rpm/cpio
SHA256
1
0
Fork 0
forked from pool/cpio
Code Pull Requests Activity
d69eec703b
cpio/cpio-check_for_symlinks.patch
Ismail Dönmez d69eec703b Accepting request 242845 from home:vitezslav_cizek:branches:Archiving 
- fix a truncation check in mt
  * added cpio-fix_truncation_check.patch

- prevent cpio from extracting over a symlink (bnc#658010)
  * added cpio-check_for_symlinks.patch

OBS-URL: https://build.opensuse.org/request/show/242845
OBS-URL: https://build.opensuse.org/package/show/Archiving/cpio?expand=0&rev=44
2014-07-29 11:44:14 +00:00

153 lines
4.9 KiB
Diff
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

Index: cpio-2.11/src/copyin.c
===================================================================
--- cpio-2.11.orig/src/copyin.c 2014-07-01 14:02:39.991007263 +0200
+++ cpio-2.11/src/copyin.c 2014-07-22 16:05:28.171344584 +0200
@@ -686,6 +686,51 @@ copyin_link(struct cpio_file_stat *file_
free (link_name);
}
+
+static int
+path_contains_symlink(char *path)
+{
+ struct stat st;
+ char *slash;
+ char *nextslash;
+
+ /* we got NULL pointer or empty string */
+ if (!path || !*path) {
+ return false;
+ }
+
+ slash = path;
+
+ while ((nextslash = strchr(slash + 1, '/')) != NULL) {
+ slash = nextslash;
+ *slash = '\0';
+
+ if (lstat(path, &st) != 0) {
+ if (errno == ELOOP) {
+ /* ELOOP - too many symlinks */
+ *slash = '/';
+ return true;
+ } else if (errno == ENOMEM) {
+ /* No memory for lstat - terminate */
+ xalloc_die();
+ } else {
+ /* cannot lstat path - give up */
+ *slash = '/';
+ return false;
+ }
+ }
+
+ if (S_ISLNK(st.st_mode)) {
+ *slash = '/';
+ return true;
+ }
+
+ *slash = '/';
+ }
+
+ return false;
+}
+
static void
copyin_file (struct cpio_file_stat *file_hdr, int in_file_des)
{
@@ -1463,6 +1508,23 @@ process_copy_in ()
{
/* Copy the input file into the directory structure. */
+ /* Can we write files over symlinks? */
+ if (!extract_over_symlinks)
+ {
+ if (path_contains_symlink(file_hdr.c_name))
+ {
+ /* skip the file */
+ /*
+ fprintf(stderr, "Can't write over symlinks. Skipping %s\n", file_hdr.c_name);
+ tape_toss_input (in_file_des, file_hdr.c_filesize);
+ tape_skip_padding (in_file_des, file_hdr.c_filesize);
+ continue;
+ */
+ /* terminate */
+ error (1, 0, _("Can't write over symlinks: %s\n"), file_hdr.c_name);
+ }
+ }
+
/* Do we need to rename the file? */
if (rename_flag || rename_batch_file)
{
Index: cpio-2.11/src/global.c
===================================================================
--- cpio-2.11.orig/src/global.c 2014-07-17 16:33:09.768900927 +0200
+++ cpio-2.11/src/global.c 2014-07-21 17:45:58.563494706 +0200
@@ -187,6 +187,9 @@ bool to_stdout_option = false;
/* The name this program was run with. */
char *program_name;
+/* Extract files over symbolic links */
+bool extract_over_symlinks;
+
/* A pointer to either lstat or stat, depending on whether
dereferencing of symlinks is done for input files. */
int (*xstat) ();
Index: cpio-2.11/src/main.c
===================================================================
--- cpio-2.11.orig/src/main.c 2014-07-01 14:02:39.840005051 +0200
+++ cpio-2.11/src/main.c 2014-07-17 20:33:47.839215571 +0200
@@ -57,7 +57,8 @@ enum cpio_options {
FORCE_LOCAL_OPTION,
DEBUG_OPTION,
BLOCK_SIZE_OPTION,
- TO_STDOUT_OPTION
+ TO_STDOUT_OPTION,
+ EXTRACT_OVER_SYMLINKS
};
const char *program_authors[] =
@@ -222,6 +223,8 @@ static struct argp_option options[] = {
N_("Create leading directories where needed"), GRID+1 },
{"no-preserve-owner", NO_PRESERVE_OWNER_OPTION, 0, 0,
N_("Do not change the ownership of the files"), GRID+1 },
+ {"extract-over-symlinks", EXTRACT_OVER_SYMLINKS, 0, 0,
+ N_("Force writing over symbolic links"), GRID+1 },
{"unconditional", 'u', NULL, 0,
N_("Replace all files unconditionally"), GRID+1 },
{"sparse", SPARSE_OPTION, NULL, 0,
@@ -413,6 +416,10 @@ crc newc odc bin ustar tar (all-caps als
no_chown_flag = true;
break;
+ case EXTRACT_OVER_SYMLINKS: /* --extract-over-symlinks */
+ extract_over_symlinks = true;
+ break;
+
case 'o': /* Copy-out mode. */
if (copy_function != 0)
error (PAXEXIT_FAILURE, 0, _("Mode already defined"));
Index: cpio-2.11/src/extern.h
===================================================================
--- cpio-2.11.orig/src/extern.h 2014-07-01 14:02:39.907006032 +0200
+++ cpio-2.11/src/extern.h 2014-07-17 17:11:20.948908806 +0200
@@ -95,6 +95,7 @@ extern char input_is_special;
extern char output_is_special;
extern char input_is_seekable;
extern char output_is_seekable;
+extern bool extract_over_symlinks;
extern int (*xstat) ();
extern void (*copy_function) ();
Index: cpio-2.11/doc/cpio.1
===================================================================
--- cpio-2.11.orig/doc/cpio.1 2009-02-14 19:15:50.000000000 +0100
+++ cpio-2.11/doc/cpio.1 2014-07-21 23:00:33.878746855 +0200
@@ -22,6 +22,7 @@ cpio \- copy files to and from archives
[\-\-owner=[user][:.][group]] [\-\-no-preserve-owner] [\-\-message=message]
[\-\-force\-local] [\-\-no\-absolute\-filenames] [\-\-sparse]
[\-\-only\-verify\-crc] [\-\-to\-stdout] [\-\-quiet] [\-\-rsh-command=command]
+[\-\-extract\-over\-symlinks]
[\-\-help] [\-\-version] [pattern...] [< archive]
.B cpio
View Git Blame Copy Permalink