: SELinux users *may* have to add ":z" to the volume mount flags; check the docs!
flags+=( -v "${argv0dir}/../../..:/home/upx/src/upx" )
flags+=( -w /home/upx/src/upx ) # set working directory
flags+=( --tmpfs /home/upx/.cache:rw,exec ) # mount a writeable tmpfs
flags+=( --tmpfs /home/upx/.local:rw,exec ) # mount a writeable tmpfs
else
# run as user root 0:0
# ONLY FOR DEBUGGING THE IMAGE
# map container user/group 0 to current host user/group
flags+=( --user 0 )
fi
podman run "${flags[@]}" "$image" bash -l
# please see usage instructions in ../README.md

26
misc/test-qemu-with-podman/test-qemu5-alpine/Dockerfile Normal file
View File

@ -0,0 +1,26 @@
FROM docker.io/library/alpine:3.13
# install qemu 5.2.0-r3 and some utils
RUN apk update && apk upgrade && apk add \
bash-completion \
musl-dbg \
qemu-aarch64 \
qemu-arm \
qemu-armeb \
qemu-i386 \
qemu-mips \
qemu-mipsel \
qemu-ppc \
qemu-ppc64 \
qemu-ppc64le \
qemu-x86_64 \
strace \
&& true
# create default user upx 2000:2000
RUN adduser upx -u 2000 -D \
&& cd /home/upx && chmod 00700 . \
&& mkdir -p .cache .local/bin src/upx \
&& chown -R upx:upx . \
&& true
USER upx

19
misc/test-qemu-with-podman/test-qemu6-alpine/11-list-packages.sh Executable file
View File

@ -0,0 +1,19 @@
#! /usr/bin/env bash
## vim:set ts=4 sw=4 et:
set -e; set -o pipefail
argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
# list all system packages that are installed in the image
# using a rootless Podman container
image="$("$argv0dir/10-create-image.sh" --print-image)"
podman image list "$image"
echo
podman image tree "$image"
echo 'Packages:'
flags=( --read-only --rm --pull=never )
flags+=( --cap-drop=all ) # drop all capabilities
flags+=( --network=none ) # no network needed
podman run "${flags[@]}" "$image" bash -c $'apk info -v | sed \'s/ *$//\' | LC_ALL=C sort'

2
misc/test-qemu-with-podman/test-qemu6-alpine/Dockerfile
View File

@ -3,6 +3,7 @@ FROM docker.io/library/alpine:3.15
# install qemu 6.1.1-r0 and some utils # install qemu 6.1.1-r0 and some utils
RUN apk update && apk upgrade && apk add \ RUN apk update && apk upgrade && apk add \
bash-completion \ bash-completion \
musl-dbg \
qemu-aarch64 \ qemu-aarch64 \
qemu-arm \ qemu-arm \
qemu-armeb \ qemu-armeb \
@ -13,6 +14,7 @@ RUN apk update && apk upgrade && apk add \
qemu-ppc64 \ qemu-ppc64 \
qemu-ppc64le \ qemu-ppc64le \
qemu-x86_64 \ qemu-x86_64 \
strace \
&& true && true
# create default user upx 2000:2000 # create default user upx 2000:2000

19
misc/test-qemu-with-podman/test-qemu7-alpine/11-list-packages.sh Executable file
View File

@ -0,0 +1,19 @@
#! /usr/bin/env bash
## vim:set ts=4 sw=4 et:
set -e; set -o pipefail
argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
# list all system packages that are installed in the image
# using a rootless Podman container
image="$("$argv0dir/10-create-image.sh" --print-image)"
podman image list "$image"
echo
podman image tree "$image"
echo 'Packages:'
flags=( --read-only --rm --pull=never )
flags+=( --cap-drop=all ) # drop all capabilities
flags+=( --network=none ) # no network needed
podman run "${flags[@]}" "$image" bash -c $'apk info -v | sed \'s/ *$//\' | LC_ALL=C sort'

2
misc/test-qemu-with-podman/test-qemu7-alpine/Dockerfile
View File

@ -3,6 +3,7 @@ FROM docker.io/library/alpine:3.17
# install qemu 7.1.0-r7 and some utils # install qemu 7.1.0-r7 and some utils
RUN apk update && apk upgrade && apk add \ RUN apk update && apk upgrade && apk add \
bash-completion \ bash-completion \
musl-dbg \
qemu-aarch64 \ qemu-aarch64 \
qemu-arm \ qemu-arm \
qemu-armeb \ qemu-armeb \
@ -13,6 +14,7 @@ RUN apk update && apk upgrade && apk add \
qemu-ppc64 \ qemu-ppc64 \
qemu-ppc64le \ qemu-ppc64le \
qemu-x86_64 \ qemu-x86_64 \
strace \
&& true && true
# create default user upx 2000:2000 # create default user upx 2000:2000

19
misc/test-qemu-with-podman/test-qemu8-alpine/11-list-packages.sh Executable file
View File

@ -0,0 +1,19 @@
#! /usr/bin/env bash
## vim:set ts=4 sw=4 et:
set -e; set -o pipefail
argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
# list all system packages that are installed in the image
# using a rootless Podman container
image="$("$argv0dir/10-create-image.sh" --print-image)"
podman image list "$image"
echo
podman image tree "$image"
echo 'Packages:'
flags=( --read-only --rm --pull=never )
flags+=( --cap-drop=all ) # drop all capabilities
flags+=( --network=none ) # no network needed
podman run "${flags[@]}" "$image" bash -c $'apk info -v | sed \'s/ *$//\' | LC_ALL=C sort'

4
misc/test-qemu-with-podman/test-qemu8-alpine/Dockerfile
View File

@ -1,8 +1,9 @@
FROM docker.io/library/alpine:3.18 FROM docker.io/library/alpine:3.18
# install qemu 8.0.2-r1 and some utils # install qemu 8.0.3-r0 and some utils
RUN apk update && apk upgrade && apk add \ RUN apk update && apk upgrade && apk add \
bash-completion \ bash-completion \
musl-dbg \
qemu-aarch64 \ qemu-aarch64 \
qemu-arm \ qemu-arm \
qemu-armeb \ qemu-armeb \
@ -13,6 +14,7 @@ RUN apk update && apk upgrade && apk add \
qemu-ppc64 \ qemu-ppc64 \
qemu-ppc64le \ qemu-ppc64le \
qemu-x86_64 \ qemu-x86_64 \
strace \
&& true && true
# create default user upx 2000:2000 # create default user upx 2000:2000

2
src/Makefile
View File

@ -22,7 +22,7 @@ endif
# redirect to top-level CMake build # redirect to top-level CMake build
# #
# note that top-level Makefile .DEFAULT_GOAL is build/release # NOTE that top-level Makefile .DEFAULT_GOAL is build/release
.DEFAULT_GOAL = build/debug .DEFAULT_GOAL = build/debug
build/debug: $(top_srcdir)/build/debug/upx build/debug: $(top_srcdir)/build/debug/upx

5
src/check/dt_check.cpp
View File

@ -541,18 +541,21 @@ void upx_compiler_sanity_check(void) noexcept {
**************************************************************************/ **************************************************************************/
TEST_CASE("assert_noexcept") { TEST_CASE("assert_noexcept") {
// just to make sure that our assert macros don't generate any warnings // just to make sure that our own assert macros don't generate any warnings
byte dummy = 0; byte dummy = 0;
byte *ptr1 = &dummy; byte *ptr1 = &dummy;
const byte *const ptr2 = &dummy; const byte *const ptr2 = &dummy;
void *ptr3 = nullptr;
assert(true); assert(true);
assert(1); assert(1);
assert(ptr1); assert(ptr1);
assert(ptr2); assert(ptr2);
assert(!ptr3);
assert_noexcept(true); assert_noexcept(true);
assert_noexcept(1); assert_noexcept(1);
assert_noexcept(ptr1); assert_noexcept(ptr1);
assert_noexcept(ptr2); assert_noexcept(ptr2);
assert_noexcept(!ptr3);
} }
TEST_CASE("noncopyable") { TEST_CASE("noncopyable") {

1
src/conf.h
View File

@ -317,6 +317,7 @@ typedef upx_int64_t upx_off_t;
# define attribute_format(a,b) /*empty*/ # define attribute_format(a,b) /*empty*/
#endif #endif
// for no-op debug output
inline void NO_printf(const char *, ...) attribute_format(1, 2); inline void NO_printf(const char *, ...) attribute_format(1, 2);
inline void NO_fprintf(FILE *, const char *, ...) attribute_format(2, 3); inline void NO_fprintf(FILE *, const char *, ...) attribute_format(2, 3);
inline void NO_printf(const char *, ...) {} inline void NO_printf(const char *, ...) {}

1
src/headers.h
View File

@ -30,6 +30,7 @@
#error "C++17 is required" #error "C++17 is required"
#endif #endif
// sanity check
#if defined(__ILP32) || defined(__ILP32__) #if defined(__ILP32) || defined(__ILP32__)
static_assert(sizeof(int) == 4); static_assert(sizeof(int) == 4);
static_assert(sizeof(long) == 4); static_assert(sizeof(long) == 4);

2
src/packer.h
View File

@ -288,7 +288,7 @@ protected:
template <class T> template <class T>
static inline constexpr bool is_te16_type = is_same_any_v<T, byte, upx_uint16_t, BE16, LE16>; static inline constexpr bool is_te16_type = is_same_any_v<T, byte, upx_uint16_t, BE16, LE16>;
template <class T> template <class T>
static inline constexpr bool is_te32_type = is_same_any_v<T, byte, unsigned, BE32, LE32>; static inline constexpr bool is_te32_type = is_same_any_v<T, byte, upx_uint32_t, BE32, LE32>;
template <class T> template <class T>
static inline constexpr bool is_te64_type = is_same_any_v<T, byte, upx_uint64_t, BE64, LE64>; static inline constexpr bool is_te64_type = is_same_any_v<T, byte, upx_uint64_t, BE64, LE64>;

10
src/util/xspan.cpp
View File

@ -33,7 +33,7 @@ XSPAN_NAMESPACE_BEGIN
// debugging stats // debugging stats
struct XSpanStats { struct XSpanStats {
upx_std_atomic(size_t) check_range_counter; upx_std_atomic(size_t) check_range_counter;
// doctest checks will set these: // these normally will be zero, but doctest checks will populate them
upx_std_atomic(size_t) fail_nullptr; upx_std_atomic(size_t) fail_nullptr;
upx_std_atomic(size_t) fail_nullbase; upx_std_atomic(size_t) fail_nullbase;
upx_std_atomic(size_t) fail_not_same_base; upx_std_atomic(size_t) fail_not_same_base;
@ -70,15 +70,15 @@ void xspan_fail_range_range() {
throwCantPack("xspan_check_range: pointer out of range; take care!"); throwCantPack("xspan_check_range: pointer out of range; take care!");
} }
void xspan_check_range(const void *p, const void *base, ptrdiff_t size_in_bytes) { void xspan_check_range(const void *ptr, const void *base, ptrdiff_t size_in_bytes) {
if very_unlikely (p == nullptr) xspan_stats.check_range_counter += 1;
if very_unlikely (ptr == nullptr)
xspan_fail_range_nullptr(); xspan_fail_range_nullptr();
if very_unlikely (base == nullptr) if very_unlikely (base == nullptr)
xspan_fail_range_nullbase(); xspan_fail_range_nullbase();
ptrdiff_t off = (const charptr) p - (const charptr) base; ptrdiff_t off = (const charptr) ptr - (const charptr) base;
if very_unlikely (off < 0 || off > size_in_bytes || size_in_bytes > UPX_RSIZE_MAX) if very_unlikely (off < 0 || off > size_in_bytes || size_in_bytes > UPX_RSIZE_MAX)
xspan_fail_range_range(); xspan_fail_range_range();
xspan_stats.check_range_counter += 1;
NO_fprintf(stderr, "xspan_check_range done\n"); NO_fprintf(stderr, "xspan_check_range done\n");
} }

2
src/util/xspan.h
View File

@ -43,7 +43,7 @@
#define XSPAN_CONFIG_ENABLE_IMPLICIT_CONVERSION 0 #define XSPAN_CONFIG_ENABLE_IMPLICIT_CONVERSION 0
#endif #endif
// allow automatic conversion PtrOrSpanOrNull => PtrOrSpan => Span (with run-time checks) // allow automatic conversion PtrOrSpanOrNull => PtrOrSpan => Span (with run-time checks)
// choose between compile-time safety vs. possible run-time errors // choose between compile-time safety vs. possible run-time exceptions
#ifndef XSPAN_CONFIG_ENABLE_SPAN_CONVERSION #ifndef XSPAN_CONFIG_ENABLE_SPAN_CONVERSION
#define XSPAN_CONFIG_ENABLE_SPAN_CONVERSION 1 #define XSPAN_CONFIG_ENABLE_SPAN_CONVERSION 1
#endif #endif

14
src/util/xspan_impl.h
View File

@ -42,13 +42,13 @@
XSPAN_NAMESPACE_BEGIN XSPAN_NAMESPACE_BEGIN
// HINT: set env-var "UPX_DEBUG_DOCTEST_DISABLE=1" for improved debugging experience // HINT: set env-var "UPX_DEBUG_DOCTEST_DISABLE=1" for improved debugging experience
noinline void xspan_fail_nullptr(); noinline void xspan_fail_nullptr(void);
noinline void xspan_fail_nullbase(); noinline void xspan_fail_nullbase(void);
noinline void xspan_fail_not_same_base(); noinline void xspan_fail_not_same_base(void);
noinline void xspan_fail_range_nullptr(); noinline void xspan_fail_range_nullptr(void);
noinline void xspan_fail_range_nullbase(); noinline void xspan_fail_range_nullbase(void);
noinline void xspan_fail_range_range(); noinline void xspan_fail_range_range(void);
void xspan_check_range(const void *p, const void *base, ptrdiff_t size_in_bytes); void xspan_check_range(const void *ptr, const void *base, ptrdiff_t size_in_bytes);
// help constructor to distinguish between number of elements and bytes // help constructor to distinguish between number of elements and bytes
struct XSpanCount { struct XSpanCount {

1
src/util/xspan_impl_common.h
View File

@ -113,6 +113,7 @@ forceinline ~CSelf() noexcept {}
#endif #endif
noinline void invalidate() { noinline void invalidate() {
assertInvariants(); assertInvariants();
// poison the pointer
ptr = (pointer) (upx_uintptr_t) 16; // point to non-null invalid address ptr = (pointer) (upx_uintptr_t) 16; // point to non-null invalid address
// ptr = (pointer) (void *) &ptr; // point to self // ptr = (pointer) (void *) &ptr; // point to self
base = ptr; base = ptr;

3
src/util/xspan_impl_ptr.h
View File

@ -59,6 +59,8 @@ private:
public: public:
#if XSPAN_CONFIG_ENABLE_IMPLICIT_CONVERSION || 1 #if XSPAN_CONFIG_ENABLE_IMPLICIT_CONVERSION || 1
// Ptr always provides automatic conversion to underlying type because
// it has limited functionality
operator pointer() const noexcept { return ptr; } operator pointer() const noexcept { return ptr; }
#endif #endif
@ -75,6 +77,7 @@ public:
#endif #endif
noinline void invalidate() { noinline void invalidate() {
assertInvariants(); assertInvariants();
// poison the pointer
ptr = (pointer) (upx_uintptr_t) 16; // point to non-null invalid address ptr = (pointer) (upx_uintptr_t) 16; // point to non-null invalid address
// ptr = (pointer) (void *) &ptr; // point to self // ptr = (pointer) (void *) &ptr; // point to self
assertInvariants(); assertInvariants();