termux-packages/packages/arj/security-traversal-dir.patch
Leonid Pliushch 47df9e73c1 move some packages from unstable repo
* algernon
* apg
* aptly
* arj
* codecrypt
* crunch
* cryptopp
* diskus
* google-glog
* hexyl
* jp2a
* libgfshare
* libmcrypt
* libmhash
* libmicrohttpd
* libnftnl
* libsigsegv
* lua-lpeg
* morse2ascii
* seccure
* secure-delete
* ssss
* steghide
* taglib
* unicorn
* vegeta
* vis
* wren
* wuzz
* zsync
2019-09-08 16:44:36 +03:00

34 lines
920 B
Diff

Description: Fix absolute path traversals.
Catch multiple leading slashes when checking for absolute path traversals.
.
Fixes CVE-2015-0557.
Author: Guillem Jover <guillem@debian.org>
Origin: vendor
Bug-Debian: https://bugs.debian.org/774435
Forwarded: no
Last-Update: 2015-02-26
---
environ.c | 3 +++
1 file changed, 3 insertions(+)
--- a/environ.c
+++ b/environ.c
@@ -1087,6 +1087,8 @@ static char *validate_path(char *name)
if(action!=VALIDATE_DRIVESPEC)
{
#endif
+ while (name[0]!='\0'&&
+ (name[0]=='.'||name[0]==PATHSEP_DEFAULT||name[0]==PATHSEP_UNIX)) {
if(name[0]=='.')
{
if(name[1]=='.'&&(name[2]==PATHSEP_DEFAULT||name[2]==PATHSEP_UNIX))
@@ -1096,6 +1098,7 @@ static char *validate_path(char *name)
}
if(name[0]==PATHSEP_DEFAULT||name[0]==PATHSEP_UNIX)
name++; /* "\\" - revert to root */
+ }
#if SFX_LEVEL>=ARJSFXV
}
}