bug-gnu-utils
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Security bug: tar allows to overwrite arbitrary file when extracting

From: Paul Eggert
Subject: Re: Security bug: tar allows to overwrite arbitrary file when extracting
Date: Fri, 29 Jun 2001 18:14:10 -0700 (PDT) 
> Date: Thu, 28 Jun 2001 11:30:48 +0200 (CEST)
> From: Mikulas Patocka <address@hidden>
> 
> Here is output of strace -o tr tar xvf xploit.tar

Thanks.  Can you please try the following patch?

--- tar-1.13.19/src/extract.c   Fri Jan 12 21:59:29 2001
+++ tar-1.13.19-fix/src/extract.c       Fri Jun 29 17:53:37 2001
@@ -850,9 +850,9 @@ extract_archive (void)
        break;
 
       if (absolute_names_option
-         || (ISSLASH (current_link_name
-                      [FILESYSTEM_PREFIX_LEN (current_link_name)])
-             && ! contains_dot_dot (current_link_name)))
+         || ! (ISSLASH (current_link_name
+                        [FILESYSTEM_PREFIX_LEN (current_link_name)])
+               || contains_dot_dot (current_link_name)))
        {
          while (status = symlink (current_link_name, CURRENT_FILE_NAME),
                 status != 0)
reply via email to
[Prev in Thread] Current Thread [Next in Thread]