summaryrefslogtreecommitdiff
path: root/usr.bin/ar
diff options
context:
space:
mode:
authorSimon J. Gerraty <sjg@FreeBSD.org>2015-05-27 01:19:58 +0000
committerSimon J. Gerraty <sjg@FreeBSD.org>2015-05-27 01:19:58 +0000
commit98e0ffaefb0f241cda3a72395d3be04192ae0d47 (patch)
tree55c065b6730aaac2afb6c29933ee6ec5fa4c4249 /usr.bin/ar
parentb17ff922d4072ae132ece458f5b5d74a236880ac (diff)
parente81032ad243db32b8fd615b2d55ee94b9f6a5b6a (diff)
downloadsrc-test2-98e0ffaefb0f241cda3a72395d3be04192ae0d47.tar.gz
src-test2-98e0ffaefb0f241cda3a72395d3be04192ae0d47.zip
Notes
Diffstat (limited to 'usr.bin/ar')
-rw-r--r--usr.bin/ar/Makefile3
-rw-r--r--usr.bin/ar/Makefile.depend6
-rw-r--r--usr.bin/ar/read.c13
3 files changed, 18 insertions, 4 deletions
diff --git a/usr.bin/ar/Makefile b/usr.bin/ar/Makefile
index 157d4113309c..7a6601a7d043 100644
--- a/usr.bin/ar/Makefile
+++ b/usr.bin/ar/Makefile
@@ -5,8 +5,7 @@
PROG= ar
SRCS= ar.c acplex.l acpyacc.y read.c util.c write.c y.tab.h
-DPADD= ${LIBARCHIVE} ${LIBELF} ${LIBZ}
-LDADD= -larchive -lelf -lz
+LIBADD= archive elf
NO_WMISSING_VARIABLE_DECLARATIONS=
diff --git a/usr.bin/ar/Makefile.depend b/usr.bin/ar/Makefile.depend
index c8ce9caa1d3c..924359fe47d8 100644
--- a/usr.bin/ar/Makefile.depend
+++ b/usr.bin/ar/Makefile.depend
@@ -8,10 +8,16 @@ DIRDEPS = \
include/xlocale \
lib/${CSU_DIR} \
lib/libarchive \
+ lib/libbz2 \
lib/libc \
lib/libcompiler_rt \
lib/libelf \
+ lib/libexpat \
+ lib/liblzma \
+ lib/libthr \
lib/libz \
+ secure/lib/libcrypto \
+ usr.bin/yacc.host \
.include <dirdeps.mk>
diff --git a/usr.bin/ar/read.c b/usr.bin/ar/read.c
index e595869e4df0..704812cebb30 100644
--- a/usr.bin/ar/read.c
+++ b/usr.bin/ar/read.c
@@ -102,7 +102,8 @@ read_archive(struct bsdar *bsdar, char mode)
continue;
}
- name = archive_entry_pathname(entry);
+ if ((name = archive_entry_pathname(entry)) == NULL)
+ break;
/* Skip pseudo members. */
if (strcmp(name, "/") == 0 || strcmp(name, "//") == 0)
@@ -186,7 +187,15 @@ read_archive(struct bsdar *bsdar, char mode)
if (bsdar->options & AR_V)
(void)fprintf(stdout, "x - %s\n", name);
- flags = 0;
+ /* Disallow absolute paths. */
+ if (name[0] == '/') {
+ bsdar_warnc(bsdar, 0,
+ "Absolute path '%s'", name);
+ continue;
+ }
+ /* Basic path security flags. */
+ flags = ARCHIVE_EXTRACT_SECURE_SYMLINKS |
+ ARCHIVE_EXTRACT_SECURE_NODOTDOT;
if (bsdar->options & AR_O)
flags |= ARCHIVE_EXTRACT_TIME;
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-22 08:05:27 +0000