aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorSergey Poznyakoff <gray@gnu.org>2019-11-03 17:31:37 +0200
committerSergey Poznyakoff <gray@gnu.org>2019-11-03 17:40:03 +0200
commit45b0ee2b407913c533f7ded8d6f8cbeec16ff6ca (patch)
tree7f0251e6df12aadae7c6779bc7cacf2da8254bac /src
parent3177d660a4c62a6acb538b0f7c54ba423698889a (diff)
downloadcpio-45b0ee2b407913c533f7ded8d6f8cbeec16ff6ca.tar.gz
cpio-45b0ee2b407913c533f7ded8d6f8cbeec16ff6ca.tar.bz2
Fix CVE-2015-1197
* src/copyin.c (copyin_link): Force safer name suffix for symbolic links. * tests/CVE-2015-1197.at: New file. * tests/Makefile.am: Add new test case. * tests/testsuite.at: Likewise.
Diffstat (limited to 'src')
-rw-r--r--src/copyin.c5
1 files changed, 3 insertions, 2 deletions
diff --git a/src/copyin.c b/src/copyin.c
index 63541eb..7cdfda3 100644
--- a/src/copyin.c
+++ b/src/copyin.c
@@ -645,13 +645,14 @@ copyin_link (struct cpio_file_stat *file_hdr, int in_file_des)
link_name = xstrdup (file_hdr->c_tar_linkname);
}
+ cpio_safer_name_suffix (link_name, true, !no_abs_paths_flag, false);
+
res = UMASKED_SYMLINK (link_name, file_hdr->c_name,
file_hdr->c_mode);
if (res < 0 && create_dir_flag)
{
create_all_directories (file_hdr->c_name);
- res = UMASKED_SYMLINK (link_name, file_hdr->c_name,
- file_hdr->c_mode);
+ res = UMASKED_SYMLINK (link_name, file_hdr->c_name, file_hdr->c_mode);
}
if (res < 0)
{

Return to:

Send suggestions and report system problems to the System administrator.