[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Security bug: tar allows to overwrite arbitrary file when extracting
From: |
Paul Eggert |
Subject: |
Re: Security bug: tar allows to overwrite arbitrary file when extracting |
Date: |
Fri, 29 Jun 2001 18:14:10 -0700 (PDT) |
> Date: Thu, 28 Jun 2001 11:30:48 +0200 (CEST)
> From: Mikulas Patocka <address@hidden>
>
> Here is output of strace -o tr tar xvf xploit.tar
Thanks. Can you please try the following patch?
--- tar-1.13.19/src/extract.c Fri Jan 12 21:59:29 2001
+++ tar-1.13.19-fix/src/extract.c Fri Jun 29 17:53:37 2001
@@ -850,9 +850,9 @@ extract_archive (void)
break;
if (absolute_names_option
- || (ISSLASH (current_link_name
- [FILESYSTEM_PREFIX_LEN (current_link_name)])
- && ! contains_dot_dot (current_link_name)))
+ || ! (ISSLASH (current_link_name
+ [FILESYSTEM_PREFIX_LEN (current_link_name)])
+ || contains_dot_dot (current_link_name)))
{
while (status = symlink (current_link_name, CURRENT_FILE_NAME),
status != 0)