. Ensure that when files are extracted that their fully resolved path lies

in or below the current working directory. Fixes a security problem with jar(1). This fix may change to be compatible with whatever fix Sun applies when they release the next version of 1.5. . Bump PORTREVISION for this fix. Security: http://vuxml.FreeBSD.org/18e5428f-ae7c-11d9-837d-000e0c2e438a.html
svn path=/head/; revision=134505
2005-05-02 18:55:36 +00:00 · 2005-05-02 18:55:36 +00:00 · 8805fa551a · 2021-03-31 03:12:20 +00:00
commit 8805fa551a
parent c57702320f
3 changed files with 72 additions and 1 deletions
--- a/java/jdk12/Makefile
+++ b/java/jdk12/Makefile
@ -7,7 +7,7 @@

 PORTNAME=	jdk
 PORTVERSION=	${JDK_VERSION}p${JDK_PATCHSET_VERSION}
-PORTREVISION=	3
+PORTREVISION=	4
 CATEGORIES=	java devel
 MASTER_SITES=	# http://www.sun.com/software/java2/download.html
 #		 http://www.eyesbeyond.com/freebsddom/java/jdk.html
--- a/java/jdk12/files/patch-src-jar-Main.java
+++ b/java/jdk12/files/patch-src-jar-Main.java
@ -0,0 +1,58 @@
+$FreeBSD$
+
+--- ../../src/share/classes/sun/tools/jar/Main.java	4 Aug 1999 21:07:59 -0000	1.1.1.2
+++ ../../src/share/classes/sun/tools/jar/Main.java	1 May 2005 04:57:29 -0000
+@@ -37,6 +37,7 @@
+     Hashtable filesTable = new Hashtable();
+     Vector paths = new Vector();
+     Vector v;
+    String cwd;
+     CRC32 crc32 = new CRC32();
+     /* cflag: create
+      * uflag: update       
+@@ -632,6 +633,19 @@
+      * Extracts specified entries from JAR file.
+      */
+     void extract(InputStream in, String files[]) throws IOException {
+    	// Current working directory
+
+	cwd = System.getProperty("user.dir");
+	if (cwd == null) {
+            fatalError(getMsg("error.no.cwd"));
+	}
+	cwd = (new File(cwd)).getCanonicalPath();
+	if (!cwd.endsWith(File.separator)) {
+	    cwd += File.separator;
+	}
+
+	// Extract the files
+
+ 	ZipInputStream zis = new ZipInputStream(in);
+ 	ZipEntry e;
+ 	while ((e = zis.getNextEntry()) != null) {
+@@ -656,6 +670,10 @@
+     void extractFile(ZipInputStream zis, ZipEntry e) throws IOException {
+         String name = e.getName();
+ 	File f = new File(e.getName().replace('/', File.separatorChar));
+	if (!f.getCanonicalPath().startsWith(cwd)) {
+ 	    output(formatMsg("out.ignore.entry", name));
+	    return;
+	}
+ 	if (e.isDirectory()) {
+ 	    if (!f.exists() && !f.mkdirs() || !f.isDirectory()) {
+ 		throw new IOException(formatMsg("error.create.dir", f.getPath()));
+@@ -666,6 +684,10 @@
+ 	} else {
+ 	    if (f.getParent() != null) {
+ 		File d = new File(f.getParent());
+		if (!d.getCanonicalPath().startsWith(cwd)) {
+	 	    output(formatMsg("out.ignore.entry", name));
+		    return;
+		}
+ 		if (!d.exists() && !d.mkdirs() || !d.isDirectory()) {
+ 		    throw new IOException(formatMsg("error.create.dir", d.getPath()));
+ 		}
+Index: src/share/classes/sun/tools/jar/resources/jar.properties
+===================================================================
+RCS file: /var/jcvs/javasrc/src/share/classes/sun/tools/jar/resources/jar.properties,v
+retrieving revision 1.1.1.1
--- a/java/jdk12/files/patch-src-resources-jar.properties
+++ b/java/jdk12/files/patch-src-resources-jar.properties
@ -0,0 +1,13 @@
+$FreeBSD$
+
+--- ../../src/share/classes/sun/tools/jar/resources/jar.properties	4 Aug 1999 21:07:59 -0000	1.1.1.1
+++ ../../src/share/classes/sun/tools/jar/resources/jar.properties	1 May 2005 04:57:38 -0000
+@@ -30,6 +30,8 @@
+         {0} : could not create directory
+ error.incorrect.length=\
+         incorrect length while processing: {0}
+error.no.cwd=\
+	{0} : could not determine current working directory
+ out.added.manifest=\
+         added manifest
+ out.update.manifest=\