testing/tar
SHA256
3
0
Fork 0
forked from pool/tar
Code Pull Requests Activity
3921804989
tar/tar-1.16-CVE-2006-6097.patch

183 lines
6.0 KiB
Diff
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

CVE-2006-6097
2006-11-29 Paul Eggert <eggert@cs.ucla.edu>
* NEWS: Remove support for mangled names.
* doc/tar.texi (verbose tutorial): Likewise.
* src/Makefile.am (tar_SOURCES): Remove mangle.c.
* src/common.h (extract_mangle): Remove decl.
* src/extract.c (extract_mangle_wrapper): Remove.
(prepare_to_extract): Remove support for mangled names.
* src/list.c (read_and, print_header): Likewise.
* src/mangle.c: Remove.
* src/tar.c (GNUTYPE_NAMES): Remove.
Index: NEWS
===================================================================
RCS file: /cvsroot/tar/tar/NEWS,v
retrieving revision 1.126
diff -p -u -r1.126 NEWS
--- NEWS 29 Nov 2006 18:16:27 -0000 1.126
+++ NEWS 30 Nov 2006 06:37:07 -0000
@@ -1,6 +1,14 @@
GNU tar NEWS - User visible changes.
Please send GNU tar bug reports to <bug-tar@gnu.org>
+* Support for reading ustar type 'N' header logical records has been removed.
+ This GNU extension was generated only by very old versions of GNU 'tar'.
+ Unfortunately its implementation had security holes; see
+ <http://archives.neohapsis.com/archives/fulldisclosure/2006-11/0344.html>.
+ We don't expect that any tar archives in practical use have type 'N'
+ records, but if you have one and you trust its contents, you can
+ decode it with GNU tar 1.16 or earlier.
+
version 1.16 - Sergey Poznyakoff, 2006-10-21
* After creating an archive, tar exits with code 1 if some files were
Index: doc/tar.texi
===================================================================
RCS file: /cvsroot/tar/tar/doc/tar.texi,v
retrieving revision 1.123
diff -p -u -r1.123 tar.texi
--- doc/tar.texi 29 Nov 2006 18:11:34 -0000 1.123
+++ doc/tar.texi 30 Nov 2006 06:37:07 -0000
@@ -1000,12 +1000,7 @@ Encountered only at the beginning of a m
from the previous volume. The number @var{n} gives the offset where
the original file was split.
@item --Mangled file names--
-This archive member contains @dfn{mangled file names} declarations,
-a special member type that was used by early versions of @GNUTAR{}.
-You probably will never encounter this, unless you are reading a very
-old archive.
-
@item unknown file type @var{c}
An archive member of unknown type. @var{c} is the type character from
the archive header. If you encounter such a message, it means that
Index: src/Makefile.am
===================================================================
RCS file: /cvsroot/tar/tar/src/Makefile.am,v
retrieving revision 1.24
diff -p -u -r1.24 Makefile.am
--- src/Makefile.am 30 Nov 2006 00:14:11 -0000 1.24
+++ src/Makefile.am 30 Nov 2006 06:37:07 -0000
@@ -30,7 +30,6 @@ tar_SOURCES = \
xheader.c\
incremen.c\
list.c\
- mangle.c\
misc.c\
names.c\
sparse.c\
Index: src/common.h
===================================================================
RCS file: /cvsroot/tar/tar/src/common.h,v
retrieving revision 1.91
diff -p -u -r1.91 common.h
--- src/common.h 29 Nov 2006 18:16:27 -0000 1.91
+++ src/common.h 30 Nov 2006 06:37:07 -0000
@@ -546,10 +546,6 @@ enum read_header tar_checksum (union blo
void skip_file (off_t size);
void skip_member (void);
-/* Module mangle.c. */
-
-void extract_mangle (void);
-
/* Module misc.c. */
void assign_string (char **dest, const char *src);
Index: src/extract.c
===================================================================
RCS file: /cvsroot/tar/tar/src/extract.c,v
retrieving revision 1.97
diff -p -u -r1.97 extract.c
--- src/extract.c 29 Nov 2006 18:16:27 -0000 1.97
+++ src/extract.c 30 Nov 2006 06:37:07 -0000
@@ -1024,13 +1024,6 @@ extract_fifo (char *file_name, int typef
#endif
static int
-extract_mangle_wrapper (char *file_name, int typeflag)
-{
- extract_mangle ();
- return 0;
-}
-
-static int
extract_volhdr (char *file_name, int typeflag)
{
if (verbose_option)
@@ -1121,10 +1114,6 @@ prepare_to_extract (char const *file_nam
*fun = extract_volhdr;
break;
- case GNUTYPE_NAMES:
- *fun = extract_mangle_wrapper;
- break;
-
case GNUTYPE_MULTIVOL:
ERROR ((0, 0,
_("%s: Cannot extract -- file is continued from another volume"),
Index: src/list.c
===================================================================
RCS file: /cvsroot/tar/tar/src/list.c,v
retrieving revision 1.101
diff -p -u -r1.101 list.c
--- src/list.c 2 Jun 2006 08:05:04 -0000 1.101
+++ src/list.c 30 Nov 2006 06:37:07 -0000
@@ -107,7 +107,6 @@ read_and (void (*do_something) (void))
{
case GNUTYPE_VOLHDR:
case GNUTYPE_MULTIVOL:
- case GNUTYPE_NAMES:
break;
case DIRTYPE:
@@ -1047,10 +1046,6 @@ print_header (struct tar_stat_info *st,
modes[0] = 'M';
break;
- case GNUTYPE_NAMES:
- modes[0] = 'N';
- break;
-
case GNUTYPE_LONGNAME:
case GNUTYPE_LONGLINK:
modes[0] = 'L';
@@ -1234,10 +1229,6 @@ print_header (struct tar_stat_info *st,
uintbuf));
fprintf (stdlis, _("--Continued at byte %s--\n"), size);
break;
-
- case GNUTYPE_NAMES:
- fprintf (stdlis, _("--Mangled file names--\n"));
- break;
}
}
fflush (stdlis);
Index: src/tar.h
===================================================================
RCS file: /cvsroot/tar/tar/src/tar.h,v
retrieving revision 1.37
diff -p -u -r1.37 tar.h
--- src/tar.h 29 Nov 2006 18:28:45 -0000 1.37
+++ src/tar.h 30 Nov 2006 06:37:07 -0000
@@ -165,6 +165,7 @@ struct oldgnu_header
'A' Solaris Access Control List
'E' Solaris Extended Attribute File
'I' Inode only, as in 'star'
+ 'N' Obsolete GNU tar, for file names that do not fit into the main header.
'X' POSIX 1003.1-2001 eXtended (VU version) */
/* This is a dir entry that contains the names of files that were in the
@@ -180,8 +181,5 @@ struct oldgnu_header
/* This is the continuation of a file that began on another volume. */
#define GNUTYPE_MULTIVOL 'M'
-/* For storing filenames that do not fit into the main header. */
-#define GNUTYPE_NAMES 'N'
-
/* This is for sparse files. */
#define GNUTYPE_SPARSE 'S'
View Git Blame Copy Permalink