diff options
author | Sergey Poznyakoff <gray@gnu.org> | 2019-11-03 17:31:37 +0200 |
---|---|---|
committer | Sergey Poznyakoff <gray@gnu.org> | 2019-11-03 17:40:03 +0200 |
commit | 45b0ee2b407913c533f7ded8d6f8cbeec16ff6ca (patch) | |
tree | 7f0251e6df12aadae7c6779bc7cacf2da8254bac /src | |
parent | 3177d660a4c62a6acb538b0f7c54ba423698889a (diff) | |
download | cpio-45b0ee2b407913c533f7ded8d6f8cbeec16ff6ca.tar.gz cpio-45b0ee2b407913c533f7ded8d6f8cbeec16ff6ca.tar.bz2 |
Fix CVE-2015-1197
* src/copyin.c (copyin_link): Force safer name suffix for symbolic links.
* tests/CVE-2015-1197.at: New file.
* tests/Makefile.am: Add new test case.
* tests/testsuite.at: Likewise.
Diffstat (limited to 'src')
-rw-r--r-- | src/copyin.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/src/copyin.c b/src/copyin.c index 63541eb..7cdfda3 100644 --- a/src/copyin.c +++ b/src/copyin.c @@ -645,13 +645,14 @@ copyin_link (struct cpio_file_stat *file_hdr, int in_file_des) link_name = xstrdup (file_hdr->c_tar_linkname); } + cpio_safer_name_suffix (link_name, true, !no_abs_paths_flag, false); + res = UMASKED_SYMLINK (link_name, file_hdr->c_name, file_hdr->c_mode); if (res < 0 && create_dir_flag) { create_all_directories (file_hdr->c_name); - res = UMASKED_SYMLINK (link_name, file_hdr->c_name, - file_hdr->c_mode); + res = UMASKED_SYMLINK (link_name, file_hdr->c_name, file_hdr->c_mode); } if (res < 0) { |