blob: 874018c61c7a11b5ae657613aaae06f78e01cdbe (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
Fix for CVE-2016-6321
https://bugs.alpinelinux.org/issues/6400
https://sintonen.fi/advisories/tar-extract-pathname-bypass.patch
--- a/lib/paxnames.c
+++ b/lib/paxnames.c
@@ -18,6 +18,7 @@
#include <system.h>
#include <hash.h>
#include <paxlib.h>
+#include <quotearg.h>
/* Hash tables of strings. */
@@ -114,7 +115,15 @@
for (p = file_name + prefix_len; *p; )
{
if (p[0] == '.' && p[1] == '.' && (ISSLASH (p[2]) || !p[2]))
- prefix_len = p + 2 - file_name;
+ {
+ static char const *const diagnostic[] =
+ {
+ N_("%s: Member name contains '..'"),
+ N_("%s: Hard link target contains '..'")
+ };
+ FATAL_ERROR ((0, 0, _(diagnostic[link_target]),
+ quotearg_colon (file_name)));
+ }
do
{
|
