73 lines
2.6 KiB
Diff
73 lines
2.6 KiB
Diff
|
Description: Fix for not allowing a malicious cpio file to extract to an arbitrary directory.
|
|||
|
Origin: http://lwn.net/Articles/143418/
|
|||
|
http://www.xs4all.nl/~hanb/software/crux/han/cpio/cpio.patch
|
|||
|
Upstream status: Unknown (2005-07-21)
|
|||
|
|
|||
|
diff -Nru cpio-2.6/configure.ac cpio-2.6-new/configure.ac
|
|||
|
--- cpio-2.6/configure.ac 2004-12-20 11:46:30.000000000 +0100
|
|||
|
+++ cpio-2.6-new/configure.ac 2005-07-21 16:07:42.000000000 +0200
|
|||
|
@@ -95,7 +95,7 @@
|
|||
|
AC_CHECK_FUNCS(lchown endpwent endgrent)
|
|||
|
AC_FUNC_VPRINTF
|
|||
|
AC_FUNC_ALLOCA
|
|||
|
-AC_CHECK_LIB(nsl, gethostname, [LIBS="$LIBS -lnsl"])
|
|||
|
+dnl AC_CHECK_LIB(nsl, gethostname, [LIBS="$LIBS -lnsl"])
|
|||
|
AC_CHECK_LIB(socket, setsockopt, [LIBS="$LIBS -lsocket"])
|
|||
|
|
|||
|
# Gettext.
|
|||
|
diff -Nru cpio-2.6/src/copyout.c cpio-2.6-new/src/copyout.c
|
|||
|
--- cpio-2.6/src/copyout.c 2004-10-14 11:14:03.000000000 +0200
|
|||
|
+++ cpio-2.6-new/src/copyout.c 2005-07-21 16:07:42.000000000 +0200
|
|||
|
@@ -305,7 +305,7 @@
|
|||
|
else
|
|||
|
magic_string = "070701";
|
|||
|
sprintf (ascii_header,
|
|||
|
- "%6s%08lx%08lx%08lx%08lx%08lx%08lx%08lx%08lx%08lx%08lx%08lx%08lx%08lx",
|
|||
|
+ "%6s%08lx%08lx%08lx%08lx%08lx%08x%08lx%08lx%08lx%08lx%08lx%08lx%08lx",
|
|||
|
magic_string,
|
|||
|
file_hdr->c_ino, file_hdr->c_mode, file_hdr->c_uid,
|
|||
|
file_hdr->c_gid, file_hdr->c_nlink, file_hdr->c_mtime,
|
|||
|
diff -Nru cpio-2.6/src/extern.h cpio-2.6-new/src/extern.h
|
|||
|
--- cpio-2.6/src/extern.h 2004-09-08 12:49:57.000000000 +0200
|
|||
|
+++ cpio-2.6-new/src/extern.h 2005-07-21 16:07:42.000000000 +0200
|
|||
|
@@ -91,6 +91,7 @@
|
|||
|
extern char input_is_seekable;
|
|||
|
extern char output_is_seekable;
|
|||
|
extern char *program_name;
|
|||
|
+extern mode_t sys_umask;
|
|||
|
extern int (*xstat) ();
|
|||
|
extern void (*copy_function) ();
|
|||
|
|
|||
|
diff -Nru cpio-2.6/src/global.c cpio-2.6-new/src/global.c
|
|||
|
--- cpio-2.6/src/global.c 2004-09-08 12:23:44.000000000 +0200
|
|||
|
+++ cpio-2.6-new/src/global.c 2005-07-21 16:07:42.000000000 +0200
|
|||
|
@@ -195,6 +195,9 @@
|
|||
|
/* The name this program was run with. */
|
|||
|
char *program_name;
|
|||
|
|
|||
|
+/* Debian hack to make the -d option honor the umask. */
|
|||
|
+mode_t sys_umask;
|
|||
|
+
|
|||
|
/* A pointer to either lstat or stat, depending on whether
|
|||
|
dereferencing of symlinks is done for input files. */
|
|||
|
int (*xstat) ();
|
|||
|
diff -Nru cpio-2.6/src/main.c cpio-2.6-new/src/main.c
|
|||
|
--- cpio-2.6/src/main.c 2004-11-23 01:42:18.000000000 +0100
|
|||
|
+++ cpio-2.6-new/src/main.c 2005-07-21 16:07:42.000000000 +0200
|
|||
|
@@ -740,7 +740,6 @@
|
|||
|
textdomain (PACKAGE);
|
|||
|
|
|||
|
program_name = argv[0];
|
|||
|
- umask (0);
|
|||
|
|
|||
|
#ifdef __TURBOC__
|
|||
|
_fmode = O_BINARY; /* Put stdin and stdout in binary mode. */
|
|||
|
@@ -751,6 +750,7 @@
|
|||
|
#endif
|
|||
|
|
|||
|
process_args (argc, argv);
|
|||
|
+ sys_umask = umask (0);
|
|||
|
|
|||
|
initialize_buffers ();
|
|||
|
|