ASR_BASE
Change-Id: Icf3719cc0afe3eeb3edc7fa80a2eb5199ca9dda1
diff --git a/package/utils/bsdiff/Makefile b/package/utils/bsdiff/Makefile
new file mode 100644
index 0000000..d86be2d
--- /dev/null
+++ b/package/utils/bsdiff/Makefile
@@ -0,0 +1,80 @@
+#
+# Copyright (C) 2016 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=bsdiff
+PKG_VERSION:=4.3
+PKG_RELEASE:=2
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://www.daemonology.net/bsdiff/
+PKG_HASH:=18821588b2dc5bf159aa37d3bcb7b885d85ffd1e19f23a0c57a58723fea85f48
+PKG_MAINTAINER:=Hauke Mehrtens <hauke@hauke-m.de>
+HOST_BUILD_DEPENDS:=bzip2/host
+
+PKG_LICENSE:=BSD-2-Clause
+PKG_CPE_ID:=cpe:/a:daemonology:bsdiff
+
+include $(INCLUDE_DIR)/host-build.mk
+include $(INCLUDE_DIR)/package.mk
+
+define Package/bsdiff
+ SECTION:=utils
+ CATEGORY:=Utilities
+ DEPENDS:=+libbz2
+ TITLE:=Binary diff tool
+ URL:=https://www.daemonology.net/bsdiff/
+endef
+
+define Package/bspatch
+ SECTION:=utils
+ CATEGORY:=Utilities
+ DEPENDS:=+libbz2
+ TITLE:=Binary patch tool
+ URL:=https://www.daemonology.net/bsdiff/
+endef
+
+
+define Build/Compile
+ $(TARGET_CC) $(TARGET_CFLAGS) $(TARGET_CPPFLAGS) $(TARGET_LDFLAGS) \
+ -o $(PKG_BUILD_DIR)/bsdiff \
+ $(PKG_BUILD_DIR)/bsdiff.c -lbz2
+ $(TARGET_CC) $(TARGET_CFLAGS) $(TARGET_CPPFLAGS) $(TARGET_LDFLAGS) \
+ -o $(PKG_BUILD_DIR)/bspatch \
+ $(PKG_BUILD_DIR)/bspatch.c -lbz2
+endef
+
+define Package/bsdiff/install
+ $(INSTALL_DIR) $(1)/usr/bin/
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/bsdiff $(1)/usr/bin/bsdiff
+endef
+
+define Package/bspatch/install
+ $(INSTALL_DIR) $(1)/usr/bin/
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/bspatch $(1)/usr/bin/bspatch
+endef
+
+define Host/Install
+ $(INSTALL_DIR) $(STAGING_DIR_HOSTPKG)/bin/
+ $(MAKE) -C $(HOST_BUILD_DIR) PREFIX=$(STAGING_DIR_HOSTPKG)/ install
+endef
+
+define Host/Compile
+ $(HOSTCC) $(HOST_CFLAGS) $(HOST_LDFLAGS) \
+ -o $(HOST_BUILD_DIR)/bsdiff \
+ $(HOST_BUILD_DIR)/bsdiff.c -lbz2
+endef
+
+define Host/Install
+ $(INSTALL_BIN) $(HOST_BUILD_DIR)/bsdiff $(STAGING_DIR_HOSTPKG)/bin/
+endef
+
+$(eval $(call HostBuild))
+
+$(eval $(call BuildPackage,bsdiff))
+$(eval $(call BuildPackage,bspatch))
diff --git a/package/utils/bsdiff/patches/001-musl.patch b/package/utils/bsdiff/patches/001-musl.patch
new file mode 100644
index 0000000..1eeb114
--- /dev/null
+++ b/package/utils/bsdiff/patches/001-musl.patch
@@ -0,0 +1,84 @@
+--- a/bsdiff.c
++++ b/bsdiff.c
+@@ -101,7 +101,7 @@ static void split(off_t *I,off_t *V,off_
+ if(start+len>kk) split(I,V,kk,start+len-kk,h);
+ }
+
+-static void qsufsort(off_t *I,off_t *V,u_char *old,off_t oldsize)
++static void qsufsort(off_t *I,off_t *V,unsigned char *old,off_t oldsize)
+ {
+ off_t buckets[256];
+ off_t i,h,len;
+@@ -139,7 +139,7 @@ static void qsufsort(off_t *I,off_t *V,u
+ for(i=0;i<oldsize+1;i++) I[V[i]]=i;
+ }
+
+-static off_t matchlen(u_char *old,off_t oldsize,u_char *new,off_t newsize)
++static off_t matchlen(unsigned char *old,off_t oldsize,unsigned char *new,off_t newsize)
+ {
+ off_t i;
+
+@@ -149,8 +149,8 @@ static off_t matchlen(u_char *old,off_t
+ return i;
+ }
+
+-static off_t search(off_t *I,u_char *old,off_t oldsize,
+- u_char *new,off_t newsize,off_t st,off_t en,off_t *pos)
++static off_t search(off_t *I,unsigned char *old,off_t oldsize,
++ unsigned char *new,off_t newsize,off_t st,off_t en,off_t *pos)
+ {
+ off_t x,y;
+
+@@ -175,7 +175,7 @@ static off_t search(off_t *I,u_char *old
+ };
+ }
+
+-static void offtout(off_t x,u_char *buf)
++static void offtout(off_t x,unsigned char *buf)
+ {
+ off_t y;
+
+@@ -196,7 +196,7 @@ static void offtout(off_t x,u_char *buf)
+ int main(int argc,char *argv[])
+ {
+ int fd;
+- u_char *old,*new;
++ unsigned char *old,*new;
+ off_t oldsize,newsize;
+ off_t *I,*V;
+ off_t scan,pos,len;
+@@ -206,9 +206,9 @@ int main(int argc,char *argv[])
+ off_t overlap,Ss,lens;
+ off_t i;
+ off_t dblen,eblen;
+- u_char *db,*eb;
+- u_char buf[8];
+- u_char header[32];
++ unsigned char *db,*eb;
++ unsigned char buf[8];
++ unsigned char header[32];
+ FILE * pf;
+ BZFILE * pfbz2;
+ int bz2err;
+--- a/bspatch.c
++++ b/bspatch.c
+@@ -36,7 +36,7 @@ __FBSDID("$FreeBSD: src/usr.bin/bsdiff/b
+ #include <unistd.h>
+ #include <fcntl.h>
+
+-static off_t offtin(u_char *buf)
++static off_t offtin(unsigned char *buf)
+ {
+ off_t y;
+
+@@ -62,8 +62,8 @@ int main(int argc,char * argv[])
+ int fd;
+ ssize_t oldsize,newsize;
+ ssize_t bzctrllen,bzdatalen;
+- u_char header[32],buf[8];
+- u_char *old, *new;
++ unsigned char header[32],buf[8];
++ unsigned char *old, *new;
+ off_t oldpos,newpos;
+ off_t ctrl[3];
+ off_t lenread;
diff --git a/package/utils/bsdiff/patches/020-CVE-2014-9862.patch b/package/utils/bsdiff/patches/020-CVE-2014-9862.patch
new file mode 100644
index 0000000..98a4931
--- /dev/null
+++ b/package/utils/bsdiff/patches/020-CVE-2014-9862.patch
@@ -0,0 +1,37 @@
+From: The FreeBSD Project
+Bug: https://security-tracker.debian.org/tracker/CVE-2014-9862
+Subject: CVE-2014-9862 - check for a negative value on numbers of bytes
+ The implementation of bspatch does not check for a negative value on numbers
+ of bytes read from the diff and extra streams, allowing an attacker who
+ can control the patch file to write at arbitrary locations in the heap.
+ .
+ bspatch's main loop reads three numbers from the "control" stream in
+ the patch: X, Y and Z. The first two are the number of bytes to read
+ from "diff" and "extra" (and thus only non-negative), while the
+ third one could be positive or negative and moves the oldpos pointer
+ on the source image. These 3 values are 64bits signed ints (encoded
+ somehow on the file) that are later passed the function that reads
+ from the streams, but those values are not verified to be
+ non-negative.
+ .
+ Official report https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9862
+ The patch was downloaded from a link pointed by
+ https://security.freebsd.org/advisories/FreeBSD-SA-16:25.bsp
+
+---
+ bspatch.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+--- a/bspatch.c
++++ b/bspatch.c
+@@ -152,6 +152,10 @@ int main(int argc,char * argv[])
+ };
+
+ /* Sanity-check */
++ if ((ctrl[0] < 0) || (ctrl[1] < 0))
++ errx(1,"Corrupt patch\n");
++
++ /* Sanity-check */
+ if(newpos+ctrl[0]>newsize)
+ errx(1,"Corrupt patch\n");
+
diff --git a/package/utils/bsdiff/patches/033-CVE-2020-14315.patch b/package/utils/bsdiff/patches/033-CVE-2020-14315.patch
new file mode 100644
index 0000000..975cb18
--- /dev/null
+++ b/package/utils/bsdiff/patches/033-CVE-2020-14315.patch
@@ -0,0 +1,383 @@
+Description: patch for CVE-2020-14315
+ A memory corruption vulnerability is present in bspatch as shipped in
+ Colin Percival’s bsdiff tools version 4.3. Insufficient checks when
+ handling external inputs allows an attacker to bypass the sanity checks
+ in place and write out of a dynamically allocated buffer boundaries.
+Source: https://svnweb.freebsd.org/base/head/usr.bin/bsdiff/bspatch/bspatch.c?revision=352742&view=co
+Author: tony mancill <tmancill@debian.org>
+Comment: The patch was created by comparing the Debian sources to the
+ "Confirmed Patched Version" [1] documented in the
+ X41 D-SEC GmbH Security Advisory: X41-2020-006 [2].
+ References to FreeBSD capsicum have been dropped. Definitions for
+ TYPE_MINIMUM and TYPE_MAXIMUM have been borrowed from the Debian
+ coreutils package sources but originate in gnulib [3] and are used to
+ define OFF_MIN and OFF_MAX (limits of off_t). Whitespace changes from
+ the confirmed patched version are also included and keep the difference
+ between the Debian sources and the confirmed patched version minimal.
+ .
+ [1] https://svnweb.freebsd.org/base/head/usr.bin/bsdiff/bspatch/bspatch.c?revision=352742&view=co
+ [2] https://www.openwall.com/lists/oss-security/2020/07/09/2
+ [3] https://www.gnu.org/software/gnulib/
+Last-Update: 2021-04-03
+Forwarded: not-needed
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=964796
+
+--- a/bspatch.c
++++ b/bspatch.c
+@@ -1,4 +1,6 @@
+ /*-
++ * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
++ *
+ * Copyright 2003-2005 Colin Percival
+ * All rights reserved
+ *
+@@ -25,55 +27,147 @@
+ */
+
+ #if 0
+-__FBSDID("$FreeBSD: src/usr.bin/bsdiff/bspatch/bspatch.c,v 1.1 2005/08/06 01:59:06 cperciva Exp $");
++__FBSDID("$FreeBSD$");
+ #endif
+
+ #include <bzlib.h>
+-#include <stdlib.h>
++#include <err.h>
++#include <fcntl.h>
++#include <libgen.h>
++#include <limits.h>
++#include <stdint.h>
+ #include <stdio.h>
++#include <stdlib.h>
+ #include <string.h>
+-#include <err.h>
+ #include <unistd.h>
+-#include <fcntl.h>
++
++#ifndef O_BINARY
++#define O_BINARY 0
++#endif
++#define HEADER_SIZE 32
++
++/* TYPE_MINIMUM and TYPE_MAXIMUM taken from coreutils */
++#ifndef TYPE_MINIMUM
++#define TYPE_MINIMUM(t) \
++ ((t) ((t) 0 < (t) -1 ? (t) 0 : ~ TYPE_MAXIMUM (t)))
++#endif
++#ifndef TYPE_MAXIMUM
++#define TYPE_MAXIMUM(t) \
++ ((t) ((t) 0 < (t) -1 \
++ ? (t) -1 \
++ : ((((t) 1 << (sizeof (t) * CHAR_BIT - 2)) - 1) * 2 + 1)))
++#endif
++
++#ifndef OFF_MAX
++#define OFF_MAX TYPE_MAXIMUM(off_t)
++#endif
++
++#ifndef OFF_MIN
++#define OFF_MIN TYPE_MINIMUM(off_t)
++#endif
++
++static char *newfile;
++static int dirfd = -1;
++
++static void
++exit_cleanup(void)
++{
++
++ if (dirfd != -1 && newfile != NULL)
++ if (unlinkat(dirfd, newfile, 0))
++ warn("unlinkat");
++}
++
++static inline off_t
++add_off_t(off_t a, off_t b)
++{
++ off_t result;
++
++#if __GNUC__ >= 5 || \
++ (defined(__has_builtin) && __has_builtin(__builtin_add_overflow))
++ if (__builtin_add_overflow(a, b, &result))
++ errx(1, "Corrupt patch");
++#else
++ if ((b > 0 && a > OFF_MAX - b) || (b < 0 && a < OFF_MIN - b))
++ errx(1, "Corrupt patch");
++ result = a + b;
++#endif
++ return result;
++}
+
+ static off_t offtin(unsigned char *buf)
+ {
+ off_t y;
+
+- y=buf[7]&0x7F;
+- y=y*256;y+=buf[6];
+- y=y*256;y+=buf[5];
+- y=y*256;y+=buf[4];
+- y=y*256;y+=buf[3];
+- y=y*256;y+=buf[2];
+- y=y*256;y+=buf[1];
+- y=y*256;y+=buf[0];
++ y = buf[7] & 0x7F;
++ y = y * 256; y += buf[6];
++ y = y * 256; y += buf[5];
++ y = y * 256; y += buf[4];
++ y = y * 256; y += buf[3];
++ y = y * 256; y += buf[2];
++ y = y * 256; y += buf[1];
++ y = y * 256; y += buf[0];
+
+- if(buf[7]&0x80) y=-y;
++ if (buf[7] & 0x80)
++ y = -y;
+
+- return y;
++ return (y);
+ }
+
+-int main(int argc,char * argv[])
++static void
++usage(void)
+ {
+- FILE * f, * cpf, * dpf, * epf;
+- BZFILE * cpfbz2, * dpfbz2, * epfbz2;
++
++ fprintf(stderr, "usage: bspatch oldfile newfile patchfile\n");
++ exit(1);
++}
++
++int main(int argc, char *argv[])
++{
++ FILE *f, *cpf, *dpf, *epf;
++ BZFILE *cpfbz2, *dpfbz2, *epfbz2;
++ char *directory, *namebuf;
+ int cbz2err, dbz2err, ebz2err;
+- int fd;
+- ssize_t oldsize,newsize;
+- ssize_t bzctrllen,bzdatalen;
+- unsigned char header[32],buf[8];
++ int newfd, oldfd;
++ off_t oldsize, newsize;
++ off_t bzctrllen, bzdatalen;
++ unsigned char header[HEADER_SIZE], buf[8];
+ unsigned char *old, *new;
+- off_t oldpos,newpos;
++ off_t oldpos, newpos;
+ off_t ctrl[3];
+- off_t lenread;
+- off_t i;
++ off_t i, lenread, offset;
+
+- if(argc!=4) errx(1,"usage: %s oldfile newfile patchfile\n",argv[0]);
++ if (argc != 4)
++ usage();
+
+ /* Open patch file */
+- if ((f = fopen(argv[3], "r")) == NULL)
++ if ((f = fopen(argv[3], "rb")) == NULL)
++ err(1, "fopen(%s)", argv[3]);
++ /* Open patch file for control block */
++ if ((cpf = fopen(argv[3], "rb")) == NULL)
++ err(1, "fopen(%s)", argv[3]);
++ /* open patch file for diff block */
++ if ((dpf = fopen(argv[3], "rb")) == NULL)
+ err(1, "fopen(%s)", argv[3]);
++ /* open patch file for extra block */
++ if ((epf = fopen(argv[3], "rb")) == NULL)
++ err(1, "fopen(%s)", argv[3]);
++ /* open oldfile */
++ if ((oldfd = open(argv[1], O_RDONLY | O_BINARY, 0)) < 0)
++ err(1, "open(%s)", argv[1]);
++ /* open directory where we'll write newfile */
++ if ((namebuf = strdup(argv[2])) == NULL ||
++ (directory = dirname(namebuf)) == NULL ||
++ (dirfd = open(directory, O_DIRECTORY)) < 0)
++ err(1, "open %s", argv[2]);
++ free(namebuf);
++ if ((newfile = basename(argv[2])) == NULL)
++ err(1, "basename");
++ /* open newfile */
++ if ((newfd = openat(dirfd, newfile,
++ O_CREAT | O_TRUNC | O_WRONLY | O_BINARY, 0666)) < 0)
++ err(1, "open(%s)", argv[2]);
++ atexit(exit_cleanup);
+
+ /*
+ File format:
+@@ -90,104 +184,104 @@ int main(int argc,char * argv[])
+ */
+
+ /* Read header */
+- if (fread(header, 1, 32, f) < 32) {
++ if (fread(header, 1, HEADER_SIZE, f) < HEADER_SIZE) {
+ if (feof(f))
+- errx(1, "Corrupt patch\n");
++ errx(1, "Corrupt patch");
+ err(1, "fread(%s)", argv[3]);
+ }
+
+ /* Check for appropriate magic */
+ if (memcmp(header, "BSDIFF40", 8) != 0)
+- errx(1, "Corrupt patch\n");
++ errx(1, "Corrupt patch");
+
+ /* Read lengths from header */
+- bzctrllen=offtin(header+8);
+- bzdatalen=offtin(header+16);
+- newsize=offtin(header+24);
+- if((bzctrllen<0) || (bzdatalen<0) || (newsize<0))
+- errx(1,"Corrupt patch\n");
++ bzctrllen = offtin(header + 8);
++ bzdatalen = offtin(header + 16);
++ newsize = offtin(header + 24);
++ if (bzctrllen < 0 || bzctrllen > OFF_MAX - HEADER_SIZE ||
++ bzdatalen < 0 || bzctrllen + HEADER_SIZE > OFF_MAX - bzdatalen ||
++ newsize < 0 || newsize > SSIZE_MAX)
++ errx(1, "Corrupt patch");
+
+ /* Close patch file and re-open it via libbzip2 at the right places */
+ if (fclose(f))
+ err(1, "fclose(%s)", argv[3]);
+- if ((cpf = fopen(argv[3], "r")) == NULL)
+- err(1, "fopen(%s)", argv[3]);
+- if (fseeko(cpf, 32, SEEK_SET))
+- err(1, "fseeko(%s, %lld)", argv[3],
+- (long long)32);
++ offset = HEADER_SIZE;
++ if (fseeko(cpf, offset, SEEK_SET))
++ err(1, "fseeko(%s, %jd)", argv[3], (intmax_t)offset);
+ if ((cpfbz2 = BZ2_bzReadOpen(&cbz2err, cpf, 0, 0, NULL, 0)) == NULL)
+ errx(1, "BZ2_bzReadOpen, bz2err = %d", cbz2err);
+- if ((dpf = fopen(argv[3], "r")) == NULL)
+- err(1, "fopen(%s)", argv[3]);
+- if (fseeko(dpf, 32 + bzctrllen, SEEK_SET))
+- err(1, "fseeko(%s, %lld)", argv[3],
+- (long long)(32 + bzctrllen));
++ offset = add_off_t(offset, bzctrllen);
++ if (fseeko(dpf, offset, SEEK_SET))
++ err(1, "fseeko(%s, %jd)", argv[3], (intmax_t)offset);
+ if ((dpfbz2 = BZ2_bzReadOpen(&dbz2err, dpf, 0, 0, NULL, 0)) == NULL)
+ errx(1, "BZ2_bzReadOpen, bz2err = %d", dbz2err);
+- if ((epf = fopen(argv[3], "r")) == NULL)
+- err(1, "fopen(%s)", argv[3]);
+- if (fseeko(epf, 32 + bzctrllen + bzdatalen, SEEK_SET))
+- err(1, "fseeko(%s, %lld)", argv[3],
+- (long long)(32 + bzctrllen + bzdatalen));
++ offset = add_off_t(offset, bzdatalen);
++ if (fseeko(epf, offset, SEEK_SET))
++ err(1, "fseeko(%s, %jd)", argv[3], (intmax_t)offset);
+ if ((epfbz2 = BZ2_bzReadOpen(&ebz2err, epf, 0, 0, NULL, 0)) == NULL)
+ errx(1, "BZ2_bzReadOpen, bz2err = %d", ebz2err);
+
+- if(((fd=open(argv[1],O_RDONLY,0))<0) ||
+- ((oldsize=lseek(fd,0,SEEK_END))==-1) ||
+- ((old=malloc(oldsize+1))==NULL) ||
+- (lseek(fd,0,SEEK_SET)!=0) ||
+- (read(fd,old,oldsize)!=oldsize) ||
+- (close(fd)==-1)) err(1,"%s",argv[1]);
+- if((new=malloc(newsize+1))==NULL) err(1,NULL);
+-
+- oldpos=0;newpos=0;
+- while(newpos<newsize) {
++ if ((oldsize = lseek(oldfd, 0, SEEK_END)) == -1 ||
++ oldsize > SSIZE_MAX ||
++ (old = malloc(oldsize)) == NULL ||
++ lseek(oldfd, 0, SEEK_SET) != 0 ||
++ read(oldfd, old, oldsize) != oldsize ||
++ close(oldfd) == -1)
++ err(1, "%s", argv[1]);
++ if ((new = malloc(newsize)) == NULL)
++ err(1, NULL);
++
++ oldpos = 0;
++ newpos = 0;
++ while (newpos < newsize) {
+ /* Read control data */
+- for(i=0;i<=2;i++) {
++ for (i = 0; i <= 2; i++) {
+ lenread = BZ2_bzRead(&cbz2err, cpfbz2, buf, 8);
+ if ((lenread < 8) || ((cbz2err != BZ_OK) &&
+ (cbz2err != BZ_STREAM_END)))
+- errx(1, "Corrupt patch\n");
+- ctrl[i]=offtin(buf);
+- };
++ errx(1, "Corrupt patch");
++ ctrl[i] = offtin(buf);
++ }
+
+ /* Sanity-check */
+- if ((ctrl[0] < 0) || (ctrl[1] < 0))
+- errx(1,"Corrupt patch\n");
++ if (ctrl[0] < 0 || ctrl[0] > INT_MAX ||
++ ctrl[1] < 0 || ctrl[1] > INT_MAX)
++ errx(1, "Corrupt patch");
+
+ /* Sanity-check */
+- if(newpos+ctrl[0]>newsize)
+- errx(1,"Corrupt patch\n");
++ if (add_off_t(newpos, ctrl[0]) > newsize)
++ errx(1, "Corrupt patch");
+
+ /* Read diff string */
+ lenread = BZ2_bzRead(&dbz2err, dpfbz2, new + newpos, ctrl[0]);
+ if ((lenread < ctrl[0]) ||
+ ((dbz2err != BZ_OK) && (dbz2err != BZ_STREAM_END)))
+- errx(1, "Corrupt patch\n");
++ errx(1, "Corrupt patch");
+
+ /* Add old data to diff string */
+- for(i=0;i<ctrl[0];i++)
+- if((oldpos+i>=0) && (oldpos+i<oldsize))
+- new[newpos+i]+=old[oldpos+i];
++ for (i = 0; i < ctrl[0]; i++)
++ if (add_off_t(oldpos, i) < oldsize)
++ new[newpos + i] += old[oldpos + i];
+
+ /* Adjust pointers */
+- newpos+=ctrl[0];
+- oldpos+=ctrl[0];
++ newpos = add_off_t(newpos, ctrl[0]);
++ oldpos = add_off_t(oldpos, ctrl[0]);
+
+ /* Sanity-check */
+- if(newpos+ctrl[1]>newsize)
+- errx(1,"Corrupt patch\n");
++ if (add_off_t(newpos, ctrl[1]) > newsize)
++ errx(1, "Corrupt patch");
+
+ /* Read extra string */
+ lenread = BZ2_bzRead(&ebz2err, epfbz2, new + newpos, ctrl[1]);
+ if ((lenread < ctrl[1]) ||
+ ((ebz2err != BZ_OK) && (ebz2err != BZ_STREAM_END)))
+- errx(1, "Corrupt patch\n");
++ errx(1, "Corrupt patch");
+
+ /* Adjust pointers */
+- newpos+=ctrl[1];
+- oldpos+=ctrl[2];
+- };
++ newpos = add_off_t(newpos, ctrl[1]);
++ oldpos = add_off_t(oldpos, ctrl[2]);
++ }
+
+ /* Clean up the bzip2 reads */
+ BZ2_bzReadClose(&cbz2err, cpfbz2);
+@@ -197,12 +291,13 @@ int main(int argc,char * argv[])
+ err(1, "fclose(%s)", argv[3]);
+
+ /* Write the new file */
+- if(((fd=open(argv[2],O_CREAT|O_TRUNC|O_WRONLY,0666))<0) ||
+- (write(fd,new,newsize)!=newsize) || (close(fd)==-1))
+- err(1,"%s",argv[2]);
++ if (write(newfd, new, newsize) != newsize || close(newfd) == -1)
++ err(1, "%s", argv[2]);
++ /* Disable atexit cleanup */
++ newfile = NULL;
+
+ free(new);
+ free(old);
+
+- return 0;
++ return (0);
+ }