diff options
| author | Nguyễn Thái Ngọc Duy <pclouds@gmail.com> | 2011-01-04 19:56:15 +0700 |
|---|---|---|
| committer | Nguyễn Thái Ngọc Duy <pclouds@gmail.com> | 2011-01-04 19:56:15 +0700 |
| commit | 5f6f2162512106adf120d4b528bb125e93e34429 (patch) | |
| tree | 7d7449f755633c263be7125ad58d21cc3ca5b8a7 /archival/tar.c | |
| parent | 9db69882bee2d528d706d61d34ef7741122330be (diff) | |
| parent | a116552869db5e7793ae10968eb3c962c69b3d8c (diff) | |
| download | busybox-w32-5f6f2162512106adf120d4b528bb125e93e34429.tar.gz busybox-w32-5f6f2162512106adf120d4b528bb125e93e34429.tar.bz2 busybox-w32-5f6f2162512106adf120d4b528bb125e93e34429.zip | |
Merge remote-tracking branch 'upstream/master'
Diffstat (limited to 'archival/tar.c')
| -rw-r--r-- | archival/tar.c | 22 |
1 files changed, 20 insertions, 2 deletions
diff --git a/archival/tar.c b/archival/tar.c index 1d6e63da0..150c6f393 100644 --- a/archival/tar.c +++ b/archival/tar.c | |||
| @@ -23,9 +23,28 @@ | |||
| 23 | * Licensed under GPLv2 or later, see file LICENSE in this source tree. | 23 | * Licensed under GPLv2 or later, see file LICENSE in this source tree. |
| 24 | */ | 24 | */ |
| 25 | 25 | ||
| 26 | /* TODO: security with -C DESTDIR option can be enhanced. | ||
| 27 | * Consider tar file created via: | ||
| 28 | * $ tar cvf bug.tar anything.txt | ||
| 29 | * $ ln -s /tmp symlink | ||
| 30 | * $ tar --append -f bug.tar symlink | ||
| 31 | * $ rm symlink | ||
| 32 | * $ mkdir symlink | ||
| 33 | * $ tar --append -f bug.tar symlink/evil.py | ||
| 34 | * | ||
| 35 | * This will result in an archive which contains: | ||
| 36 | * $ tar --list -f bug.tar | ||
| 37 | * anything.txt | ||
| 38 | * symlink | ||
| 39 | * symlink/evil.py | ||
| 40 | * | ||
| 41 | * Untarring it puts evil.py in '/tmp' even if the -C DESTDIR is given. | ||
| 42 | * This doesn't feel right, and IIRC GNU tar doesn't do that. | ||
| 43 | */ | ||
| 44 | |||
| 26 | #include <fnmatch.h> | 45 | #include <fnmatch.h> |
| 27 | #include "libbb.h" | 46 | #include "libbb.h" |
| 28 | #include "unarchive.h" | 47 | #include "archive.h" |
| 29 | /* FIXME: Stop using this non-standard feature */ | 48 | /* FIXME: Stop using this non-standard feature */ |
| 30 | #ifndef FNM_LEADING_DIR | 49 | #ifndef FNM_LEADING_DIR |
| 31 | # define FNM_LEADING_DIR 0 | 50 | # define FNM_LEADING_DIR 0 |
| @@ -884,7 +903,6 @@ int tar_main(int argc UNUSED_PARAM, char **argv) | |||
| 884 | /* Prepend '-' to the first argument if required */ | 903 | /* Prepend '-' to the first argument if required */ |
| 885 | opt_complementary = "--:" // first arg is options | 904 | opt_complementary = "--:" // first arg is options |
| 886 | "tt:vv:" // count -t,-v | 905 | "tt:vv:" // count -t,-v |
| 887 | "?:" // bail out with usage instead of error return | ||
| 888 | "X::T::" // cumulative lists | 906 | "X::T::" // cumulative lists |
| 889 | #if ENABLE_FEATURE_TAR_LONG_OPTIONS && ENABLE_FEATURE_TAR_FROM | 907 | #if ENABLE_FEATURE_TAR_LONG_OPTIONS && ENABLE_FEATURE_TAR_FROM |
| 890 | "\xff::" // cumulative lists for --exclude | 908 | "\xff::" // cumulative lists for --exclude |