382d846391
cpio used a 0 umask when creating files using the -O (archive) or -F options, which created the files with mode 0666 and allowed local users to read or overwrite those files. (CAN-1999-1572)
45 lines
1.3 KiB
Plaintext
45 lines
1.3 KiB
Plaintext
$OpenBSD: patch-tar_c,v 1.2 2005/02/11 23:28:34 naddy Exp $
|
|
--- tar.c.orig Thu Dec 6 05:55:34 2001
|
|
+++ tar.c Sat Feb 12 00:02:39 2005
|
|
@@ -27,6 +27,7 @@
|
|
#include "tarhdr.h"
|
|
|
|
static void to_oct ();
|
|
+static void to_oct_no_nul ();
|
|
static char *stash_tar_linkname ();
|
|
static char *stash_tar_filename ();
|
|
|
|
@@ -97,8 +98,8 @@ write_out_tar_header (file_hdr, out_des)
|
|
to_oct (file_hdr->c_mode, 8, tar_hdr->mode);
|
|
to_oct (file_hdr->c_uid, 8, tar_hdr->uid);
|
|
to_oct (file_hdr->c_gid, 8, tar_hdr->gid);
|
|
- to_oct (file_hdr->c_filesize, 12, tar_hdr->size);
|
|
- to_oct (file_hdr->c_mtime, 12, tar_hdr->mtime);
|
|
+ to_oct_no_nul (file_hdr->c_filesize, 12, tar_hdr->size);
|
|
+ to_oct_no_nul (file_hdr->c_mtime, 12, tar_hdr->mtime);
|
|
|
|
switch (file_hdr->c_mode & CP_IFMT)
|
|
{
|
|
@@ -444,6 +445,21 @@ to_oct (value, digits, where)
|
|
/* Add leading spaces, if necessary. */
|
|
while (digits > 0)
|
|
where[--digits] = ' ';
|
|
+}
|
|
+
|
|
+/* Convert a number into a string of octal digits.
|
|
+ Convert long VALUE into a DIGITS-digit field at WHERE,
|
|
+ including a trailing space. DIGITS==2 means
|
|
+ 1 digit, and a space.
|
|
+*/
|
|
+
|
|
+static void
|
|
+to_oct_no_nul (value, digits, where)
|
|
+ register long value;
|
|
+ register int digits;
|
|
+ register char *where;
|
|
+{
|
|
+ to_oct (value, digits + 1, where);
|
|
}
|
|
|
|
/* Return
|