rpm/tar
SHA256
1
0
Fork 0
forked from pool/tar
Code Pull Requests Activity
885805a010
tar/tar-1.29-extract_pathname_bypass.patch

30 lines
795 B
Diff
Raw Normal View History

Accepting request 439571 from home:kstreitova:branches:Base:System - add tar-1.29-extract_pathname_bypass.patch to fix POINTYFEATHER vulnerability - GNU tar archiver can be tricked into extracting files and directories in the given destination, regardless of the path name(s) specified on the command line [bsc#1007188] [CVE-2016-6321] OBS-URL: https://build.opensuse.org/request/show/439571 OBS-URL: https://build.opensuse.org/package/show/Base:System/tar?expand=0&rev=73
2016-11-10 23:20:00 +01:00
Index: lib/paxnames.c
===================================================================
--- lib/paxnames.c.orig
+++ lib/paxnames.c
@@ -18,6 +18,7 @@
#include <system.h>
#include <hash.h>
#include <paxlib.h>
+#include <quotearg.h>
/* Hash tables of strings. */
@@ -114,7 +115,15 @@ safer_name_suffix (char const *file_name
for (p = file_name + prefix_len; *p; )
{
if (p[0] == '.' && p[1] == '.' && (ISSLASH (p[2]) || !p[2]))
- prefix_len = p + 2 - file_name;
+ {
+ static char const *const diagnostic[] =
+ {
+ N_("%s: Member name contains '..'"),
+ N_("%s: Hard link target contains '..'")
+ };
+ FATAL_ERROR ((0, 0, _(diagnostic[link_target]),
+ quotearg_colon (file_name)));
+ }
do
{
Copy Permalink