community/cpio: add minor security fixes, fix tests

- add fixes for CVE-2016-2037, integer overflow and inconsistent
   argument passing to printf-like functions, all from upstream.
 - add autoconf to checkdepends as autom4te is required to create
   built-in tests from templates;
 - remove bash from checkdepends (as it is useless without passing
   CONFIG_SHELL=/bin/bash to ./configure anyway) and replace the
   bash-style sequence expression at tests/symlink-long.at:30 to
   resolve test failure;
 - disable NLS and make explicit other default ./configure options.

1 files changed, 19 insertions, 0 deletions

diff --git a/community/cpio/fix-signed-integer-overflow-big-block-sizes.patch b/community/cpio/fix-signed-integer-overflow-big-block-sizes.patch
new file mode 100644
index 0000000000..da2691ed87
--- /dev/null
+++ b/community/cpio/fix-signed-integer-overflow-big-block-sizes.patch
@@ -0,0 +1,19 @@
+commit 404600ebb4d417238bfabf7ec1561a62dc83c168
+Author: grajagandev <dmoorefo@gmail.com>
+Date:   Mon Feb 8 07:58:45 2016 -0800
+
+    Fix signed integer overflow - big block sizes
+
+diff --git a/src/main.c b/src/main.c
+index a13861f..5a30a7b 100644
+--- a/src/main.c
++++ b/src/main.c
+@@ -321,7 +321,7 @@ parse_opt (int key, char *arg, struct argp_state *state)
+ 
+     case BLOCK_SIZE_OPTION:		/* --block-size */
+       io_block_size = atoi (arg);
+-      if (io_block_size < 1)
++      if (io_block_size < 1 || io_block_size > INT_MAX/512)
+ 	USAGE_ERROR ((0, 0, _("invalid block size")));
+       io_block_size *= 512;
+       break;