c1d595ad3d
function allows remote attackers to cause a denial of service via a large block value in a cpio archive. Fix from a series of upstream commits by Sergey Poznyakoff, via Debian. CVE-2015-1197: cpio, when using the --no-absolute-filenames option, allows local users to write to arbitrary files via a symlink attack on a file in an archive. Fix from Vitezslav Cizek after 3.5 years of gestation in the SUSE bug tracker, via Debian. Also apply an upstream fix for some regression tests while here.
17 lines
525 B
Plaintext
17 lines
525 B
Plaintext
$OpenBSD: patch-src_global_c,v 1.1 2015/03/31 15:36:52 naddy Exp $
|
|
|
|
CVE-2015-1197: cpio directory traversal
|
|
|
|
--- src/global.c.orig Fri Feb 12 11:19:23 2010
|
|
+++ src/global.c Sun Mar 29 21:11:10 2015
|
|
@@ -187,6 +187,9 @@ bool to_stdout_option = false;
|
|
/* The name this program was run with. */
|
|
char *program_name;
|
|
|
|
+/* Extract files over symbolic links */
|
|
+bool extract_over_symlinks;
|
|
+
|
|
/* A pointer to either lstat or stat, depending on whether
|
|
dereferencing of symlinks is done for input files. */
|
|
int (*xstat) ();
|