svn commit: trunk/busybox/archival/libunarchive
vda at busybox.net
vda at busybox.net
Sun Nov 26 15:42:04 UTC 2006
Author: vda
Date: 2006-11-26 07:42:03 -0800 (Sun, 26 Nov 2006)
New Revision: 16672
Log:
tar: refuse to untar files with "/../" components
Modified:
trunk/busybox/archival/libunarchive/get_header_tar.c
Changeset:
Modified: trunk/busybox/archival/libunarchive/get_header_tar.c
===================================================================
--- trunk/busybox/archival/libunarchive/get_header_tar.c 2006-11-26 01:46:59 UTC (rev 16671)
+++ trunk/busybox/archival/libunarchive/get_header_tar.c 2006-11-26 15:42:03 UTC (rev 16672)
@@ -157,7 +157,6 @@
file_header->name = concat_path_file(tar.prefix, tar.name);
} else
file_header->name = xstrdup(tar.name);
- /* FIXME: add check for /../ attacks */
}
/* Set bits 12-15 of the files mode */
@@ -244,6 +243,12 @@
linkname = NULL;
}
#endif
+ if (!strncmp(file_header->name, "/../"+1, 3)
+ || strstr(file_header->name, "/../")
+ ) {
+ bb_error_msg_and_die("name with '..' encountered: '%s'",
+ file_header->name);
+ }
/* Strip trailing '/' in directories */
/* Must be done after mode is set as '/' is used to check if its a directory */
More information about the busybox-cvs
mailing list