This is an automated email from the git hooks/post-receive script. guillem pushed a commit to branch main in repository dpkg.
View the commit online: https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=d4721c06a1fb84caff6b3623f23947c757e0b790 commit d4721c06a1fb84caff6b3623f23947c757e0b790 Author: Guillem Jover <[email protected]> AuthorDate: Sun Apr 23 14:33:41 2023 +0200 libdpkg: Mask the mode from the tar entry to only the file mode bits Depending on the tar implementation used, the mode in the tar entry might include more than the file mode bits, which can cause unexpected values to be set on the unpacked object. Mask them to make sure we are dealing with known metadata. This is currently a problem with AIX's tar, but could happen on other systems using various tar implementations, or with .deb created with builders other than dpkg-deb. --- lib/dpkg/tarfn.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/dpkg/tarfn.c b/lib/dpkg/tarfn.c index 625d73c22..c1a711c10 100644 --- a/lib/dpkg/tarfn.c +++ b/lib/dpkg/tarfn.c @@ -242,7 +242,7 @@ tar_header_get_unix_mode(struct tar_header *h) break; } - mode |= TAR_ATOUL(h->mode, mode_t); + mode |= TAR_ATOUL(h->mode, mode_t) & 07777; return mode; } -- Dpkg.Org's dpkg
