head 1.3; access; symbols pkgsrc-2018Q3:1.2.0.68 pkgsrc-2018Q3-base:1.2 pkgsrc-2018Q2:1.2.0.66 pkgsrc-2018Q2-base:1.2 pkgsrc-2018Q1:1.2.0.64 pkgsrc-2018Q1-base:1.2 pkgsrc-2017Q4:1.2.0.62 pkgsrc-2017Q4-base:1.2 pkgsrc-2017Q3:1.2.0.60 pkgsrc-2017Q3-base:1.2 pkgsrc-2017Q2:1.2.0.56 pkgsrc-2017Q2-base:1.2 pkgsrc-2017Q1:1.2.0.54 pkgsrc-2017Q1-base:1.2 pkgsrc-2016Q4:1.2.0.52 pkgsrc-2016Q4-base:1.2 pkgsrc-2016Q3:1.2.0.50 pkgsrc-2016Q3-base:1.2 pkgsrc-2016Q2:1.2.0.48 pkgsrc-2016Q2-base:1.2 pkgsrc-2016Q1:1.2.0.46 pkgsrc-2016Q1-base:1.2 pkgsrc-2015Q4:1.2.0.44 pkgsrc-2015Q4-base:1.2 pkgsrc-2015Q3:1.2.0.42 pkgsrc-2015Q3-base:1.2 pkgsrc-2015Q2:1.2.0.40 pkgsrc-2015Q2-base:1.2 pkgsrc-2015Q1:1.2.0.38 pkgsrc-2015Q1-base:1.2 pkgsrc-2014Q4:1.2.0.36 pkgsrc-2014Q4-base:1.2 pkgsrc-2014Q3:1.2.0.34 pkgsrc-2014Q3-base:1.2 pkgsrc-2014Q2:1.2.0.32 pkgsrc-2014Q2-base:1.2 pkgsrc-2014Q1:1.2.0.30 pkgsrc-2014Q1-base:1.2 pkgsrc-2013Q4:1.2.0.28 pkgsrc-2013Q4-base:1.2 pkgsrc-2013Q3:1.2.0.26 pkgsrc-2013Q3-base:1.2 pkgsrc-2013Q2:1.2.0.24 pkgsrc-2013Q2-base:1.2 pkgsrc-2013Q1:1.2.0.22 pkgsrc-2013Q1-base:1.2 pkgsrc-2012Q4:1.2.0.20 pkgsrc-2012Q4-base:1.2 pkgsrc-2012Q3:1.2.0.18 pkgsrc-2012Q3-base:1.2 pkgsrc-2012Q2:1.2.0.16 pkgsrc-2012Q2-base:1.2 pkgsrc-2012Q1:1.2.0.14 pkgsrc-2012Q1-base:1.2 pkgsrc-2011Q4:1.2.0.12 pkgsrc-2011Q4-base:1.2 pkgsrc-2011Q3:1.2.0.10 pkgsrc-2011Q3-base:1.2 pkgsrc-2011Q2:1.2.0.8 pkgsrc-2011Q2-base:1.2 pkgsrc-2011Q1:1.2.0.6 pkgsrc-2011Q1-base:1.2 pkgsrc-2010Q4:1.2.0.4 pkgsrc-2010Q4-base:1.2 pkgsrc-2010Q3:1.2.0.2 pkgsrc-2010Q3-base:1.2 pkgsrc-2010Q2:1.1.0.24 pkgsrc-2010Q2-base:1.1 pkgsrc-2010Q1:1.1.0.22 pkgsrc-2010Q1-base:1.1 pkgsrc-2009Q4:1.1.0.20 pkgsrc-2009Q4-base:1.1 pkgsrc-2009Q3:1.1.0.18 pkgsrc-2009Q3-base:1.1 pkgsrc-2009Q2:1.1.0.16 pkgsrc-2009Q2-base:1.1 pkgsrc-2009Q1:1.1.0.14 pkgsrc-2009Q1-base:1.1 pkgsrc-2008Q4:1.1.0.12 pkgsrc-2008Q4-base:1.1 pkgsrc-2008Q3:1.1.0.10 pkgsrc-2008Q3-base:1.1 cube-native-xorg:1.1.0.8 cube-native-xorg-base:1.1 pkgsrc-2008Q2:1.1.0.6 pkgsrc-2008Q2-base:1.1 cwrapper:1.1.0.4 pkgsrc-2008Q1:1.1.0.2; locks; strict; comment @# @; 1.3 date 2018.11.10.19.55.54; author wiz; state dead; branches; next 1.2; commitid 3IFRUrYhqbiA0rZA; 1.2 date 2010.09.28.17.50.07; author tnn; state Exp; branches; next 1.1; 1.1 date 2008.06.08.02.40.38; author tonnerre; state Exp; branches 1.1.2.1; next ; 1.1.2.1 date 2008.06.08.02.40.38; author tron; state dead; branches; next 1.1.2.2; 1.1.2.2 date 2008.06.08.12.46.49; author tron; state Exp; branches; next ; desc @@ 1.3 log @star: update to 1.5.4nb1. Packaged for wip by Michael Bäuerle. Changes: too many to list, last distfile was from 2003. @ text @$NetBSD: patch-ad,v 1.2 2010/09/28 17:50:07 tnn Exp $ --- star/extract.c.orig 2002-05-02 20:02:41.000000000 +0000 +++ star/extract.c @@@@ -92,6 +92,7 @@@@ EXPORT int xt_file __PR((FINFO * info, int (*)(void *, char *, int), void *arg, int amt, char* text)); EXPORT void skip_slash __PR((FINFO * info)); +LOCAL BOOL has_dotdot __PR((char *name)); EXPORT void extract(vhname) @@@@ -152,6 +153,12 @@@@ extract(vhname) if (is_symlink(&finfo) && same_symlink(&finfo)) { continue; } + if (!interactive && has_dotdot(finfo.f_name)) { + errmsgno(EX_BAD, "'%s' contains '..', skipping ...\n", + finfo.f_name); + void_file(&finfo); + return; + } if (interactive && !ia_change(ptb, &finfo)) { if (!nflag) fprintf(vpr, "Skipping ...\n"); @@@@ -169,6 +176,12 @@@@ extract(vhname) if (!make_dir(&finfo)) continue; } else if (is_link(&finfo)) { + if (!interactive && has_dotdot(finfo.f_lname)) { + errmsgno(EX_BAD, "'%s' contains '..', " + "skipping ...\n", finfo.f_lname); + void_file(&finfo); + return; + } if (!make_link(&finfo)) continue; } else if (is_symlink(&finfo)) { @@@@ -830,3 +843,25 @@@@ skip_slash(info) while (info->f_lname[0] == '/') info->f_lname++; } + +LOCAL BOOL +has_dotdot(name) + char *name; +{ + register char *p = name; + + while (*p) { + if ((p[0] == '.' && p[1] == '.') && + (p[2] == '/' || p[2] == '\0')) { + return (TRUE); + } + do { + if (*p++ == '\0') + return (FALSE); + } while (*p != '/'); + p++; + while (*p && *p == '/') /* Skip multiple slashes */ + p++; + } + return (FALSE); +} @ 1.2 log @fix local patch; void function cannot return vaule. reported by in #pkgsrc @ text @d1 1 a1 1 $NetBSD$ @ 1.1 log @Fix directory traversal vulnerability (CVE-2007-4134) in star. @ text @d3 1 a3 1 --- star/extract.c.orig 2002-05-02 22:02:41.000000000 +0200 d21 1 a21 1 + return (FALSE); d34 1 a34 1 + return (FALSE); @ 1.1.2.1 log @file patch-ad was added on branch pkgsrc-2008Q1 on 2008-06-08 12:46:49 +0000 @ text @d1 64 @ 1.1.2.2 log @Pullup ticket #2420 - requested by tonnerre Security patch for star Revisions pulled up: - archivers/star/Makefile 1.22 - archivers/star/distinfo 1.9 - archivers/star/patches/patch-ad 1.1 --- Module Name: pkgsrc Committed By: tonnerre Date: Sun Jun 8 02:40:38 UTC 2008 Modified Files: pkgsrc/archivers/star: Makefile distinfo Added Files: pkgsrc/archivers/star/patches: patch-ad Log Message: Fix directory traversal vulnerability (CVE-2007-4134) in star. @ text @a0 64 $NetBSD: patch-ad,v 1.1 2008/06/08 02:40:38 tonnerre Exp $ --- star/extract.c.orig 2002-05-02 22:02:41.000000000 +0200 +++ star/extract.c @@@@ -92,6 +92,7 @@@@ EXPORT int xt_file __PR((FINFO * info, int (*)(void *, char *, int), void *arg, int amt, char* text)); EXPORT void skip_slash __PR((FINFO * info)); +LOCAL BOOL has_dotdot __PR((char *name)); EXPORT void extract(vhname) @@@@ -152,6 +153,12 @@@@ extract(vhname) if (is_symlink(&finfo) && same_symlink(&finfo)) { continue; } + if (!interactive && has_dotdot(finfo.f_name)) { + errmsgno(EX_BAD, "'%s' contains '..', skipping ...\n", + finfo.f_name); + void_file(&finfo); + return (FALSE); + } if (interactive && !ia_change(ptb, &finfo)) { if (!nflag) fprintf(vpr, "Skipping ...\n"); @@@@ -169,6 +176,12 @@@@ extract(vhname) if (!make_dir(&finfo)) continue; } else if (is_link(&finfo)) { + if (!interactive && has_dotdot(finfo.f_lname)) { + errmsgno(EX_BAD, "'%s' contains '..', " + "skipping ...\n", finfo.f_lname); + void_file(&finfo); + return (FALSE); + } if (!make_link(&finfo)) continue; } else if (is_symlink(&finfo)) { @@@@ -830,3 +843,25 @@@@ skip_slash(info) while (info->f_lname[0] == '/') info->f_lname++; } + +LOCAL BOOL +has_dotdot(name) + char *name; +{ + register char *p = name; + + while (*p) { + if ((p[0] == '.' && p[1] == '.') && + (p[2] == '/' || p[2] == '\0')) { + return (TRUE); + } + do { + if (*p++ == '\0') + return (FALSE); + } while (*p != '/'); + p++; + while (*p && *p == '/') /* Skip multiple slashes */ + p++; + } + return (FALSE); +} @