core/cpio/CVE-2017-7516.patch

diff --git a/src/copyin.c b/src/copyin.c
index ba887ae..38ca70e 100644
--- a/src/copyin.c
+++ b/src/copyin.c
@@ -645,6 +645,7 @@ copyin_link (struct cpio_file_stat *file_hdr, int in_file_des)
       link_name = xstrdup (file_hdr->c_tar_linkname);
     }
 
+  cpio_safer_name_suffix (link_name, false, !no_abs_paths_flag, false);
   res = UMASKED_SYMLINK (link_name, file_hdr->c_name,
 			 file_hdr->c_mode);
   if (res < 0 && create_dir_flag)
cpio: added patch for CVE-2017-7516. Closes FS#1573 Report and patch from Lee (thanks!) 2018-02-13 00:11:55 +01:00			`diff --git a/src/copyin.c b/src/copyin.c`
			`index ba887ae..38ca70e 100644`
			`--- a/src/copyin.c`
			`+++ b/src/copyin.c`
			`@@ -645,6 +645,7 @@ copyin_link (struct cpio_file_stat *file_hdr, int in_file_des)`
			`link_name = xstrdup (file_hdr->c_tar_linkname);`
			`}`

			`+ cpio_safer_name_suffix (link_name, false, !no_abs_paths_flag, false);`
			`res = UMASKED_SYMLINK (link_name, file_hdr->c_name,`
			`file_hdr->c_mode);`
			`if (res < 0 && create_dir_flag)`