This patch causes tar to strip leading / from rename codes during
creation. Can you also patch tar to strip leading / from rename
codes during extraction? This would prevent odd behaivor when
extracting an archive created with an unpatched version of tar and
prevent malicious use of rename codes
Nick
On Sat, Sep 29, 2007 at 03:49:57AM +0300, Sergey Poznyakoff wrote:
> Nicholas Cole <[EMAIL PROTECTED]> ha escrit:
>
> > A leading / is being included in incremental snapshot rename codes
> > when a member name has a leading / and tar removes leading / from
> > member names when the archive is created
> >
> > Is this a bug or am I doing something incorrect?
>
> Yes, it is a bug. Thanks for reporting. I have installed the enclosed
> fix.
>
> Regards,
> Sergey
>
> Index: src/incremen.c
> ===================================================================
> RCS file: /cvsroot/tar/tar/src/incremen.c,v
> retrieving revision 1.57
> diff -p -u -r1.57 incremen.c
> --- src/incremen.c 26 Sep 2007 22:08:13 -0000 1.57
> +++ src/incremen.c 29 Sep 2007 00:39:20 -0000
> @@ -609,10 +609,17 @@ get_directory_contents (char *dir, dev_t
> static void
> obstack_code_rename (struct obstack *stk, char *from, char *to)
> {
> + char *s;
> +
> + s = from[0] == 0 ? from :
> + safer_name_suffix (from, false, absolute_names_option);
> obstack_1grow (stk, 'R');
> - obstack_grow (stk, from, strlen (from) + 1);
> + obstack_grow (stk, s, strlen (s) + 1);
> +
> + s = to[0] == 0 ? to:
> + safer_name_suffix (to, false, absolute_names_option);
> obstack_1grow (stk, 'T');
> - obstack_grow (stk, to, strlen (to) + 1);
> + obstack_grow (stk, s, strlen (s) + 1);
> }
>
> static bool
--
Nicholas Cole
[EMAIL PROTECTED]
