[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
tar-1.13.25: seg fault in get_directory_contents for EPERM dirs
|
From: |
John E Hein |
|
Subject: |
tar-1.13.25: seg fault in get_directory_contents for EPERM dirs |
|
Date: |
Fri, 19 Oct 2001 09:35:16 -0600 |
There is a potential seg. fault in tar-1.13.25/src/incremen.c
If savedir fails (at line 180 in get_directory_contents), which might
happen if, say, the directory cannot be opened due to permissions issues,
it will return a NULL. This NULL pointer might be dereferenced, later,
however.
Recreate this by running with --listed-incremental on a dir for which
you have no read perms:
mkdir /tmp/noperm
chmod a-rwx /tmp/noperm
tar-1.13.25/src/tar --create --directory /tmp --listed-incremental /tmp/list
--file /dev/null /tmp/noperm
I am running FreeBSD 4.3, but this should be a problem on other systems,
too.
Here's a patch. It prevents the seg. fault. I don't know the gnu tar
code that well, so I don't know if it might cause an undesired effect
elsewhere. In fact, to be more efficient, it'd probably be good to exit
from get_directory_contents earlier in the function if there's nothing
that can be done (rather than check for a NULL pointer each time through
the loop).
--- incremen.c.orig Wed Aug 29 12:20:19 2001
+++ incremen.c Fri Oct 19 09:19:02 2001
@@ -204,7 +204,7 @@
if (children != NO_CHILDREN)
for (entry = dirp;
- (entrylen = strlen (entry)) != 0;
+ entry && (entrylen = strlen (entry)) != 0;
entry += entrylen + 1)
{
if (name_buffer_size <= entrylen + name_length)
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- tar-1.13.25: seg fault in get_directory_contents for EPERM dirs,
John E Hein <=