diff options
author | Simon J. Gerraty <sjg@FreeBSD.org> | 2015-05-27 01:19:58 +0000 |
---|---|---|
committer | Simon J. Gerraty <sjg@FreeBSD.org> | 2015-05-27 01:19:58 +0000 |
commit | 98e0ffaefb0f241cda3a72395d3be04192ae0d47 (patch) | |
tree | 55c065b6730aaac2afb6c29933ee6ec5fa4c4249 /usr.bin/ar | |
parent | b17ff922d4072ae132ece458f5b5d74a236880ac (diff) | |
parent | e81032ad243db32b8fd615b2d55ee94b9f6a5b6a (diff) | |
download | src-test2-98e0ffaefb0f241cda3a72395d3be04192ae0d47.tar.gz src-test2-98e0ffaefb0f241cda3a72395d3be04192ae0d47.zip |
Notes
Diffstat (limited to 'usr.bin/ar')
-rw-r--r-- | usr.bin/ar/Makefile | 3 | ||||
-rw-r--r-- | usr.bin/ar/Makefile.depend | 6 | ||||
-rw-r--r-- | usr.bin/ar/read.c | 13 |
3 files changed, 18 insertions, 4 deletions
diff --git a/usr.bin/ar/Makefile b/usr.bin/ar/Makefile index 157d4113309c..7a6601a7d043 100644 --- a/usr.bin/ar/Makefile +++ b/usr.bin/ar/Makefile @@ -5,8 +5,7 @@ PROG= ar SRCS= ar.c acplex.l acpyacc.y read.c util.c write.c y.tab.h -DPADD= ${LIBARCHIVE} ${LIBELF} ${LIBZ} -LDADD= -larchive -lelf -lz +LIBADD= archive elf NO_WMISSING_VARIABLE_DECLARATIONS= diff --git a/usr.bin/ar/Makefile.depend b/usr.bin/ar/Makefile.depend index c8ce9caa1d3c..924359fe47d8 100644 --- a/usr.bin/ar/Makefile.depend +++ b/usr.bin/ar/Makefile.depend @@ -8,10 +8,16 @@ DIRDEPS = \ include/xlocale \ lib/${CSU_DIR} \ lib/libarchive \ + lib/libbz2 \ lib/libc \ lib/libcompiler_rt \ lib/libelf \ + lib/libexpat \ + lib/liblzma \ + lib/libthr \ lib/libz \ + secure/lib/libcrypto \ + usr.bin/yacc.host \ .include <dirdeps.mk> diff --git a/usr.bin/ar/read.c b/usr.bin/ar/read.c index e595869e4df0..704812cebb30 100644 --- a/usr.bin/ar/read.c +++ b/usr.bin/ar/read.c @@ -102,7 +102,8 @@ read_archive(struct bsdar *bsdar, char mode) continue; } - name = archive_entry_pathname(entry); + if ((name = archive_entry_pathname(entry)) == NULL) + break; /* Skip pseudo members. */ if (strcmp(name, "/") == 0 || strcmp(name, "//") == 0) @@ -186,7 +187,15 @@ read_archive(struct bsdar *bsdar, char mode) if (bsdar->options & AR_V) (void)fprintf(stdout, "x - %s\n", name); - flags = 0; + /* Disallow absolute paths. */ + if (name[0] == '/') { + bsdar_warnc(bsdar, 0, + "Absolute path '%s'", name); + continue; + } + /* Basic path security flags. */ + flags = ARCHIVE_EXTRACT_SECURE_SYMLINKS | + ARCHIVE_EXTRACT_SECURE_NODOTDOT; if (bsdar->options & AR_O) flags |= ARCHIVE_EXTRACT_TIME; |