wok-next annotate arj/stuff/patches/CVE-2015-0557-dir-traversal.patch @ rev 20244
Update bdeps: apache-mod-perl, codeblocks, tacacs+, thunar-archive-plugin, tuxpaint, xpenguins
| author | Aleksej Bobylev <al.bobylev@gmail.com> |
|---|---|
| date | Tue Nov 07 10:54:15 2017 +0200 (2017-11-07) |
| parents | |
| children |
| rev | line source |
|---|---|
| al@19715 | 1 Description: Fix absolute path traversals. |
| al@19715 | 2 Catch multiple leading slashes when checking for absolute path traversals. |
| al@19715 | 3 . |
| al@19715 | 4 Fixes CVE-2015-0557. |
| al@19715 | 5 Author: Guillem Jover <guillem@debian.org> |
| al@19715 | 6 Origin: vendor |
| al@19715 | 7 Bug-Debian: https://bugs.debian.org/774435 |
| al@19715 | 8 Forwarded: no |
| al@19715 | 9 Last-Update: 2015-02-26 |
| al@19715 | 10 |
| al@19715 | 11 --- |
| al@19715 | 12 environ.c | 3 +++ |
| al@19715 | 13 1 file changed, 3 insertions(+) |
| al@19715 | 14 |
| al@19715 | 15 --- a/environ.c |
| al@19715 | 16 +++ b/environ.c |
| al@19715 | 17 @@ -1087,6 +1087,8 @@ static char *validate_path(char *name) |
| al@19715 | 18 if(action!=VALIDATE_DRIVESPEC) |
| al@19715 | 19 { |
| al@19715 | 20 #endif |
| al@19715 | 21 + while (name[0]!='\0'&& |
| al@19715 | 22 + (name[0]=='.'||name[0]==PATHSEP_DEFAULT||name[0]==PATHSEP_UNIX)) { |
| al@19715 | 23 if(name[0]=='.') |
| al@19715 | 24 { |
| al@19715 | 25 if(name[1]=='.'&&(name[2]==PATHSEP_DEFAULT||name[2]==PATHSEP_UNIX)) |
| al@19715 | 26 @@ -1096,6 +1098,7 @@ static char *validate_path(char *name) |
| al@19715 | 27 } |
| al@19715 | 28 if(name[0]==PATHSEP_DEFAULT||name[0]==PATHSEP_UNIX) |
| al@19715 | 29 name++; /* "\\" - revert to root */ |
| al@19715 | 30 + } |
| al@19715 | 31 #if SFX_LEVEL>=ARJSFXV |
| al@19715 | 32 } |
| al@19715 | 33 } |