| /openbsd/bin/pax/ |
| H A D | pax.h | 2dbd6dc5 Mon Mar 09 04:23:29 GMT 2015 guenther <guenther@openbsd.org> Unrevert post-unlock:
* Prevent an archive from esacaping the current directory by itself:
when extracting a symlink whose value is absolute or contains ".."
components, just create a zero-length normal file (with additional
tracking of the mode and hardlinks to the symlink) until everything
else is extracted, then go back and replace it with the requested
link (if it's still that zero-length placeholder).
* For tar without -P, if a path in the archive has any ".." components
then strip everything up to and including the last of them (if
it ends in ".." then it becomes ".")
This mostly follows GNU tar's behavior, except for 'tar tf' and
'tar xvf' we report the modified path that would be/was actually
created instead of the raw path from the archive
Above two fixes prompted by a report from Daniel Cegielka
(daniel.cegielka (at) gmail.com)
* For directories whose times or mode will be fixed up in the
clean-up pass, record their dev+ino and then use
open(O_DIRECTORY)+fstat() to verify that we're updating the correct
directory before using futimens() and fchmod().
* Correct buffer overflow in handling of pax extension headers,
caught by the memcpy() overlap check.
previously ok millert@ deraadt@
|
| H A D | ftree.c | 2dbd6dc5 Mon Mar 09 04:23:29 GMT 2015 guenther <guenther@openbsd.org> Unrevert post-unlock:
* Prevent an archive from esacaping the current directory by itself:
when extracting a symlink whose value is absolute or contains ".."
components, just create a zero-length normal file (with additional
tracking of the mode and hardlinks to the symlink) until everything
else is extracted, then go back and replace it with the requested
link (if it's still that zero-length placeholder).
* For tar without -P, if a path in the archive has any ".." components
then strip everything up to and including the last of them (if
it ends in ".." then it becomes ".")
This mostly follows GNU tar's behavior, except for 'tar tf' and
'tar xvf' we report the modified path that would be/was actually
created instead of the raw path from the archive
Above two fixes prompted by a report from Daniel Cegielka
(daniel.cegielka (at) gmail.com)
* For directories whose times or mode will be fixed up in the
clean-up pass, record their dev+ino and then use
open(O_DIRECTORY)+fstat() to verify that we're updating the correct
directory before using futimens() and fchmod().
* Correct buffer overflow in handling of pax extension headers,
caught by the memcpy() overlap check.
previously ok millert@ deraadt@
|
| H A D | pat_rep.c | 2dbd6dc5 Mon Mar 09 04:23:29 GMT 2015 guenther <guenther@openbsd.org> Unrevert post-unlock:
* Prevent an archive from esacaping the current directory by itself:
when extracting a symlink whose value is absolute or contains ".."
components, just create a zero-length normal file (with additional
tracking of the mode and hardlinks to the symlink) until everything
else is extracted, then go back and replace it with the requested
link (if it's still that zero-length placeholder).
* For tar without -P, if a path in the archive has any ".." components
then strip everything up to and including the last of them (if
it ends in ".." then it becomes ".")
This mostly follows GNU tar's behavior, except for 'tar tf' and
'tar xvf' we report the modified path that would be/was actually
created instead of the raw path from the archive
Above two fixes prompted by a report from Daniel Cegielka
(daniel.cegielka (at) gmail.com)
* For directories whose times or mode will be fixed up in the
clean-up pass, record their dev+ino and then use
open(O_DIRECTORY)+fstat() to verify that we're updating the correct
directory before using futimens() and fchmod().
* Correct buffer overflow in handling of pax extension headers,
caught by the memcpy() overlap check.
previously ok millert@ deraadt@
|
| H A D | tables.c | 2dbd6dc5 Mon Mar 09 04:23:29 GMT 2015 guenther <guenther@openbsd.org> Unrevert post-unlock:
* Prevent an archive from esacaping the current directory by itself:
when extracting a symlink whose value is absolute or contains ".."
components, just create a zero-length normal file (with additional
tracking of the mode and hardlinks to the symlink) until everything
else is extracted, then go back and replace it with the requested
link (if it's still that zero-length placeholder).
* For tar without -P, if a path in the archive has any ".." components
then strip everything up to and including the last of them (if
it ends in ".." then it becomes ".")
This mostly follows GNU tar's behavior, except for 'tar tf' and
'tar xvf' we report the modified path that would be/was actually
created instead of the raw path from the archive
Above two fixes prompted by a report from Daniel Cegielka
(daniel.cegielka (at) gmail.com)
* For directories whose times or mode will be fixed up in the
clean-up pass, record their dev+ino and then use
open(O_DIRECTORY)+fstat() to verify that we're updating the correct
directory before using futimens() and fchmod().
* Correct buffer overflow in handling of pax extension headers,
caught by the memcpy() overlap check.
previously ok millert@ deraadt@
|
| H A D | file_subs.c | 2dbd6dc5 Mon Mar 09 04:23:29 GMT 2015 guenther <guenther@openbsd.org> Unrevert post-unlock:
* Prevent an archive from esacaping the current directory by itself:
when extracting a symlink whose value is absolute or contains ".."
components, just create a zero-length normal file (with additional
tracking of the mode and hardlinks to the symlink) until everything
else is extracted, then go back and replace it with the requested
link (if it's still that zero-length placeholder).
* For tar without -P, if a path in the archive has any ".." components
then strip everything up to and including the last of them (if
it ends in ".." then it becomes ".")
This mostly follows GNU tar's behavior, except for 'tar tf' and
'tar xvf' we report the modified path that would be/was actually
created instead of the raw path from the archive
Above two fixes prompted by a report from Daniel Cegielka
(daniel.cegielka (at) gmail.com)
* For directories whose times or mode will be fixed up in the
clean-up pass, record their dev+ino and then use
open(O_DIRECTORY)+fstat() to verify that we're updating the correct
directory before using futimens() and fchmod().
* Correct buffer overflow in handling of pax extension headers,
caught by the memcpy() overlap check.
previously ok millert@ deraadt@
|
| H A D | pax.c | 2dbd6dc5 Mon Mar 09 04:23:29 GMT 2015 guenther <guenther@openbsd.org> Unrevert post-unlock:
* Prevent an archive from esacaping the current directory by itself:
when extracting a symlink whose value is absolute or contains ".."
components, just create a zero-length normal file (with additional
tracking of the mode and hardlinks to the symlink) until everything
else is extracted, then go back and replace it with the requested
link (if it's still that zero-length placeholder).
* For tar without -P, if a path in the archive has any ".." components
then strip everything up to and including the last of them (if
it ends in ".." then it becomes ".")
This mostly follows GNU tar's behavior, except for 'tar tf' and
'tar xvf' we report the modified path that would be/was actually
created instead of the raw path from the archive
Above two fixes prompted by a report from Daniel Cegielka
(daniel.cegielka (at) gmail.com)
* For directories whose times or mode will be fixed up in the
clean-up pass, record their dev+ino and then use
open(O_DIRECTORY)+fstat() to verify that we're updating the correct
directory before using futimens() and fchmod().
* Correct buffer overflow in handling of pax extension headers,
caught by the memcpy() overlap check.
previously ok millert@ deraadt@
|
| H A D | ar_subs.c | 2dbd6dc5 Mon Mar 09 04:23:29 GMT 2015 guenther <guenther@openbsd.org> Unrevert post-unlock:
* Prevent an archive from esacaping the current directory by itself:
when extracting a symlink whose value is absolute or contains ".."
components, just create a zero-length normal file (with additional
tracking of the mode and hardlinks to the symlink) until everything
else is extracted, then go back and replace it with the requested
link (if it's still that zero-length placeholder).
* For tar without -P, if a path in the archive has any ".." components
then strip everything up to and including the last of them (if
it ends in ".." then it becomes ".")
This mostly follows GNU tar's behavior, except for 'tar tf' and
'tar xvf' we report the modified path that would be/was actually
created instead of the raw path from the archive
Above two fixes prompted by a report from Daniel Cegielka
(daniel.cegielka (at) gmail.com)
* For directories whose times or mode will be fixed up in the
clean-up pass, record their dev+ino and then use
open(O_DIRECTORY)+fstat() to verify that we're updating the correct
directory before using futimens() and fchmod().
* Correct buffer overflow in handling of pax extension headers,
caught by the memcpy() overlap check.
previously ok millert@ deraadt@
|
| H A D | extern.h | 2dbd6dc5 Mon Mar 09 04:23:29 GMT 2015 guenther <guenther@openbsd.org> Unrevert post-unlock:
* Prevent an archive from esacaping the current directory by itself:
when extracting a symlink whose value is absolute or contains ".."
components, just create a zero-length normal file (with additional
tracking of the mode and hardlinks to the symlink) until everything
else is extracted, then go back and replace it with the requested
link (if it's still that zero-length placeholder).
* For tar without -P, if a path in the archive has any ".." components
then strip everything up to and including the last of them (if
it ends in ".." then it becomes ".")
This mostly follows GNU tar's behavior, except for 'tar tf' and
'tar xvf' we report the modified path that would be/was actually
created instead of the raw path from the archive
Above two fixes prompted by a report from Daniel Cegielka
(daniel.cegielka (at) gmail.com)
* For directories whose times or mode will be fixed up in the
clean-up pass, record their dev+ino and then use
open(O_DIRECTORY)+fstat() to verify that we're updating the correct
directory before using futimens() and fchmod().
* Correct buffer overflow in handling of pax extension headers,
caught by the memcpy() overlap check.
previously ok millert@ deraadt@
|
| H A D | tar.c | 2dbd6dc5 Mon Mar 09 04:23:29 GMT 2015 guenther <guenther@openbsd.org> Unrevert post-unlock:
* Prevent an archive from esacaping the current directory by itself:
when extracting a symlink whose value is absolute or contains ".."
components, just create a zero-length normal file (with additional
tracking of the mode and hardlinks to the symlink) until everything
else is extracted, then go back and replace it with the requested
link (if it's still that zero-length placeholder).
* For tar without -P, if a path in the archive has any ".." components
then strip everything up to and including the last of them (if
it ends in ".." then it becomes ".")
This mostly follows GNU tar's behavior, except for 'tar tf' and
'tar xvf' we report the modified path that would be/was actually
created instead of the raw path from the archive
Above two fixes prompted by a report from Daniel Cegielka
(daniel.cegielka (at) gmail.com)
* For directories whose times or mode will be fixed up in the
clean-up pass, record their dev+ino and then use
open(O_DIRECTORY)+fstat() to verify that we're updating the correct
directory before using futimens() and fchmod().
* Correct buffer overflow in handling of pax extension headers,
caught by the memcpy() overlap check.
previously ok millert@ deraadt@
|