diff options
| author | tonnerre <tonnerre> | 2008-06-08 02:40:38 +0000 |
|---|---|---|
| committer | tonnerre <tonnerre> | 2008-06-08 02:40:38 +0000 |
| commit | 34457a8abc3c66e6b468e70e75709fb83e51a766 (patch) | |
| tree | 6b4d5514c8e77f6f757b65bc79cd735377261a06 /archivers/star | |
| parent | e860b8c457347a6346076b07812c0a5939656cce (diff) | |
| download | pkgsrc-34457a8abc3c66e6b468e70e75709fb83e51a766.tar.gz | |
Fix directory traversal vulnerability (CVE-2007-4134) in star.
Diffstat (limited to 'archivers/star')
| -rw-r--r-- | archivers/star/Makefile | 4 | ||||
| -rw-r--r-- | archivers/star/distinfo | 3 | ||||
| -rw-r--r-- | archivers/star/patches/patch-ad | 64 |
3 files changed, 68 insertions, 3 deletions
diff --git a/archivers/star/Makefile b/archivers/star/Makefile index c10e26fe04d..ee685c4b076 100644 --- a/archivers/star/Makefile +++ b/archivers/star/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.21 2007/12/30 17:25:41 cjep Exp $ +# $NetBSD: Makefile,v 1.22 2008/06/08 02:40:38 tonnerre Exp $ # DISTNAME= star-1.4.3 -PKGREVISION= 3 +PKGREVISION= 4 CATEGORIES= archivers MASTER_SITES= ftp://ftp.berlios.de/pub/star/ diff --git a/archivers/star/distinfo b/archivers/star/distinfo index a277abb6d0b..e034bfdf70f 100644 --- a/archivers/star/distinfo +++ b/archivers/star/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.8 2007/12/30 17:25:42 cjep Exp $ +$NetBSD: distinfo,v 1.9 2008/06/08 02:40:38 tonnerre Exp $ SHA1 (star-1.4.3.tar.gz) = c59b68d97edba77a9ac6000be04d457ded1eefe9 RMD160 (star-1.4.3.tar.gz) = f7ec71bfab1723c994e5eed7e6818394a41d44d9 @@ -6,3 +6,4 @@ Size (star-1.4.3.tar.gz) = 520388 bytes SHA1 (patch-aa) = 4fe4af396adf23eb7ac071b02a7bf726ab1e4318 SHA1 (patch-ab) = aea3af88d3bedf2ce7a7744c90062ba4e57bb79f SHA1 (patch-ac) = 81e6361db3903e5b04fae4e70ad3a37f9a2f4fa7 +SHA1 (patch-ad) = 8e9fff0b8345a1997ae08a5c5e57260b4c5f8090 diff --git a/archivers/star/patches/patch-ad b/archivers/star/patches/patch-ad new file mode 100644 index 00000000000..f40d56bfebe --- /dev/null +++ b/archivers/star/patches/patch-ad @@ -0,0 +1,64 @@ +$NetBSD: patch-ad,v 1.1 2008/06/08 02:40:38 tonnerre Exp $ + +--- star/extract.c.orig 2002-05-02 22:02:41.000000000 +0200 ++++ star/extract.c +@@ -92,6 +92,7 @@ EXPORT int xt_file __PR((FINFO * info, + int (*)(void *, char *, int), + void *arg, int amt, char* text)); + EXPORT void skip_slash __PR((FINFO * info)); ++LOCAL BOOL has_dotdot __PR((char *name)); + + EXPORT void + extract(vhname) +@@ -152,6 +153,12 @@ extract(vhname) + if (is_symlink(&finfo) && same_symlink(&finfo)) { + continue; + } ++ if (!interactive && has_dotdot(finfo.f_name)) { ++ errmsgno(EX_BAD, "'%s' contains '..', skipping ...\n", ++ finfo.f_name); ++ void_file(&finfo); ++ return (FALSE); ++ } + if (interactive && !ia_change(ptb, &finfo)) { + if (!nflag) + fprintf(vpr, "Skipping ...\n"); +@@ -169,6 +176,12 @@ extract(vhname) + if (!make_dir(&finfo)) + continue; + } else if (is_link(&finfo)) { ++ if (!interactive && has_dotdot(finfo.f_lname)) { ++ errmsgno(EX_BAD, "'%s' contains '..', " ++ "skipping ...\n", finfo.f_lname); ++ void_file(&finfo); ++ return (FALSE); ++ } + if (!make_link(&finfo)) + continue; + } else if (is_symlink(&finfo)) { +@@ -830,3 +843,25 @@ skip_slash(info) + while (info->f_lname[0] == '/') + info->f_lname++; + } ++ ++LOCAL BOOL ++has_dotdot(name) ++ char *name; ++{ ++ register char *p = name; ++ ++ while (*p) { ++ if ((p[0] == '.' && p[1] == '.') && ++ (p[2] == '/' || p[2] == '\0')) { ++ return (TRUE); ++ } ++ do { ++ if (*p++ == '\0') ++ return (FALSE); ++ } while (*p != '/'); ++ p++; ++ while (*p && *p == '/') /* Skip multiple slashes */ ++ p++; ++ } ++ return (FALSE); ++} |