ports/core
4
3
Fork 0
Code Issues Pull Requests Activity
3.5-rc1
core/cpio/CVE-2017-7516.patch
Fredrik Rinnestam 06c60ebc03 cpio: added patch for CVE-2017-7516. Closes FS#1573 
Report and patch from Lee (thanks!)
2018-02-13 00:12:00 +01:00

13 lines
443 B
Diff
Raw Permalink Blame History

diff --git a/src/copyin.c b/src/copyin.c
index ba887ae..38ca70e 100644
--- a/src/copyin.c
+++ b/src/copyin.c
@@ -645,6 +645,7 @@ copyin_link (struct cpio_file_stat *file_hdr, int in_file_des)
link_name = xstrdup (file_hdr->c_tar_linkname);
}
+ cpio_safer_name_suffix (link_name, false, !no_abs_paths_flag, false);
res = UMASKED_SYMLINK (link_name, file_hdr->c_name,
file_hdr->c_mode);
if (res < 0 && create_dir_flag)
Reference in New Issue View Git Blame Copy Permalink