aboutsummaryrefslogtreecommitdiff
path: root/archival/unzip.c
diff options
context:
space:
mode:
authorDenys Vlasenko <vda.linux@googlemail.com>2017-08-10 11:52:42 +0200
committerDenys Vlasenko <vda.linux@googlemail.com>2017-08-10 11:52:42 +0200
commitbc9bbeb2b81001e8731cd2ae501c8fccc8d87cc7 (patch)
tree72672bb0c187b93f1fba99012cf0c4e716214298 /archival/unzip.c
parent0cf64c8b5d86d603903397bfce87dea5a862caec (diff)
downloadbusybox-w32-bc9bbeb2b81001e8731cd2ae501c8fccc8d87cc7.tar.gz
busybox-w32-bc9bbeb2b81001e8731cd2ae501c8fccc8d87cc7.tar.bz2
busybox-w32-bc9bbeb2b81001e8731cd2ae501c8fccc8d87cc7.zip
libarchive: do not extract unsafe symlinks unless $EXTRACT_UNSAFE_SYMLINKS=1
function old new delta unsafe_symlink_target - 147 +147 unzip_main 2711 2732 +21 copy_file 1657 1678 +21 tar_main 999 971 -28 data_extract_all 1038 984 -54 ------------------------------------------------------------------------------ (add/remove: 2/0 grow/shrink: 2/2 up/down: 189/-82) Total: 107 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Diffstat (limited to 'archival/unzip.c')
-rw-r--r--archival/unzip.c10
1 files changed, 8 insertions, 2 deletions
diff --git a/archival/unzip.c b/archival/unzip.c
index 8ed9ae7d5..604166063 100644
--- a/archival/unzip.c
+++ b/archival/unzip.c
@@ -368,9 +368,15 @@ static void unzip_extract_symlink(zip_header_t *zip, const char *dst_fn)
368 target[xstate.mem_output_size] = '\0'; 368 target[xstate.mem_output_size] = '\0';
369#endif 369#endif
370 } 370 }
371 if (!unsafe_symlink_target(target)) {
371//TODO: libbb candidate 372//TODO: libbb candidate
372 if (symlink(target, dst_fn)) 373 if (symlink(target, dst_fn)) {
373 bb_perror_msg_and_die("can't create symlink '%s'", dst_fn); 374 /* shared message */
375 bb_perror_msg_and_die("can't create %slink '%s' to '%s'",
376 "sym", dst_fn, target
377 );
378 }
379 }
374 free(target); 380 free(target);
375} 381}
376#endif 382#endif
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-16 15:16:38 +0000