From 908b9f1ded664a582ec145d234dde1d165225815 Mon Sep 17 00:00:00 2001 From: adrianp Date: Thu, 3 Nov 2005 19:38:50 +0000 Subject: Fixes for CAN-2005-1111 and CAN-2005-1229 --- archivers/gcpio/Makefile | 6 +- archivers/gcpio/PLIST | 4 +- archivers/gcpio/distinfo | 27 +++--- archivers/gcpio/patches/patch-aa | 44 ---------- archivers/gcpio/patches/patch-ab | 12 --- archivers/gcpio/patches/patch-ac | 6 +- archivers/gcpio/patches/patch-ae | 8 +- archivers/gcpio/patches/patch-ag | 16 ++-- archivers/gcpio/patches/patch-ah | 62 ++++++++++++-- archivers/gcpio/patches/patch-ai | 174 +++++++++++++++++++++++++++++++++++++++ archivers/gcpio/patches/patch-aj | 13 +++ archivers/gcpio/patches/patch-ak | 13 +++ archivers/gcpio/patches/patch-al | 26 ++++++ archivers/gcpio/patches/patch-am | 13 +++ archivers/gcpio/patches/patch-an | 31 +++++++ archivers/gcpio/patches/patch-ao | 35 ++++++++ 16 files changed, 396 insertions(+), 94 deletions(-) delete mode 100644 archivers/gcpio/patches/patch-aa delete mode 100644 archivers/gcpio/patches/patch-ab create mode 100644 archivers/gcpio/patches/patch-ai create mode 100644 archivers/gcpio/patches/patch-aj create mode 100644 archivers/gcpio/patches/patch-ak create mode 100644 archivers/gcpio/patches/patch-al create mode 100644 archivers/gcpio/patches/patch-am create mode 100644 archivers/gcpio/patches/patch-an create mode 100644 archivers/gcpio/patches/patch-ao (limited to 'archivers/gcpio') diff --git a/archivers/gcpio/Makefile b/archivers/gcpio/Makefile index 0285e2f8cf2..9e68329f136 100644 --- a/archivers/gcpio/Makefile +++ b/archivers/gcpio/Makefile @@ -1,9 +1,9 @@ -# $NetBSD: Makefile,v 1.25 2005/10/04 18:14:30 reed Exp $ +# $NetBSD: Makefile,v 1.26 2005/11/03 19:38:50 adrianp Exp $ # -DISTNAME= cpio-2.5 -PKGNAME= g${DISTNAME} +DISTNAME= cpio-2.6 PKGREVISION= 1 +PKGNAME= g${DISTNAME} CATEGORIES= archivers MASTER_SITES= ${MASTER_SITE_GNU:=cpio/} diff --git a/archivers/gcpio/PLIST b/archivers/gcpio/PLIST index f273a26680b..e08c736a449 100644 --- a/archivers/gcpio/PLIST +++ b/archivers/gcpio/PLIST @@ -1,3 +1,5 @@ -@comment $NetBSD: PLIST,v 1.5 2004/01/02 16:03:11 seb Exp $ +@comment $NetBSD: PLIST,v 1.6 2005/11/03 19:38:51 adrianp Exp $ bin/${GNU_PROGRAM_PREFIX}cpio +libexec/${GNU_PROGRAM_PREFIX}rmt man/man1/${GNU_PROGRAM_PREFIX}cpio.1 +man/man1/${GNU_PROGRAM_PREFIX}mt.1 diff --git a/archivers/gcpio/distinfo b/archivers/gcpio/distinfo index 9080ec8497f..89a0f90ab80 100644 --- a/archivers/gcpio/distinfo +++ b/archivers/gcpio/distinfo @@ -1,13 +1,16 @@ -$NetBSD: distinfo,v 1.8 2005/03/20 19:53:09 salo Exp $ +$NetBSD: distinfo,v 1.9 2005/11/03 19:38:51 adrianp Exp $ -SHA1 (cpio-2.5.tar.gz) = d5908ee20484f092e591a430620feec33060528c -RMD160 (cpio-2.5.tar.gz) = 92ab8152b03eae064f24909d76bad31a331d283d -Size (cpio-2.5.tar.gz) = 185480 bytes -SHA1 (patch-aa) = 2d6b714be46f26782b1a6e6af47710c6e20f50b8 -SHA1 (patch-ab) = e3529142851ebe87b6df37ab33571209512b0f17 -SHA1 (patch-ac) = 404dcc134a0c8b9007a3efdc8caf6b36efcf125b -SHA1 (patch-ad) = 854df599fa330ae2b07ab6cae4c2a1f2e0988ff5 -SHA1 (patch-ae) = 5de604f8278756e1ef8d4b72f9cd7638cb0496ab -SHA1 (patch-af) = d42ed286fa508dc2be2415614412cac8929f19f8 -SHA1 (patch-ag) = aadb8f4fa2ec467905ad83558227dcc244405b3e -SHA1 (patch-ah) = 6de4e6d3a4965a8dd59929360865c2b0b3b877ca +SHA1 (cpio-2.6.tar.gz) = 5a4ea156519909994fe05933dc823abcf07e3e21 +RMD160 (cpio-2.6.tar.gz) = 8246bdd08ab8727f9a8042d33ddfe3a6332476b8 +Size (cpio-2.6.tar.gz) = 556018 bytes +SHA1 (patch-ac) = df24b60d612ac59ef82a5d09a16a8be5a6d674ec +SHA1 (patch-ae) = c5f7d7f0574d37951caba9de05b9017c842c5980 +SHA1 (patch-ag) = 04364ee26f2301f6ddefd2a2bc2b1fff3686411f +SHA1 (patch-ah) = f7e17682c2f6783e72310ef1d82a1bfca376e5ce +SHA1 (patch-ai) = c3ad35aa4fe9c82e5110c52c61ca3405915e19ab +SHA1 (patch-aj) = 1a4f796692cdad64297590acea33f371c903fa66 +SHA1 (patch-ak) = fb1a4d78901b419e370609e28efe67bdb72cdbd5 +SHA1 (patch-al) = 3c1e71ad7a10c80e8ec82718ee44d138641eb18e +SHA1 (patch-am) = d380ee141b218c568abc69ad90def03add91cde5 +SHA1 (patch-an) = 943fe81aba7846bd8349cc2e31ab9525e019e99f +SHA1 (patch-ao) = 53c7b6bc1e00a0203665e12807b3388204f838c3 diff --git a/archivers/gcpio/patches/patch-aa b/archivers/gcpio/patches/patch-aa deleted file mode 100644 index 24bdfea0bc0..00000000000 --- a/archivers/gcpio/patches/patch-aa +++ /dev/null @@ -1,44 +0,0 @@ -$NetBSD: patch-aa,v 1.5 2004/06/06 21:29:33 minskim Exp $ - ---- Makefile.in.orig Wed Dec 20 11:28:30 1995 -+++ Makefile.in -@@ -66,9 +66,9 @@ - exec_prefix = @exec_prefix@ - - # Prefix for each installed program, normally empty or `g'. --binprefix = -+binprefix = @program_prefix@ - # Prefix for each installed man page, normally empty or `g'. --manprefix = -+manprefix = @program_prefix@ - - - # Where to install the cpio and mt executables. -@@ -101,7 +101,7 @@ - SRCS = copyin.c copyout.c copypass.c defer.c dstring.c global.c \ - main.c tar.c util.c error.c getopt.c getopt1.c filemode.c version.c \ - rtapelib.c dirname.c idcache.c makepath.c xmalloc.c stripslash.c \ --userspec.c xstrdup.c bcopy.c fnmatch.c mkdir.c strdup.c -+userspec.c xstrdup.c bcopy.c fnmatch.c mkdir.c - OBJS = copyin.o copyout.o copypass.o defer.o dstring.o global.o \ - main.o tar.o util.o error.o getopt.o getopt1.o filemode.o version.o \ - $(RTAPELIB) dirname.o idcache.o makepath.o xmalloc.o stripslash.o \ -@@ -117,17 +117,14 @@ - configure configure.in mkinstalldirs install-sh $(MT_SRCS) rmt.c tcexparg.c \ - alloca.c cpio.texi cpio.info texinfo.tex - --all: @PROGS@ -+all: cpio - - .c.o: - $(CC) -c $(CPPFLAGS) $(DEFS) -I$(srcdir) $(CFLAGS) $< - - install:: installdirs all $(srcdir)/cpio.1 $(srcdir)/mt.1 - $(INSTALL_PROGRAM) cpio $(bindir)/$(binprefix)cpio -- test ! -f mt || $(INSTALL_PROGRAM) mt $(bindir)/$(binprefix)mt -- -test ! -f rmt || $(INSTALL_PROGRAM) rmt $(libexecdir)/rmt - -$(INSTALL_DATA) $(srcdir)/cpio.1 $(mandir)/$(manprefix)cpio.$(manext) -- -test ! -f mt || $(INSTALL_DATA) $(srcdir)/mt.1 $(mandir)/$(manprefix)mt.$(manext) - - installdirs: - $(srcdir)/mkinstalldirs $(bindir) $(libexecdir) $(mandir) $(infodir) diff --git a/archivers/gcpio/patches/patch-ab b/archivers/gcpio/patches/patch-ab deleted file mode 100644 index d16d3411de1..00000000000 --- a/archivers/gcpio/patches/patch-ab +++ /dev/null @@ -1,12 +0,0 @@ -$NetBSD: patch-ab,v 1.4 2004/06/06 21:29:33 minskim Exp $ - ---- configure.orig 2001-08-29 22:37:00.000000000 -0500 -+++ configure -@@ -2118,6 +2118,7 @@ s%@LDFLAGS@%$LDFLAGS%g - s%@LIBS@%$LIBS%g - s%@exec_prefix@%$exec_prefix%g - s%@prefix@%$prefix%g -+s%@program_prefix@%$program_prefix%g - s%@program_transform_name@%$program_transform_name%g - s%@bindir@%$bindir%g - s%@sbindir@%$sbindir%g diff --git a/archivers/gcpio/patches/patch-ac b/archivers/gcpio/patches/patch-ac index 4b5dcaea903..0cd310440ff 100644 --- a/archivers/gcpio/patches/patch-ac +++ b/archivers/gcpio/patches/patch-ac @@ -1,7 +1,7 @@ -$NetBSD: patch-ac,v 1.3 2004/06/06 21:29:33 minskim Exp $ +$NetBSD: patch-ac,v 1.4 2005/11/03 19:38:50 adrianp Exp $ ---- filetypes.h.orig Sun Jul 19 01:53:46 1992 -+++ filetypes.h Thu Mar 5 13:20:46 1998 +--- src/filetypes.h.orig 2005-11-03 18:45:32.000000000 +0000 ++++ src/filetypes.h @@ -80,5 +80,3 @@ #ifndef S_ISLNK #define lstat stat diff --git a/archivers/gcpio/patches/patch-ae b/archivers/gcpio/patches/patch-ae index 0a448d56a2b..f741d3983fe 100644 --- a/archivers/gcpio/patches/patch-ae +++ b/archivers/gcpio/patches/patch-ae @@ -1,8 +1,8 @@ -$NetBSD: patch-ae,v 1.1 2004/06/06 21:29:33 minskim Exp $ +$NetBSD: patch-ae,v 1.2 2005/11/03 19:38:50 adrianp Exp $ ---- mkdir.c.orig 2001-12-05 22:54:41.000000000 -0600 -+++ mkdir.c -@@ -51,8 +51,8 @@ extern int errno; +--- lib/mkdir.c.orig 2005-11-03 18:48:32.000000000 +0000 ++++ lib/mkdir.c +@@ -52,8 +52,8 @@ extern int errno; int mkdir (dpath, dmode) diff --git a/archivers/gcpio/patches/patch-ag b/archivers/gcpio/patches/patch-ag index af136f7cd24..6d3360946f7 100644 --- a/archivers/gcpio/patches/patch-ag +++ b/archivers/gcpio/patches/patch-ag @@ -1,14 +1,14 @@ -$NetBSD: patch-ag,v 1.1 2005/01/18 16:04:39 tv Exp $ +$NetBSD: patch-ag,v 1.2 2005/11/03 19:38:50 adrianp Exp $ ---- system.h.orig 2005-01-18 11:03:19.000000000 -0500 -+++ system.h -@@ -59,6 +59,9 @@ off_t lseek (); - /* Since major is a function on SVR4, we can't use `ifndef major'. */ - #ifdef MAJOR_IN_MKDEV - #include +--- lib/system.h.orig 2005-11-03 18:51:50.000000000 +0000 ++++ lib/system.h +@@ -282,6 +282,9 @@ extern int errno; + + #if MAJOR_IN_MKDEV + # include +# if !defined(makedev) && defined(mkdev) +# define makedev(a,b) mkdev((a),(b)) +# endif - #define HAVE_MAJOR + # define GOT_MAJOR #endif diff --git a/archivers/gcpio/patches/patch-ah b/archivers/gcpio/patches/patch-ah index cb67fa554f9..2fcc8523bcb 100644 --- a/archivers/gcpio/patches/patch-ah +++ b/archivers/gcpio/patches/patch-ah @@ -1,16 +1,64 @@ -$NetBSD: patch-ah,v 1.1 2005/03/20 19:53:09 salo Exp $ +$NetBSD: patch-ah,v 1.2 2005/11/03 19:38:50 adrianp Exp $ ---- main.c.orig 2001-12-06 05:54:06.000000000 +0100 -+++ main.c 2005-03-20 20:34:33.000000000 +0100 -@@ -512,7 +512,6 @@ - char *argv[]; - { +--- src/main.c.orig 2005-11-03 19:08:15.000000000 +0000 ++++ src/main.c +@@ -41,6 +41,7 @@ + + enum cpio_options { + NO_ABSOLUTE_FILENAMES_OPTION=256, ++ ABSOLUTE_FILENAMES_OPTION, + NO_PRESERVE_OWNER_OPTION, + ONLY_VERIFY_CRC_OPTION, + RENAME_BATCH_FILE_OPTION, +@@ -134,6 +135,8 @@ static struct argp_option options[] = { + N_("In copy-in mode, read additional patterns specifying filenames to extract or list from FILE"), 210}, + {"no-absolute-filenames", NO_ABSOLUTE_FILENAMES_OPTION, 0, 0, + N_("Create all files relative to the current directory"), 210}, ++ {"absolute-filenames", ABSOLUTE_FILENAMES_OPTION, 0, 0, ++ N_("do not strip leading file name components that contain \"..\" and leading slashes from file names"), 210}, + {"only-verify-crc", ONLY_VERIFY_CRC_OPTION, 0, 0, + N_("When reading a CRC format archive in copy-in mode, only verify the CRC's of each file in the archive, don't actually extract the files"), 210}, + {"rename", 'r', 0, 0, +@@ -392,7 +395,11 @@ crc newc odc bin ustar tar (all-caps als + break; + + case NO_ABSOLUTE_FILENAMES_OPTION: /* --no-absolute-filenames */ +- no_abs_paths_flag = true; ++ abs_paths_flag = false; ++ break; ++ ++ case ABSOLUTE_FILENAMES_OPTION: /* --absolute-filenames */ ++ abs_paths_flag = true; + break; + + case NO_PRESERVE_OWNER_OPTION: /* --no-preserve-owner */ +@@ -631,7 +638,7 @@ process_args (int argc, char *argv[]) + _("--append is used but no archive file name is given (use -F or -O options"))); + + CHECK_USAGE(rename_batch_file, "--rename-batch-file", "--create"); +- CHECK_USAGE(no_abs_paths_flag, "--no-absolute-pathnames", "--create"); ++ CHECK_USAGE(abs_paths_flag, "--absolute-pathnames", "--create"); + CHECK_USAGE(input_archive_name, "-I", "--create"); + if (archive_name && output_archive_name) + USAGE_ERROR ((0, 0, _("Both -O and -F are used in copy-out mode"))); +@@ -658,7 +665,7 @@ process_args (int argc, char *argv[]) + CHECK_USAGE(rename_flag, "--rename", "--pass-through"); + CHECK_USAGE(append_flag, "--append", "--pass-through"); + CHECK_USAGE(rename_batch_file, "--rename-batch-file", "--pass-through"); +- CHECK_USAGE(no_abs_paths_flag, "--no-absolute-pathnames", ++ CHECK_USAGE(abs_paths_flag, "--absolute-pathnames", + "--pass-through"); + CHECK_USAGE(to_stdout_option, "--to-stdout", "--pass-through"); + +@@ -740,7 +747,6 @@ main (int argc, char *argv[]) + textdomain (PACKAGE); + program_name = argv[0]; - umask (0); #ifdef __TURBOC__ _fmode = O_BINARY; /* Put stdin and stdout in binary mode. */ -@@ -523,6 +522,7 @@ +@@ -751,6 +757,7 @@ main (int argc, char *argv[]) #endif process_args (argc, argv); diff --git a/archivers/gcpio/patches/patch-ai b/archivers/gcpio/patches/patch-ai new file mode 100644 index 00000000000..e2ad456ea76 --- /dev/null +++ b/archivers/gcpio/patches/patch-ai @@ -0,0 +1,174 @@ +$NetBSD: patch-ai,v 1.1 2005/11/03 19:38:50 adrianp Exp $ + +--- src/copyin.c.orig 2005-11-03 19:08:29.000000000 +0000 ++++ src/copyin.c +@@ -25,6 +25,7 @@ + #include "dstring.h" + #include "extern.h" + #include "defer.h" ++#include "dirname.h" + #include + #ifndef FNM_PATHNAME + #include +@@ -389,19 +390,26 @@ create_final_defers () + continue; + } + +- if (close (out_file_des) < 0) +- error (0, errno, "%s", d->header.c_name); +- ++ /* ++ * Avoid race condition. ++ * Set chown and chmod before closing the file desc. ++ * pvrabec@redhat.com ++ */ ++ + /* File is now copied; set attributes. */ + if (!no_chown_flag) +- if ((chown (d->header.c_name, ++ if ((fchown (out_file_des, + set_owner_flag ? set_owner : d->header.c_uid, + set_group_flag ? set_group : d->header.c_gid) < 0) + && errno != EPERM) + error (0, errno, "%s", d->header.c_name); + /* chown may have turned off some permissions we wanted. */ +- if (chmod (d->header.c_name, (int) d->header.c_mode) < 0) ++ if (fchmod (out_file_des, (int) d->header.c_mode) < 0) + error (0, errno, "%s", d->header.c_name); ++ ++ if (close (out_file_des) < 0) ++ error (0, errno, "%s", d->header.c_name); ++ + if (retain_time_flag) + { + times.actime = times.modtime = d->header.c_mtime; +@@ -557,6 +565,25 @@ copyin_regular_file (struct new_cpio_hea + write (out_file_des, "", 1); + delayed_seek_count = 0; + } ++ ++ /* ++ * Avoid race condition. ++ * Set chown and chmod before closing the file desc. ++ * pvrabec@redhat.com ++ */ ++ ++ /* File is now copied; set attributes. */ ++ if (!no_chown_flag) ++ if ((fchown (out_file_des, ++ set_owner_flag ? set_owner : file_hdr->c_uid, ++ set_group_flag ? set_group : file_hdr->c_gid) < 0) ++ && errno != EPERM) ++ error (0, errno, "%s", file_hdr->c_name); ++ ++ /* chown may have turned off some permissions we wanted. */ ++ if (fchmod (out_file_des, (int) file_hdr->c_mode) < 0) ++ error (0, errno, "%s", file_hdr->c_name); ++ + if (close (out_file_des) < 0) + error (0, errno, "%s", file_hdr->c_name); + +@@ -567,18 +594,6 @@ copyin_regular_file (struct new_cpio_hea + file_hdr->c_name, crc, file_hdr->c_chksum); + } + +- /* File is now copied; set attributes. */ +- if (!no_chown_flag) +- if ((chown (file_hdr->c_name, +- set_owner_flag ? set_owner : file_hdr->c_uid, +- set_group_flag ? set_group : file_hdr->c_gid) < 0) +- && errno != EPERM) +- error (0, errno, "%s", file_hdr->c_name); +- +- /* chown may have turned off some permissions we wanted. */ +- if (chmod (file_hdr->c_name, (int) file_hdr->c_mode) < 0) +- error (0, errno, "%s", file_hdr->c_name); +- + if (retain_time_flag) + { + struct utimbuf times; /* For setting file times. */ +@@ -589,7 +604,7 @@ copyin_regular_file (struct new_cpio_hea + if (utime (file_hdr->c_name, ×) < 0) + error (0, errno, "%s", file_hdr->c_name); + } +- ++ + tape_skip_padding (in_file_des, file_hdr->c_filesize); + if (file_hdr->c_nlink > 1 + && (archive_format == arf_newascii || archive_format == arf_crcascii) ) +@@ -1335,6 +1350,53 @@ swab_array (char *ptr, int count) + } + } + ++/* Return a safer suffix of FILE_NAME, or "." if it has no safer ++ suffix. Check for fully specified file names and other atrocities. */ ++ ++static const char * ++safer_name_suffix (char const *file_name) ++{ ++ char const *p; ++ ++ /* Skip file system prefixes, leading file name components that contain ++ "..", and leading slashes. */ ++ ++ size_t prefix_len = FILE_SYSTEM_PREFIX_LEN (file_name); ++ ++ for (p = file_name + prefix_len; *p;) ++ { ++ if (p[0] == '.' && p[1] == '.' && (ISSLASH (p[2]) || !p[2])) ++ prefix_len = p + 2 - file_name; ++ ++ do ++ { ++ char c = *p++; ++ if (ISSLASH (c)) ++ break; ++ } ++ while (*p); ++ } ++ ++ for (p = file_name + prefix_len; ISSLASH (*p); p++) ++ continue; ++ prefix_len = p - file_name; ++ ++ if (prefix_len) ++ { ++ char *prefix = alloca (prefix_len + 1); ++ memcpy (prefix, file_name, prefix_len); ++ prefix[prefix_len] = '\0'; ++ ++ ++ error (0, 0, _("Removing leading `%s' from member names"), prefix); ++ } ++ ++ if (!*p) ++ p = "."; ++ ++ return p; ++} ++ + /* Read the collection from standard input and create files + in the file system. */ + +@@ -1445,18 +1507,11 @@ process_copy_in () + + /* Do we have to ignore absolute paths, and if so, does the filename + have an absolute path? */ +- if (no_abs_paths_flag && file_hdr.c_name && file_hdr.c_name [0] == '/') ++ if (!abs_paths_flag && file_hdr.c_name && file_hdr.c_name [0]) + { +- char *p; ++ const char *p = safer_name_suffix (file_hdr.c_name); + +- p = file_hdr.c_name; +- while (*p == '/') +- ++p; +- if (*p == '\0') +- { +- strcpy (file_hdr.c_name, "."); +- } +- else ++ if (p != file_hdr.c_name) + { + /* Debian hack: file_hrd.c_name is sometimes set to + point to static memory by code in tar.c. This diff --git a/archivers/gcpio/patches/patch-aj b/archivers/gcpio/patches/patch-aj new file mode 100644 index 00000000000..8f10edcce54 --- /dev/null +++ b/archivers/gcpio/patches/patch-aj @@ -0,0 +1,13 @@ +$NetBSD: patch-aj,v 1.1 2005/11/03 19:38:50 adrianp Exp $ + +--- src/global.c.orig 2004-09-08 11:23:44.000000000 +0100 ++++ src/global.c +@@ -100,7 +100,7 @@ int quiet_flag = false; + int only_verify_crc_flag = false; + + /* If true, don't use any absolute paths, prefix them by `./'. */ +-int no_abs_paths_flag = false; ++int abs_paths_flag = false; + + #ifdef DEBUG_CPIO + /* If true, print debugging information. */ diff --git a/archivers/gcpio/patches/patch-ak b/archivers/gcpio/patches/patch-ak new file mode 100644 index 00000000000..a2084ddda05 --- /dev/null +++ b/archivers/gcpio/patches/patch-ak @@ -0,0 +1,13 @@ +$NetBSD: patch-ak,v 1.1 2005/11/03 19:38:50 adrianp Exp $ + +--- src/extern.h.orig 2004-09-08 11:49:57.000000000 +0100 ++++ src/extern.h +@@ -46,7 +46,7 @@ extern int no_chown_flag; + extern int sparse_flag; + extern int quiet_flag; + extern int only_verify_crc_flag; +-extern int no_abs_paths_flag; ++extern int abs_paths_flag; + extern unsigned int warn_option; + + /* Values for warn_option */ diff --git a/archivers/gcpio/patches/patch-al b/archivers/gcpio/patches/patch-al new file mode 100644 index 00000000000..1bca3685cd4 --- /dev/null +++ b/archivers/gcpio/patches/patch-al @@ -0,0 +1,26 @@ +$NetBSD: patch-al,v 1.1 2005/11/03 19:38:50 adrianp Exp $ + +--- doc/cpio.info.orig 2004-02-27 12:42:01.000000000 +0000 ++++ doc/cpio.info +@@ -203,7 +203,7 @@ extracted. *Note Options::. + [--swap-halfwords] [--io-size=bytes] [--pattern-file=file] + [--format=format] [--owner=[user][:.][group]] + [--no-preserve-owner] [--message=message] [--help] [--version] +- [-no-absolute-filenames] [--sparse] [-only-verify-crc] [-quiet] ++ [--absolute-filenames] [--sparse] [-only-verify-crc] [-quiet] + [--rsh-command=command] [pattern...] [< archive] + +  +@@ -358,9 +358,9 @@ Options + Show numeric UID and GID instead of translating them into names + when using the `--verbose option'. + +-`--no-absolute-filenames' +- Create all files relative to the current directory in copy-in +- mode, even if they have an absolute file name in the archive. ++`--absolute-filenames' ++ Do not strip leading file name components that contain ".." ++ and leading slashes from file names in copy-in mode + + `--no-preserve-owner' + Do not change the ownership of the files; leave them owned by the diff --git a/archivers/gcpio/patches/patch-am b/archivers/gcpio/patches/patch-am new file mode 100644 index 00000000000..4fededdf6e6 --- /dev/null +++ b/archivers/gcpio/patches/patch-am @@ -0,0 +1,13 @@ +$NetBSD: patch-am,v 1.1 2005/11/03 19:38:50 adrianp Exp $ + +--- doc/cpio.1.orig 2004-08-30 17:21:48.000000000 +0100 ++++ doc/cpio.1 +@@ -20,7 +20,7 @@ cpio \- copy files to and from archives + [\-\-unconditional] [\-\-verbose] [\-\-block-size=blocks] [\-\-swap-halfwords] + [\-\-io-size=bytes] [\-\-pattern-file=file] [\-\-format=format] + [\-\-owner=[user][:.][group]] [\-\-no-preserve-owner] [\-\-message=message] +-[\-\-force\-local] [\-\-no\-absolute\-filenames] [\-\-sparse] ++[\-\-force\-local] [\-\-absolute\-filenames] [\-\-sparse] + [\-\-only\-verify\-crc] [\-\-quiet] [\-\-rsh-command=command] [\-\-help] + [\-\-version] [pattern...] [< archive] + diff --git a/archivers/gcpio/patches/patch-an b/archivers/gcpio/patches/patch-an new file mode 100644 index 00000000000..9fd3a70dddc --- /dev/null +++ b/archivers/gcpio/patches/patch-an @@ -0,0 +1,31 @@ +$NetBSD: patch-an,v 1.1 2005/11/03 19:38:50 adrianp Exp $ + +--- src/userspec.c.orig 2005-06-22 23:26:10.000000000 +0100 ++++ src/userspec.c +@@ -72,7 +72,7 @@ extern struct group *getgrgid (gid_t gid + otherwise return 0. */ + + static int +-isnumber (const char *str) ++cpio_isnumber (const char *str) + { + for (; *str; str++) + if (!isdigit (*str)) +@@ -136,7 +136,7 @@ parse_user_spec (const char *spec_arg, u + if (pwd == NULL) + { + +- if (!isnumber (u)) ++ if (!cpio_isnumber (u)) + error_msg = _("invalid user"); + else + { +@@ -182,7 +182,7 @@ parse_user_spec (const char *spec_arg, u + grp = getgrnam (g); + if (grp == NULL) + { +- if (!isnumber (g)) ++ if (!cpio_isnumber (g)) + error_msg = _("invalid group"); + else + *gid = atoi (g); diff --git a/archivers/gcpio/patches/patch-ao b/archivers/gcpio/patches/patch-ao new file mode 100644 index 00000000000..253aa0a2c8f --- /dev/null +++ b/archivers/gcpio/patches/patch-ao @@ -0,0 +1,35 @@ +$NetBSD: patch-ao,v 1.1 2005/11/03 19:38:50 adrianp Exp $ + +--- src/copypass.c.orig 2004-09-06 13:09:04.000000000 +0100 ++++ src/copypass.c +@@ -181,19 +181,25 @@ process_copy_pass () + } + if (close (in_file_des) < 0) + error (0, errno, "%s", input_name.ds_string); +- if (close (out_file_des) < 0) +- error (0, errno, "%s", output_name.ds_string); +- ++ /* ++ * Avoid race condition. ++ * Set chown and chmod before closing the file desc. ++ * pvrabec@redhat.com ++ */ + /* Set the attributes of the new file. */ + if (!no_chown_flag) +- if ((chown (output_name.ds_string, ++ if ((fchown (out_file_des, + set_owner_flag ? set_owner : in_file_stat.st_uid, + set_group_flag ? set_group : in_file_stat.st_gid) < 0) + && errno != EPERM) + error (0, errno, "%s", output_name.ds_string); + /* chown may have turned off some permissions we wanted. */ +- if (chmod (output_name.ds_string, in_file_stat.st_mode) < 0) ++ if (fchmod (out_file_des, in_file_stat.st_mode) < 0) ++ error (0, errno, "%s", output_name.ds_string); ++ ++ if (close (out_file_des) < 0) + error (0, errno, "%s", output_name.ds_string); ++ + if (reset_time_flag) + { + times.actime = in_file_stat.st_atime; -- cgit v1.2.3