[git commit] unzip: clear SUID/GID bits, implement -K to not clear them

Denys Vlasenko vda.linux at googlemail.com
Wed Feb 22 09:50:14 UTC 2023


commit: https://git.busybox.net/busybox/commit/?id=75197998c22b0760a1a6d5e94f750b12855ef82f
branch: https://git.busybox.net/busybox/commit/?id=refs/heads/master

function                                             old     new   delta
unzip_main                                          2656    2715     +59
packed_usage                                       34517   34552     +35
.rodata                                           105250  105251      +1
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 3/0 up/down: 95/0)               Total: 95 bytes

Signed-off-by: Denys Vlasenko <vda.linux at googlemail.com>
---
 archival/unzip.c | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/archival/unzip.c b/archival/unzip.c
index b27dd2187..691a2d81b 100644
--- a/archival/unzip.c
+++ b/archival/unzip.c
@@ -56,7 +56,7 @@
 //kbuild:lib-$(CONFIG_UNZIP) += unzip.o
 
 //usage:#define unzip_trivial_usage
-//usage:       "[-lnojpq] FILE[.zip] [FILE]... [-x FILE]... [-d DIR]"
+//usage:       "[-lnojpqK] FILE[.zip] [FILE]... [-x FILE]... [-d DIR]"
 //usage:#define unzip_full_usage "\n\n"
 //usage:       "Extract FILEs from ZIP archive\n"
 //usage:     "\n	-l	List contents (with -q for short form)"
@@ -66,6 +66,7 @@
 //usage:     "\n	-p	Write to stdout"
 //usage:     "\n	-t	Test"
 //usage:     "\n	-q	Quiet"
+//usage:     "\n	-K	Do not clear SUID bit"
 //usage:     "\n	-x FILE	Exclude FILEs"
 //usage:     "\n	-d DIR	Extract into DIR"
 
@@ -494,6 +495,7 @@ int unzip_main(int argc, char **argv)
 		OPT_l = (1 << 0),
 		OPT_x = (1 << 1),
 		OPT_j = (1 << 2),
+		OPT_K = (1 << 3),
 	};
 	unsigned opts;
 	smallint quiet = 0;
@@ -559,7 +561,7 @@ int unzip_main(int argc, char **argv)
 
 	opts = 0;
 	/* '-' makes getopt return 1 for non-options */
-	while ((i = getopt(argc, argv, "-d:lnotpqxjv")) != -1) {
+	while ((i = getopt(argc, argv, "-d:lnotpqxjvK")) != -1) {
 		switch (i) {
 		case 'd':  /* Extract to base directory */
 			base_dir = optarg;
@@ -602,6 +604,10 @@ int unzip_main(int argc, char **argv)
 			opts |= OPT_j;
 			break;
 
+		case 'K':
+			opts |= OPT_K;
+			break;
+
 		case 1:
 			if (!src_fn) {
 				/* The zip file */
@@ -819,7 +825,10 @@ int unzip_main(int argc, char **argv)
 # endif
 			if ((cdf.fmt.version_made_by >> 8) == 3) {
 				/* This archive is created on Unix */
-				dir_mode = file_mode = (cdf.fmt.external_attributes >> 16);
+				file_mode = (cdf.fmt.external_attributes >> 16);
+				if (!(opts & OPT_K))
+					file_mode &= ~(mode_t)(S_ISUID | S_ISGID);
+				dir_mode = file_mode;
 			}
 		}
 #endif


More information about the busybox-cvs mailing list