diff options
| author |   Mike Frysinger <vapier@gentoo.org> | 2008-03-29 02:36:53 +0000 |
|---|---|---|
| committer | Mike Frysinger <vapier@gentoo.org> | 2008-03-29 02:36:53 +0000 |
| commit | 0728fc5c763a43e9c26ff447aa7cac16b4e89ec4 (patch) | |
| tree | 0367ebe421b73f3fce2264477164561a2e1f8777 /app-arch/unzip | |
| parent | Version Bump. Thanks Meatoo. (diff) | |
| download | gentoo-2-0728fc5c763a43e9c26ff447aa7cac16b4e89ec4.tar.gz gentoo-2-0728fc5c763a43e9c26ff447aa7cac16b4e89ec4.tar.bz2 gentoo-2-0728fc5c763a43e9c26ff447aa7cac16b4e89ec4.zip | |
old
Diffstat (limited to 'app-arch/unzip')
| -rw-r--r-- | app-arch/unzip/files/unzip-5.50-dotdot.patch | 85 |
1 files changed, 0 insertions, 85 deletions
diff --git a/app-arch/unzip/files/unzip-5.50-dotdot.patch b/app-arch/unzip/files/unzip-5.50-dotdot.patch deleted file mode 100644 index 73441f7b290e..000000000000 --- a/app-arch/unzip/files/unzip-5.50-dotdot.patch +++ /dev/null @@ -1,85 +0,0 @@ -Only in unzip-5.50-lhh/: cscope.files -Only in unzip-5.50-lhh/: cscope.out -diff -ur unzip-5.50/unix/unix.c unzip-5.50-lhh/unix/unix.c ---- unzip-5.50/unix/unix.c 2002-01-21 17:54:42.000000000 -0500 -+++ unzip-5.50-lhh/unix/unix.c 2003-06-11 18:35:38.000000000 -0400 -@@ -421,7 +421,8 @@ - */ - { - char pathcomp[FILNAMSIZ]; /* path-component buffer */ -- char *pp, *cp=(char *)NULL; /* character pointers */ -+ char *pp, *cp=(char *)NULL, /* character pointers */ -+ *dp=(char *)NULL; - char *lastsemi=(char *)NULL; /* pointer to last semi-colon in pathcomp */ - #ifdef ACORN_FTYPE_NFS - char *lastcomma=(char *)NULL; /* pointer to last comma in pathcomp */ -@@ -429,6 +430,7 @@ - #endif - int quote = FALSE; /* flags */ - int killed_ddot = FALSE; /* is set when skipping "../" pathcomp */ -+ int snarf_ddot = FALSE; /* Is set while scanning for "../" */ - int error = MPN_OK; - register unsigned workch; /* hold the character being tested */ - -@@ -467,6 +469,9 @@ - while ((workch = (uch)*cp++) != 0) { - - if (quote) { /* if character quoted, */ -+ if ((pp == pathcomp) && (workch == '.')) -+ /* Oh no you don't... */ -+ goto ddot_hack; - *pp++ = (char)workch; /* include it literally */ - quote = FALSE; - } else -@@ -481,15 +486,44 @@ - break; - - case '.': -- if (pp == pathcomp) { /* nothing appended yet... */ -+ if (pp == pathcomp) { -+ddot_hack: -+ /* nothing appended yet... */ - if (*cp == '/') { /* don't bother appending "./" to */ - ++cp; /* the path: skip behind the '/' */ - break; -- } else if (!uO.ddotflag && *cp == '.' && cp[1] == '/') { -- /* "../" dir traversal detected */ -- cp += 2; /* skip over behind the '/' */ -- killed_ddot = TRUE; /* set "show message" flag */ -- break; -+ } else if (!uO.ddotflag) { -+ -+ /* -+ * SECURITY: Skip past control characters if the user -+ * didn't OK use of absolute pathnames. lhh - this is -+ * a very quick, ugly, inefficient fix. -+ */ -+ dp = cp; -+ do { -+ workch = (uch)(*dp); -+ if (workch == '/' && snarf_ddot) { -+ /* "../" dir traversal detected */ -+ cp = dp + 1; /* skip past the '/' */ -+ killed_ddot = TRUE; /* set "show msg" flag */ -+ break; -+ } else if (workch == '.' && !snarf_ddot) { -+ snarf_ddot = TRUE; -+ } else if (isprint(workch) || -+ ((workch > 127) && (workch <= 254))) { -+ /* -+ * Since we found a printable, non-ctrl char, -+ * we can stop looking for '../', the amount -+ * in ../! -+ */ -+ break; -+ } -+ -+ dp++; -+ } while (*dp != 0); -+ -+ if (killed_ddot) -+ break; - } - } - *pp++ = '.'; -Only in unzip-5.50-lhh/unix: .unix.c.swp |