emo/busybox
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

tar: refuse to untar files with "/../" components

Browse Source
This commit is contained in:
Denis Vlasenko 2006-11-26 15:42:03 +00:00
parent b596335868
commit c1660fea6d
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
archival/libunarchive/get_header_tar.c
View File

@ -157,7 +157,6 @@ char get_header_tar(archive_handle_t *archive_handle)
file_header->name = concat_path_file(tar.prefix, tar.name); file_header->name = concat_path_file(tar.prefix, tar.name);
} else } else
file_header->name = xstrdup(tar.name); file_header->name = xstrdup(tar.name);
/* FIXME: add check for /../ attacks */
} }
/* Set bits 12-15 of the files mode */ /* Set bits 12-15 of the files mode */
@ -244,6 +243,12 @@ char get_header_tar(archive_handle_t *archive_handle)
linkname = NULL; linkname = NULL;
} }
#endif #endif
if (!strncmp(file_header->name, "/../"+1, 3)
|| strstr(file_header->name, "/../")
) {
bb_error_msg_and_die("name with '..' encountered: '%s'",
file_header->name);
}
/* Strip trailing '/' in directories */ /* Strip trailing '/' in directories */
/* Must be done after mode is set as '/' is used to check if its a directory */ /* Must be done after mode is set as '/' is used to check if its a directory */