Skip to content
Snippets Groups Projects
Commit 295a8207 authored by Andrew Lee's avatar Andrew Lee
Browse files

Merge branch 'collabora' into 'collabora'

d/patches: add fix for CVE-2017-14804

See merge request !3
parents bdf3d880 e8111002
No related branches found
No related tags found
1 merge request!3d/patches: add fix for CVE-2017-14804
From: =?utf-8?b?SMOpY3RvciBPcsOzbiBNYXJ0w61uZXo=?=
<hector.oron@collabora.co.uk>
Date: Thu, 1 Mar 2018 11:45:58 +0100
Subject: CVE-2017-14804:Improve sanity checks in extractbuild
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
U2lnbmVkLW9mZi1ieTogSMOpY3RvciBPcsOzbiBNYXJ0w61uZXogPGhlY3Rvci5vcm9uQGNvbGxh
Ym9yYS5jby51az4K
---
extractbuild | 3 +++
1 file changed, 3 insertions(+)
diff --git a/extractbuild b/extractbuild
index d2d56ad..bbc36f3 100755
--- a/extractbuild
+++ b/extractbuild
@@ -74,6 +74,8 @@ while (<S>) {
my ($filetype, $file, $filesize, $blksize, @blocks) = split(/ /);
die("invalid input '$_'\n") unless defined($file);
$file =~ s/%([a-fA-F0-9]{2})/chr(hex($1))/ge;
+ die("bad file '$file' (contains \\0)\n") if $file =~ /\0/;
+ die("already processed: $file\n") if $done{$file};
die("bad file '$file'\n") if "/$file/" =~ /\/\.{0,2}\//s;
if ($file =~ /^(.*)\//s) {
die("file without directory: $file\n") unless $done{$1} && $done{$1} eq 'd';
@@ -88,6 +90,7 @@ while (<S>) {
my $target = $filesize;
die("symlink without target\n") unless defined $target;
$target =~ s/%([a-fA-F0-9]{2})/chr(hex($1))/ge;
+ die("bad symlink: $target (contains \\0)\n") if $target =~ /\0/;
die("bad symlink: $target\n") if "/$target/" =~ /\/\.?\//s;
if ("/$target/" =~ /^(\/\.\.)+\/(.*?)$/s) {
my ($head, $tail) = ($1, $2);
......@@ -22,3 +22,4 @@ build-pkg-deb-support-control.tar.xz.patch
Deb.pm-support-Build-Depends-Arch.patch
build-recipe-dsc-don-t-rebuild-the-source-package.patch
debootstrap-add-fallback-for-Debian-SID-distro.patch
CVE-2017-14804-Improve-sanity-checks-in-extractbuild.patch
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment