[Stable 7] CPIO breakage/

Thu Jun 17 22:13:17 UTC 2010

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 2010/06/17 13:53, Peter Jeremy wrote:
> On 2010-Jun-15 17:22:50 -0700, Xin LI <delphij at delphij.net> wrote:
>> On 2010/06/15 17:05, Sean Bruno wrote:
>>> A little more background.  It looks like symlinks are getting stripped
>>> of their '/' which sucks.  Ideas?
> ...
>>> e.g. /home/foo/bar -> /opt/baz/blob
>>>
>>> becomes
>>>
>>> home/foo/bar -> opt/baz/blob   
>>>
>>> Yuck.
>>
>> This is a security measurement I think.
> 
> Can someone please explain how stripping a leading '/' off the
> destination of a symlink enhances security?  The destination is
> not being written to.
> 
>> --absolute-filenames disables this behavior.
> 
> This definitely reduces security and would seem to be far more
> dangerous than being able to create symlinks to absolute pathnames.

Sorry I have misunderstood the original issue.  It's the link target
being mangled and doesn't seem right to me.  I'll ask the author about this.

The attached patch should restore the old behavior.

Cheers,
- -- 
Xin LI <delphij at delphij.net>	http://www.delphij.net/
FreeBSD - The Power to Serve!	       Live free or die
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (FreeBSD)

iQEcBAEBCAAGBQJMGp3tAAoJEATO+BI/yjfBIkIH/0buRkFHzuflR49XomlHNk4Q
uG8uY9/tlyBH6hNTnAqOfjGZLRM500nIifathpIeMd5BNvt2m6OLnuCHlX0Fu7LV
nc83dS4nL1URp1gZqDrRcXTYMlV+2mASslyz/HpqJSIYx/sfKgRujWoqQr6Qufmu
qAMt0324UYIABlPo/M4tsU9LQoPheQLBq+FozcUvxwdoQsy5H1fCaNI4efwTpGNR
CLvBypCRw8ALnoOQAYWQXQF6x/tEO33Y5DVloDh1B/5haSTFmKJK8rlRucY6A731
QysspgLtRMJ7NWJfCbJr7mA/4aqqDMzg3bIZzkgYmGUoV0EsHy5tQQKdkz1I1Mw=
=A705
-----END PGP SIGNATURE-----
-------------- next part --------------
Index: contrib/cpio/src/copyout.c
===================================================================

--- contrib/cpio/src/copyout.c	(revision 209216)
+++ contrib/cpio/src/copyout.c	(working copy)
@@ -836,9 +836,6 @@ process_copy_out ()
 		    continue;
 		  }
 		link_name[link_size] = 0;
-		cpio_safer_name_suffix (link_name, false,
-					abs_paths_flag, true);
-		link_size = strlen (link_name);
 		file_hdr.c_filesize = link_size;
 		if (archive_format == arf_tar || archive_format == arf_ustar)
 		  {
Index: contrib/cpio/src/util.c
===================================================================
--- contrib/cpio/src/util.c	(revision 209216)
+++ contrib/cpio/src/util.c	(working copy)
@@ -1252,8 +1252,25 @@ stat_to_cpio (struct cpio_file_stat *hdr, struct s
   hdr->c_uid = CPIO_UID (st->st_uid);
   hdr->c_gid = CPIO_GID (st->st_gid);
   hdr->c_nlink = st->st_nlink;
-  hdr->c_rdev_maj = major (st->st_rdev);
-  hdr->c_rdev_min = minor (st->st_rdev);
+
+  switch (hdr->c_mode & CP_IFMT)
+  {
+    case CP_IFBLK:
+    case CP_IFCHR:
+#ifdef CP_IFIFO
+    case CP_IFIFO:
+#endif
+#ifdef CP_IFSOCK
+    case CP_IFSOCK:
+#endif
+      hdr->c_rdev_maj = major (st->st_rdev);
+      hdr->c_rdev_min = minor (st->st_rdev);
+      break;
+    default:
+      hdr->c_rdev_maj = 0;
+      hdr->c_rdev_min = 0;
+      break;
+  }
   hdr->c_mtime = st->st_mtime;
   hdr->c_filesize = st->st_size;
   hdr->c_chksum = 0;
