1 files changed, 20 insertions, 2 deletions
diff --git a/archival/tar.c b/archival/tar.c
index 1d6e63da0..150c6f393 100644
--- a/archival/tar.c
+++ b/archival/tar.c
@@ -23,9 +23,28 @@
 * Licensed under GPLv2 or later, see file LICENSE in this source tree.
 */
+/* TODO: security with -C DESTDIR option can be enhanced.
+ * Consider tar file created via:
+ * $ tar cvf bug.tar anything.txt
+ * $ ln -s /tmp symlink
+ * $ tar --append -f bug.tar symlink
+ * $ rm symlink
+ * $ mkdir symlink
+ * $ tar --append -f bug.tar symlink/evil.py
+ *
+ * This will result in an archive which contains:
+ * $ tar --list -f bug.tar
+ * anything.txt
+ * symlink
+ * symlink/evil.py
+ *
+ * Untarring it puts evil.py in '/tmp' even if the -C DESTDIR is given.
+ * This doesn't feel right, and IIRC GNU tar doesn't do that.
+ */
 #include <fnmatch.h>
 #include "libbb.h"
-#include "unarchive.h"
+#include "archive.h"
 /* FIXME: Stop using this non-standard feature */
 #ifndef FNM_LEADING_DIR
 # define FNM_LEADING_DIR 0
@@ -884,7 +903,6 @@ int tar_main(int argc UNUSED_PARAM, char **argv)
        /* Prepend '-' to the first argument if required */
        opt_complementary = "--:" // first arg is options
                "tt:vv:" // count -t,-v
-                "?:" // bail out with usage instead of error return
                "X::T::" // cumulative lists
 #if ENABLE_FEATURE_TAR_LONG_OPTIONS && ENABLE_FEATURE_TAR_FROM
                "\xff::" // cumulative lists for --exclude

diff --git a/archival/tar.c b/archival/tar.c index 1d6e63da0..150c6f393 100644 --- a/archival/tar.c +++ b/archival/tar.c
@@ -23,9 +23,28 @@
23	* Licensed under GPLv2 or later, see file LICENSE in this source tree.	23	* Licensed under GPLv2 or later, see file LICENSE in this source tree.
24	*/	24	*/
25		25
		26	/* TODO: security with -C DESTDIR option can be enhanced.
		27	* Consider tar file created via:
		28	* $ tar cvf bug.tar anything.txt
		29	* $ ln -s /tmp symlink
		30	* $ tar --append -f bug.tar symlink
		31	* $ rm symlink
		32	* $ mkdir symlink
		33	* $ tar --append -f bug.tar symlink/evil.py
		34	*
		35	* This will result in an archive which contains:
		36	* $ tar --list -f bug.tar
		37	* anything.txt
		38	* symlink
		39	* symlink/evil.py
		40	*
		41	* Untarring it puts evil.py in '/tmp' even if the -C DESTDIR is given.
		42	* This doesn't feel right, and IIRC GNU tar doesn't do that.
		43	*/
		44
26	#include <fnmatch.h>	45	#include <fnmatch.h>
27	#include "libbb.h"	46	#include "libbb.h"
28	#include "unarchive.h"	47	#include "archive.h"
29	/* FIXME: Stop using this non-standard feature */	48	/* FIXME: Stop using this non-standard feature */
30	#ifndef FNM_LEADING_DIR	49	#ifndef FNM_LEADING_DIR
31	# define FNM_LEADING_DIR 0	50	# define FNM_LEADING_DIR 0
@@ -884,7 +903,6 @@ int tar_main(int argc UNUSED_PARAM, char **argv)
884	/* Prepend '-' to the first argument if required */	903	/* Prepend '-' to the first argument if required */
885	opt_complementary = "--:" // first arg is options	904	opt_complementary = "--:" // first arg is options
886	"tt:vv:" // count -t,-v	905	"tt:vv:" // count -t,-v
887	"?:" // bail out with usage instead of error return
888	"X::T::" // cumulative lists	906	"X::T::" // cumulative lists
889	#if ENABLE_FEATURE_TAR_LONG_OPTIONS && ENABLE_FEATURE_TAR_FROM	907	#if ENABLE_FEATURE_TAR_LONG_OPTIONS && ENABLE_FEATURE_TAR_FROM
890	"\xff::" // cumulative lists for --exclude	908	"\xff::" // cumulative lists for --exclude