Date: Wed, 12 Jun 2002 01:49:56 +0200 (CEST) From: Cyrille Lefevre <cyrille.lefevre@laposte.net> To: freebsd stable <freebsd-stable@FreeBSD.org>, freebsd current <freebsd-current@FreeBSD.org> Cc: Trevor Johnson <trevor@jpj.net>, Dan Nelson <dnelson@allantgroup.com>, Maxim Sobolev <sobomax@FreeBSD.org> Subject: pax fix (was Re: WARNING! New GNU Tar in 5-CURRENT could erroneously create world writeable dirs) Message-ID: <200206112349.g5BNnu6I044254@gits.gits.dyndns.org> In-Reply-To: <20020607112731.GB28015@gits.dyndns.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Jun 7, 2002 01:27:31 pm +0200, Cyrille Lefevre wrote: > On Fri, Jun 07, 2002 at 02:15:09AM -0400, Trevor Johnson wrote: > > Dan Nelson wrote: > [snip] > > According to Mr. Schilling's testing, GNU tar 1.13.25 has a bug: > > ftp://ftp.fokus.gmd.de/pub/unix/star/testscripts/README.gtarfail . I guess > > it qualifies as a "non-trivial program". :-) > > FYI, the current pax implementation is able to handle the following > archives from ftp://ftp.fokus.gmd.de/pub/unix/star/testscripts/ : > > 100char_longlink.tar > gtarfail.tar > gtarfail2.tar > > but miserably fail on this one : > > long.ustar.gz > > $ uname -a > FreeBSD gits 4.6-RC FreeBSD 4.6-RC #7: Sun Jun 2 16:33:05 CEST 2002 root@gits:/disk2/4.x-stable/src/sys/compile/CUSTOM i386 > $ pax -zvf > -rw-r--r-- 1 486 cvs 4 Apr 19 2000 ___________________ > ___________________________________________________________________________D_099 > /_______________________________________________________________________________ > __________________1000000644 0000746 0003720 00000000004 07077317140 0055507 0 > > $ star -zvtf > 4 -rw-r--r-- jes/cats Apr 19 13:54 2000 __________________________________ > ____________________________________________________________D_099/______________ > ________________________________________________________________________________ > ___100 > > I'll try to fix this... done, here is the patch which may be integrated to 4.6 -release ? Index: /tmp/src/bin/pax/tar.c =================================================================== RCS file: /home/ncvs/src/bin/pax/tar.c,v retrieving revision 1.19 diff -u -r1.19 tar.c --- /tmp/src/bin/pax/tar.c 16 May 2002 01:57:13 -0000 1.19 +++ /tmp/src/bin/pax/tar.c 11 Jun 2002 23:39:16 -0000 @@ -758,7 +758,7 @@ *dest++ = '/'; cnt++; } - arcn->nlen = cnt + l_strncpy(dest, hd->name, sizeof(arcn->name) - cnt); + arcn->nlen = cnt + l_strncpy(dest, hd->name, MIN(TNMSZ + 1, sizeof(arcn->name) - cnt) - 1); arcn->name[arcn->nlen] = '\0'; /* PS : I've finished to merge diffs from OpenBSD last week, but diffs w/ NetBSD are really big... so, be patient :P Cyrille. -- Cyrille Lefevre mailto:cyrille.lefevre@laposte.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200206112349.g5BNnu6I044254>