diff options
| author | Nick Clifton <nickc@redhat.com> | 2014-11-06 14:49:10 +0000 |
|---|---|---|
| committer | Nick Clifton <nickc@redhat.com> | 2014-11-06 14:49:10 +0000 |
| commit | dd9b91de2149ee81d47f708e7b0bbf57da10ad42 (patch) | |
| tree | 9abc44b553f584ed318e6747e7f49d1095ea13c6 /binutils/objcopy.c | |
| parent | 834107255bbefceb445fa733ebc1ea5d9f41ec7f (diff) | |
| download | binutils-gdb-dd9b91de2149ee81d47f708e7b0bbf57da10ad42.tar.gz | |
Prevent archive memebers with illegal pathnames from being extracted from an archive.
PR binutils/17552, binutils/17533
* bucomm.c (is_valid_archive_path): New function. Returns false
for absolute pathnames and pathnames that include /../.
* bucomm.h (is_valid_archive_path): Add prototype.
* ar.c (extract_file): Use new function to check for valid
pathnames when extracting files from an archive.
* objcopy.c (copy_archive): Likewise.
* doc/binutils.texi: Update documentation to mention the
limitation on pathname of archive members.
Diffstat (limited to 'binutils/objcopy.c')
| -rw-r--r-- | binutils/objcopy.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/binutils/objcopy.c b/binutils/objcopy.c index 3b353ad168a..8454bc6b3cf 100644 --- a/binutils/objcopy.c +++ b/binutils/objcopy.c @@ -2295,6 +2295,12 @@ copy_archive (bfd *ibfd, bfd *obfd, const char *output_target, bfd_boolean del = TRUE; bfd_boolean ok_object; + /* PR binutils/17533: Do not allow directory traversal + outside of the current directory tree by archive members. */ + if (! is_valid_archive_path (bfd_get_filename (this_element))) + fatal (_("illegal pathname found in archive member: %s"), + bfd_get_filename (this_element)); + /* Create an output file for this member. */ output_name = concat (dir, "/", bfd_get_filename (this_element), (char *) 0); |