diff options
| author | Ron Yorston <rmy@pobox.com> | 2015-03-14 20:33:00 +0000 |
|---|---|---|
| committer | Ron Yorston <rmy@pobox.com> | 2015-03-14 20:33:00 +0000 |
| commit | a4f58436b78fe59e57620c6e0301f213ee25f273 (patch) | |
| tree | 8355f724926e605280af2d6f2b1ccc6b1bd02dee /archival/unzip.c | |
| parent | ba0c36cfcf84efbac6f89e27238e04bb57e9cd45 (diff) | |
| parent | 49acc1a7618a28d34381cbb7661d7c981fcb238f (diff) | |
| download | busybox-w32-a4f58436b78fe59e57620c6e0301f213ee25f273.tar.gz busybox-w32-a4f58436b78fe59e57620c6e0301f213ee25f273.tar.bz2 busybox-w32-a4f58436b78fe59e57620c6e0301f213ee25f273.zip | |
Merge branch 'busybox' into merge
Conflicts:
coreutils/od_bloaty.c
libbb/lineedit.c
Diffstat (limited to 'archival/unzip.c')
| -rw-r--r-- | archival/unzip.c | 35 |
1 files changed, 24 insertions, 11 deletions
diff --git a/archival/unzip.c b/archival/unzip.c index 1ef026a9f..d370203e8 100644 --- a/archival/unzip.c +++ b/archival/unzip.c | |||
| @@ -599,14 +599,18 @@ int unzip_main(int argc, char **argv) | |||
| 599 | /* Skip extra header bytes */ | 599 | /* Skip extra header bytes */ |
| 600 | unzip_skip(zip_header.formatted.extra_len); | 600 | unzip_skip(zip_header.formatted.extra_len); |
| 601 | 601 | ||
| 602 | /* Guard against "/abspath", "/../" and similar attacks */ | ||
| 603 | overlapping_strcpy(dst_fn, strip_unsafe_prefix(dst_fn)); | ||
| 604 | |||
| 602 | /* Filter zip entries */ | 605 | /* Filter zip entries */ |
| 603 | if (find_list_entry(zreject, dst_fn) | 606 | if (find_list_entry(zreject, dst_fn) |
| 604 | || (zaccept && !find_list_entry(zaccept, dst_fn)) | 607 | || (zaccept && !find_list_entry(zaccept, dst_fn)) |
| 605 | ) { /* Skip entry */ | 608 | ) { /* Skip entry */ |
| 606 | i = 'n'; | 609 | i = 'n'; |
| 607 | 610 | ||
| 608 | } else { /* Extract entry */ | 611 | } else { |
| 609 | if (listing) { /* List entry */ | 612 | if (listing) { |
| 613 | /* List entry */ | ||
| 610 | unsigned dostime = zip_header.formatted.modtime | (zip_header.formatted.moddate << 16); | 614 | unsigned dostime = zip_header.formatted.modtime | (zip_header.formatted.moddate << 16); |
| 611 | if (!verbose) { | 615 | if (!verbose) { |
| 612 | // " Length Date Time Name\n" | 616 | // " Length Date Time Name\n" |
| @@ -642,9 +646,11 @@ int unzip_main(int argc, char **argv) | |||
| 642 | total_size += zip_header.formatted.cmpsize; | 646 | total_size += zip_header.formatted.cmpsize; |
| 643 | } | 647 | } |
| 644 | i = 'n'; | 648 | i = 'n'; |
| 645 | } else if (dst_fd == STDOUT_FILENO) { /* Extracting to STDOUT */ | 649 | } else if (dst_fd == STDOUT_FILENO) { |
| 650 | /* Extracting to STDOUT */ | ||
| 646 | i = -1; | 651 | i = -1; |
| 647 | } else if (last_char_is(dst_fn, '/')) { /* Extract directory */ | 652 | } else if (last_char_is(dst_fn, '/')) { |
| 653 | /* Extract directory */ | ||
| 648 | if (stat(dst_fn, &stat_buf) == -1) { | 654 | if (stat(dst_fn, &stat_buf) == -1) { |
| 649 | if (errno != ENOENT) { | 655 | if (errno != ENOENT) { |
| 650 | bb_perror_msg_and_die("can't stat '%s'", dst_fn); | 656 | bb_perror_msg_and_die("can't stat '%s'", dst_fn); |
| @@ -658,22 +664,27 @@ int unzip_main(int argc, char **argv) | |||
| 658 | } | 664 | } |
| 659 | } else { | 665 | } else { |
| 660 | if (!S_ISDIR(stat_buf.st_mode)) { | 666 | if (!S_ISDIR(stat_buf.st_mode)) { |
| 661 | bb_error_msg_and_die("'%s' exists but is not directory", dst_fn); | 667 | bb_error_msg_and_die("'%s' exists but is not a %s", |
| 668 | dst_fn, "directory"); | ||
| 662 | } | 669 | } |
| 663 | } | 670 | } |
| 664 | i = 'n'; | 671 | i = 'n'; |
| 665 | 672 | ||
| 666 | } else { /* Extract file */ | 673 | } else { |
| 674 | /* Extract file */ | ||
| 667 | check_file: | 675 | check_file: |
| 668 | if (stat(dst_fn, &stat_buf) == -1) { /* File does not exist */ | 676 | if (stat(dst_fn, &stat_buf) == -1) { |
| 677 | /* File does not exist */ | ||
| 669 | if (errno != ENOENT) { | 678 | if (errno != ENOENT) { |
| 670 | bb_perror_msg_and_die("can't stat '%s'", dst_fn); | 679 | bb_perror_msg_and_die("can't stat '%s'", dst_fn); |
| 671 | } | 680 | } |
| 672 | i = 'y'; | 681 | i = 'y'; |
| 673 | } else { /* File already exists */ | 682 | } else { |
| 683 | /* File already exists */ | ||
| 674 | if (overwrite == O_NEVER) { | 684 | if (overwrite == O_NEVER) { |
| 675 | i = 'n'; | 685 | i = 'n'; |
| 676 | } else if (S_ISREG(stat_buf.st_mode)) { /* File is regular file */ | 686 | } else if (S_ISREG(stat_buf.st_mode)) { |
| 687 | /* File is regular file */ | ||
| 677 | if (overwrite == O_ALWAYS) { | 688 | if (overwrite == O_ALWAYS) { |
| 678 | i = 'y'; | 689 | i = 'y'; |
| 679 | } else { | 690 | } else { |
| @@ -681,8 +692,10 @@ int unzip_main(int argc, char **argv) | |||
| 681 | my_fgets80(key_buf); | 692 | my_fgets80(key_buf); |
| 682 | i = key_buf[0]; | 693 | i = key_buf[0]; |
| 683 | } | 694 | } |
| 684 | } else { /* File is not regular file */ | 695 | } else { |
| 685 | bb_error_msg_and_die("'%s' exists but is not regular file", dst_fn); | 696 | /* File is not regular file */ |
| 697 | bb_error_msg_and_die("'%s' exists but is not a %s", | ||
| 698 | dst_fn, "regular file"); | ||
| 686 | } | 699 | } |
| 687 | } | 700 | } |
| 688 | } | 701 | } |