diff options
| author | Nick Clifton <nickc@redhat.com> | 2014-11-06 14:49:10 +0000 |
|---|---|---|
| committer | Nick Clifton <nickc@redhat.com> | 2014-11-06 14:49:10 +0000 |
| commit | dd9b91de2149ee81d47f708e7b0bbf57da10ad42 (patch) | |
| tree | 9abc44b553f584ed318e6747e7f49d1095ea13c6 /binutils/ar.c | |
| parent | 834107255bbefceb445fa733ebc1ea5d9f41ec7f (diff) | |
| download | gdb-dd9b91de2149ee81d47f708e7b0bbf57da10ad42.zip gdb-dd9b91de2149ee81d47f708e7b0bbf57da10ad42.tar.gz gdb-dd9b91de2149ee81d47f708e7b0bbf57da10ad42.tar.bz2 | |
Prevent archive memebers with illegal pathnames from being extracted from an archive.
PR binutils/17552, binutils/17533
* bucomm.c (is_valid_archive_path): New function. Returns false
for absolute pathnames and pathnames that include /../.
* bucomm.h (is_valid_archive_path): Add prototype.
* ar.c (extract_file): Use new function to check for valid
pathnames when extracting files from an archive.
* objcopy.c (copy_archive): Likewise.
* doc/binutils.texi: Update documentation to mention the
limitation on pathname of archive members.
Diffstat (limited to 'binutils/ar.c')
| -rw-r--r-- | binutils/ar.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/binutils/ar.c b/binutils/ar.c index ebd9528..117826d 100644 --- a/binutils/ar.c +++ b/binutils/ar.c @@ -1034,6 +1034,15 @@ extract_file (bfd *abfd) bfd_size_type size; struct stat buf; + /* PR binutils/17533: Do not allow directory traversal + outside of the current directory tree. */ + if (! is_valid_archive_path (bfd_get_filename (abfd))) + { + non_fatal (_("illegal pathname found in archive member: %s"), + bfd_get_filename (abfd)); + return; + } + if (bfd_stat_arch_elt (abfd, &buf) != 0) /* xgettext:c-format */ fatal (_("internal stat error on %s"), bfd_get_filename (abfd)); |