FreeChainXenon/binutils-gdb
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Prevent archive memebers with illegal pathnames from being extracted from an archive.

Browse source 
PR binutils/17552, binutils/17533
	* bucomm.c (is_valid_archive_path): New function.  Returns false
	for absolute pathnames and pathnames that include /../.
	* bucomm.h (is_valid_archive_path): Add prototype.
	* ar.c (extract_file): Use new function to check for valid
	pathnames when extracting files from an archive.
	* objcopy.c (copy_archive): Likewise.
	* doc/binutils.texi: Update documentation to mention the
	limitation on pathname of archive members.
This commit is contained in:
Nick Clifton 2014-11-06 14:49:10 +00:00
parent 834107255b
commit dd9b91de21
6 changed files with 65 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

6
binutils/objcopy.c
View file

@ -2295,6 +2295,12 @@ copy_archive (bfd *ibfd, bfd *obfd, const char *output_target,
bfd_boolean del = TRUE;
bfd_boolean ok_object;
/* PR binutils/17533: Do not allow directory traversal
outside of the current directory tree by archive members. */
if (! is_valid_archive_path (bfd_get_filename (this_element)))
fatal (_("illegal pathname found in archive member: %s"),
bfd_get_filename (this_element));
/* Create an output file for this member. */
output_name = concat (dir, "/",
bfd_get_filename (this_element), (char *) 0);